问题
I have a login page (username/password inputs) that doesn't load/show. Instead, when launching the app, all that shows is "Unauthorized".
This is from a command in Authenticate.php that I have included further below.
My routes.php:
$app->get('/', 'PageController@index');
$app->group(['middleware' => 'middleware.auth'], function ($app) {
$app->post('/', ['uses' => 'AuthenticationController@login']);
});
My PageController.php:
namespace App\Http\Controllers;
use App\User;
class PageController extends Controller
{
public function __construct()
{
//
}
public function index() {
return view('login');
}
}
My AuthenticationController.php:
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\User;
use Auth;
class AuthenticationController extends Controller
{
public function __construct()
{
//
}
public function login(Request $request) {
$credentials = $request->only(['email','password']);
if (Auth::attempt($credentials, $request->has('remember'))) {
return'logged in';
} else {
return 'not logged in';
}
}
}
Here's Authenticate.php located in 'app\Http\Middleware:
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Contracts\Auth\Factory as Auth;
class Authenticate
{
/**
* The authentication guard factory instance.
*
* @var \Illuminate\Contracts\Auth\Factory
*/
protected $auth;
/**
* Create a new middleware instance.
*
* @param \Illuminate\Contracts\Auth\Factory $auth
* @return void
*/
public function __construct(Auth $auth)
{
$this->auth = $auth;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
if ($this->auth->guard($guard)->guest()) {
return response('Unauthorized.', 401);
}
return $next($request);
}
}
There might be a better way to go about what I'm trying to do, so if there is, please demonstrate to me what that is.
But why am I seeing the Unauthorized when my app loads? How can I fix this?
回答1:
Looks like you're checking whether a user is authenticated before the AuthenticationController@login method can be called. You need to remove the middleware auth from the post / route, as essentially what is happening is;
- Homepage (
$app->get('/'...) opens fine because there is no auth middleware defined for this route - When you post the login form, Lumen is told that only authenticated users can access that page because of the middleware.auth defined against your
POST /route.
This should work:
routes.php
$app->get('/', 'PageController@index');
$app->post('/', ['uses' => 'AuthenticationController@login']);
$app->group(['middleware' => 'middleware.auth'], function ($app) {
$app->get('/user/dashboard', ['uses' => 'Controller@method']);
});
With that, any one can see and submit your login page, but only logged in users can access the URL /user/dashboardA. The rest of the code looks fine.
来源:https://stackoverflow.com/questions/39022337/how-to-use-authentication-for-user-login-in-lumen-why-do-i-see-unauthorized-u