Laravel如何实现会话超时后锁屏

Question

我从网上尝试了很多方法，但都无法实现，希望有人能给我一个实现思路或方法，谢谢大家的帮助。

Answer 1

让我举个例子。在app\Http\Middleware 文件夹中定义一个SessionTimeout 中间件。

<?php

namespace App\Http\Middleware;

use Closure;
use Auth;
use Session;

class SessionTimeout
{


     /**
     * Check the incoming request for session data, log out if session lifetime is exceeded.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */

     public function handle($request, Closure $next)
     {

        //$isLoggedIn = $request->path() != '/logout';

        $bag = Session::getMetadataBag();

        $max = $this->getTimeOut();

        if (($bag && $max < (time() - $bag->getLastUsed()))) {

            //$cookie = cookie('intend', $isLoggedIn ? url()->current() : 'auth/login');

            $email = Auth::user()->email;

            $returnPath = url()->current();

            $request->session()->flush(); // remove all the session data

            Auth::logout(); // logout user

            return redirect('auth/login')
                    ->withInput(compact('email', 'returnPath'))
                    //->withCookie($cookie)
                    ->withErrors(['Please login']);
            //you could also redirect to lock-screen, a completely different view 
            //and then pass the returnPath to controller method maybe via hidden filed
            //to redirect to the last page/path the user was on 
            //after successful re-login from the lock-screen.
        }

        return $next($request);


     }

     /**
     * Set a variable in .env file TIMEOUT (in seconds) to play around in the development machine.
     */
     protected function getTimeOut()
     {
        return (env('TIMEOUT')) ?: (config('session.lifetime') * 60);
     }
}  

将SessionTimeout 添加到app\Http\Kernel.php

class Kernel extends HttpKernel {
 /**
 * The application's global HTTP middleware stack.
 *
 * @var array
 */
 protected $middleware = [
      'Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode',
      'Illuminate\Cookie\Middleware\EncryptCookies',
      'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse',
      'Illuminate\Session\Middleware\StartSession',
      'Illuminate\View\Middleware\ShareErrorsFromSession',
      'App\Http\Middleware\SessionTimeout'
 ];
 /**
 * The application's route middleware.
 *
 * @var array
 */
 protected $routeMiddleware = [
      'auth' => 'App\Http\Middleware\Authenticate',
      'auth.basic' => 'Illuminate\Auth\Middleware\AuthenticateWithBasicAuth',
      'guest' => 'App\Http\Middleware\RedirectIfAuthenticated'
 ];

}

然后在视图中登录表单一般在resources\views\auth\login.blade.php

@extend('app-layout')
@section('content')
    //code to display errors here

    @if($email) //check if the request has $email returned by SessionTimeout middleware
        //if so display lock screen like
        //code to display the profile image
        //code to display the user email (or whatever id is used)
    @else
        //display email input field for a new login
        //code to input the email (whatever id is used) for a new login
    @endif
    //here the code common for lock screen as well as new login.
    //code to display input password 
    //code for submit button and rest of the things like remember me field
@stop  

您还可以将部分用于锁定屏幕和基于@if($email) 的新登录表单和显示。

希望这能让你开始。

Answer 2

假设您正在使用会话驱动程序来处理您的身份验证，您可以更改空闲会话到期的时间段

/app/config/session.php 文件。

/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to immediately expire on the browser closing, set that option.
|
*/

'lifetime' => 120,    // minutes

'expire_on_close' => false,