Laravel 中的 guest 和 auth 中间件有什么区别？

Question

//kernel.php

protected $routeMiddleware = [
    'auth' => \App\Http\Middleware\Authenticate::class,
    'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
    'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
    'can' => \Illuminate\Auth\Middleware\Authorize::class,
    'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
    'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
    'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
    'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
];

我应该使用什么，身份验证或访客中间件进行身份验证？ auth 和 guest 中间件有什么区别？

Answer 1

auth 中间件 - 用于会话身份验证。 auth 中间件检查用户是否经过身份验证。如果用户没有会话，则此路由会将请求重定向到登录路由。

    /**
     * Get the path the user should be redirected to when they are not authenticated.
     *
     */
    protected function redirectTo($request)
    {
        if (! $request->expectsJson()) {
            return route('login');
        }
    }

guest middleware - 这个中间件逻辑是如果用户登录，将他们重定向到RouteServiceProvider::HOME。

    public function handle(Request $request, Closure $next, ...$guards)
    {
        $guards = empty($guards) ? [null] : $guards;

        foreach ($guards as $guard) {
            if (Auth::guard($guard)->check()) {
                return redirect(RouteServiceProvider::HOME);
            }
        }

        return $next($request);
    }

您可以在App\Providers\RouteServiceProvider中设置RouteServiceProvider::HOME路径

Answer 2

身份验证中间件

确定用户是否登录到任何守卫。如果未登录，则会抛出AuthenticationException 并重定向到登录页面。

访客中间件

这里它会检查用户是否登录到任何守卫。如果是，它会重定向到RouteServiceProvider::HOME提到的页面。否则它会传递到请求的页面。

如果您想保护您的路由免受非登录用户的攻击，请使用auth middleware