Laravel realizes separate login between front and back users

Time:2019-11-5

In many cases, we need to perform different login operations in the foreground and background to limit user rights. Now we use laravel to achieve this requirement.

Foreplay

I. acquiring laravel

This is explained in the document and is relatively simple. You can use composer to download (I download slowly), and I will copy the empty items downloaded before.

II. Modify the configuration file

In this step, I only modify the database configuration in the. Env file.

III. operation project

At the project root, run

php artisan serve

 

Enter http://127.0.0.1:8000 in the browser to access your own project.

Get to the point

There are two ways to separate the front and back users, using two data tables or one data table.

I. use two tables (foreground user table and background user table)

1. Create data table

Run at project root

php artisan make:migration create_users_table

Executing the above command will generate the migration file XXXX ﹣ create ﹣ users ﹣ table.php in the database / migrations directory. This file is available when downloading the project and can be modified directly. Of course, it doesn’t matter to generate one more.

Modify XXXX ﹣ create ﹣ users ﹣ table.php file (if the above command has been executed, pay attention to the date of the XXXX part of the file when modifying, and do not make any mistakes).

 

Here I add an extra field to judge whether the user is allowed to log in.

Perform the migration after the modification is complete.

php artisan migrate

 

After successful execution, the corresponding table will be generated in the configured database

 

The users table is the foreground user table we want to use, and then generate a background user table in the same way

Function
php artisan make:migration create_admins_table

Modify the contents of XXXXX ﹣ create ﹣ admins ﹣ table.php

Perform migration:
php artisan:migrate

Here, the two data tables are finished.

2. Basic login

Run the PHP artican make: auth command

 

You will see that there is more user.php in the app directory.

Create a new models directory under the app directory to store the model, and move user.php to the models directory.
Modify the content in user.php (you can save many operations without moving).

 

Changed to:

 

Open auth.php in the config folder

Change to

 

Then open the HTTP / controllers folder, which has an additional auth folder, which contains the controller we registered for login.

Open the web.php file in the routes folder and modify it

 

For:

 

When refreshing the browser page, you will find that you have jumped to the login interface. Of course, no data has been added to the user table at present. Now add data to the user table:

Function

php artisan make:seeder UsersTableSeeder

 

After running successfully, the userstableseeder.php file will be generated in the database / seeds directory. Open the file, and add the following content in the run method:

 

Then open databaseseeder.php and add:

 

After writing, run composer dump autoload

Now run PHP artican DB: Seed

 

To view a data table:

 

The user you just created already exists. Log in and find that you can access it successfully.

3. Realize the slightly complex login of the foreground user

We set the active field to verify whether the user is allowed to log in. However, the active field is not verified at present. Next, we need to verify the active field.
(1) change the active field in the users table to 0.
(2) modify vendor / laravel / framework / SRC / illuminate / auth / sessionguard.php

 

And in the attempt method:

 

(3) in the resources / Lang folder en folder, open auth.php and add:

'active' => 'This account is not allowed to login.'

(4) modify the blade template file:

 

Then log in again with the previous account password, and an error message will be prompted:

 

4. Realize background user login (separate front and back platform login)

For security reasons, background users are not allowed to remember passwords, so the foreground uses different login interfaces.
Because it is implemented by two tables, the operation database is not the same.
(1) add a background user, which is the same as adding a foreground user, and generate and run the seeder
(2) add the admin model (pay attention to the inheritance of the model and the use of TRAIL)
(3) add route and controller

 

And add index method to the controller

 

As you can see above, the middleware we use is auth, which will be the same as the foreground login, but now it is the background login.

(4) custom middleware (the default middleware location is app \ http \ middlewares)
php artisan make:middleware AuthAdmin

The modification is as follows:

 

 php artisan make:middleware GuestAdmin

The modification is as follows:

 

(5) open the kernel.php file in HTTP directory, and add:

 

Now modify the previous route:

 

Now if you directly access 127.0.0.1:8000/admin, you will be prompted that the logincontroller does not exist. We can copy the logincontroller under the auth folder to the controllers directory, or create a new one.

The contents of the modification are as follows:

 

Create a new view file login.blade.php, copy the login.blade.php under the auth folder to the current view file, remove the checkbox, modify the submission address to route (‘admin. Login ‘), and save.

then… It’s OK.

2. One table implementation (the same table is distinguished by fields)

Based on the two table implementations, we modify the following:
1. Add the type field in the users table (0 is the foreground user and 1 is the background user).
2. Add user information:

 

 3. Modify route file

 

 4. Modify the logincontroller.php file

 

 Delete guard method and add credentials method

 

 At present, it has basically implemented single table front and back login, but now there are bugs.

If I log in to the user when I access localhost: 8000, I can also access the background by directly entering localhost: 8000 / admin in the browser address bar, but the user does not have permission, so there is a big security risk. I think so. Add one more judgment in the middleware to see if the user has permission to enter the background, if not If you have, you can go back to the previous page. If you have, you can access it.

 

 Displays error messages in the view layer.

Open layout / app.blade.php and add JavaScript code at the end of the file:

 

 

OVER!