问题
I have a Login which redirects you to '/admin' or '/user' depending on which role is saved in the Database. But I have the problem if someone logs in as User and gets redirected to '/user' he can type '/admin' in the URL and gets redirected there. So I guess I need a validation of the assigned role everytime the Page reloads.
Do you guys have any tips on that?
回答1:
In addition to just an auth filter, I also have an auth.admin filter set up that will check to see if the user is set to an admin. If not, it will redirect to the home page: code
Then add all of your admin routes into a group with the auth.admin filter set:
Route::group(array('prefix' => 'admin', 'before' => 'auth.admin'), function()
{
// admin routes here
}
来源:https://stackoverflow.com/questions/25686141/authentication-check-each-time-the-page-reloads