默认Laravel登录尝试方法返回bool但我想修改它并获得另一个结果如果用户存在但用户的状态是被动的。
我不想更改laravel供应商目录中的任何代码。我可以在LoginController中轻松编写自己的登录方法,如AuthenticatesUsers::login(),但问题是SessionGuard::attempt()有自己的生命周期,它不是LoginController使用它的特征。
以下是SessionGuard::attempt()方法的原始版本。
public function attempt(array $credentials = [], $remember = false, $login = false)
{
$this->fireAttemptEvent($credentials, $remember, $login);
$this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials);
// If an implementation of UserInterface was returned, we'll ask the provider
// to validate the user against the given credentials, and if they are in
// fact valid we'll log the users into the application and return true.
if ($this->hasValidCredentials($user, $credentials)) {
if ($login) {
$this->login($user, $remember);
}
return true;
}
// If the authentication attempt fails we will fire an event so that the user
// may be notified of any suspicious attempts to access their account from
// an unrecognized user. A developer may listen to this event as needed.
if ($login) {
$this->fireFailedEvent($user, $credentials);
}
return false;
}
注意:
$credentials = [
'email' => $request->input('email'),
'password' => $request->input('password'),
'status_id' => 1
];
但我想删除status_id字段,如果用户的status_id不是1,我想向用户显示消息。
基本上我只想覆盖SessionGuard::attempt()方法,就像这样。
public function attempt(array $credentials = [], $remember = false, $login = false)
{
$this->fireAttemptEvent($credentials, $remember, $login);
$this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials);
// If an implementation of UserInterface was returned, we'll ask the provider
// to validate the user against the given credentials, and if they are in
// fact valid we'll log the users into the application and return true.
if ($this->hasValidCredentials($user, $credentials)) {
//User exists but user's status_id is not 1
if($user->status_id != 1)
return 2; // 2 for passive accounts
if ($login) {
$this->login($user, $remember);
}
return 1; //for active accounts
}
// If the authentication attempt fails we will fire an event so that the user
// may be notified of any suspicious attempts to access their account from
// an unrecognized user. A developer may listen to this event as needed.
if ($login) {
$this->fireFailedEvent($user, $credentials);
}
return 0; // for non exists acounts
}
我怎么能做到这一点?
答案 0 :(得分:2)
您可以在控制器的登录功能(通常是LoginController)中执行此操作
您首先会向用户发送一封唯一的电子邮件。然后检查帐户是否包含变量。如果是,您可以尝试登录用户,否则可能会抛出错误。
class LoginController extends Controller
{
use AuthenticatesUsers;
public function login(Request $request) {
$this->validateLogin($request);
// If the class is using the ThrottlesLogins trait, we can automatically throttle
// the login attempts for this application. We'll key this by the username and
// the IP address of the client making these requests into this application.
if ($this->hasTooManyLoginAttempts($request)) {
$this->fireLockoutEvent($request);
return $this->sendLockoutResponse($request);
}
$user = App\User::where('email', $request->get('email'))->first();
if ($user && $user->status_id == 1 && $this->attemptLogin($request)) {
return $this->sendLoginResponse($request);
}
// If the login attempt was unsuccessful we will increment the number of attempts
// to login and redirect the user back to the login form. Of course, when this
// user surpasses their maximum number of attempts they will get locked out.
$this->incrementLoginAttempts($request);
return $this->sendFailedLoginResponse($request);
}
}