Shulou(Shulou.com)05/31 Report--

Most people do not understand the knowledge points of this article "Laravel single user login", so the editor summarizes the following contents, detailed contents, clear steps, and has a certain reference value. I hope you can get something after reading this article. Let's take a look at this "Laravel single user login how to achieve" article.

Take laravel-admin as an example to log in here

Encore\ Admin\ Controllers\ AuthController.php is modified to separate the method without modification on the source file.

Add code

Use Illuminate\ Support\ Facades\ Session;use Illuminate\ Support\ Facades\ Redis

Modify the postLogin () method

If ($this- > guard ()-> attempt ($credentials, $remember)) {/ / return $this- > sendLoginResponse ($request); / / this comment is modified to the following return $this- > sendLoginResponse ($request,$credentials);}

Modify the sendLoginResponse () method

Protected function sendLoginResponse (Request $request,$credentials) {admin_toastr (trans ('admin.login_successful')); $request- > session ()-> regenerate (); / / return redirect ()-> intended ($this- > redirectPath ()); / / make token return $this- > createtoken ($credentials,$request);}

Add createtoken () method

Protected function createtoken ($credentials,$request) {/ / General token if (! Redis::get ('STRING_SINGLETOKEN_MAJOR_'.) for multiple devices on the same LAN $credentials ['username']) {$time = time (); / / the current time is stored in Redis Redis::set (' STRING_SINGLETOKEN_MAJOR_'. $credentials ['username'], $time);} / / the local area network is not common but the device is used / / $time= time () above; $time=Redis::get (' STRING_SINGLETOKEN_MAJOR_'.) Credentials ['username']); / / md5 encryption $singleToken = md5 ($request- > getClientIp (). $credentials ['username']. $time. 'onlykey'); Redis::set (' SINGLETOKEN_MAJOR_'. $credentials ['username'], $singleToken); / / user information is stored in Session Session::put (' user_login', $credentials ['username']); return redirect ()-> intended ($this- > redirectPath ());}

First of all, after logging in successfully, get the current timestamp, through IP, time, query the user's username and the unique anti-theft string onlykey,onlykey can be any character, MD5 encryption, get TOKEN. Then we put the timestamp and token we just got into Redis, and Redis Key concatenates the string with username to facilitate the TOKEN verification of the following middleware, and then we store the user information in Session.

Create middleware

The popular point of middleware is that when you access the method, you will verify the content of the middleware in advance and verify that you can access the method.

Command to create middleware

/ / run php artisan make:middleware SsoMiddleware in the project root directory

The above command generates a SsoMiddleware.php file under app/Http/Middleware and adds middleware to app/Http/ Kernel.php

Add the following to protected $routeMiddleware = []

'SsoMiddleware' = >\ App\ Http\ Middleware\ SsoMiddleware::class

Now go to the middleware to write the program app/Http/Middleware/SsoMiddleware.php, there is a handle method in the file, we write logic in this method.

Public function handle ($request, Closure $next) {$prefix=config ('admin.route.prefix'); $array= [' /'. $prefix.'/auth/login','/'.$prefix.'/auth/logout','/'.$prefix.'/auth/clearsession']; $username= Session::get ('user_login'); $url=$request- > getRequestUri () If (in_array ($url,$array)) {return $next ($request); exit;} if ($username) {/ / get token $singletoken = Redis::get ('SINGLETOKEN_MAJOR_'.$username) in Cookie If ($singletoken) {/ / get time $redisTime = Redis::get ('STRING_SINGLETOKEN_MAJOR_'.) from Redis $username); / / re-obtain encryption parameters encryption $ip = $request- > getClientIp (); $secret = md5 ($ip. $username. $redisTime.'onlykey'); if ($singletoken! = $secret) {/ / record this abnormal login record / /\ DB::table ('data_login_exception')-> insert ([' guid' = > $userInfo- > guid, 'ip' = > $ip,' addtime' = > time ()]) / / erase session data / / abort ('404pm' you may have come to a desert without knowledge'); / / return redirect ('/'. $prefix.'/auth/logout'); / / $request- > session ()-> invalidate () $data = ['message' = >' your account logs in to another location..!' , 'url' = >' /'. $prefix.'/auth/clearsession', 'jumpTime' = > 5,' status' = > 'error']; / / display template and data return response ()-> view (' errors/Prompt',compact ('data')) } return $next ($request);} else {return redirect ('/'. $prefix.'/auth/logout');}} else {return redirect ('/'. $prefix.'/auth/logout');}}

What is done in the above middleware is to obtain the data stored in the Session of the user as the first judgment, if through the judgment, enter the second judgment, first obtain the token and the timestamp stored in Redis, take out the security order and encrypt it with IP,username,time,onlykey,MD5, and then compare it with the token obtained by the client.

This download is required for the prompt style of errors/Prompt.

Clear the clearsession () method

Public function clearsession (Request $request) {$prefix=config ('admin.route.prefix'); return redirect (' /'. $prefix.'/auth/logout');} routing group

We have finished the logic, and the last step is to control every step after the user logs in. Here we need the routing group.

Modify config/admin.php

'middleware' = > [' web', 'admin','SsoMiddleware'], the above is the content of this article on "how to achieve Laravel single user login". I believe everyone has a certain understanding. I hope the content shared by the editor will be helpful to you. If you want to learn more about the relevant knowledge, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.