在 laravel 5.2 中禁用特定路由的 Web 中间件

【问题标题】:disable web middleware for specific routes in laravel 5.2在 laravel 5.2 中禁用特定路由的 Web 中间件
【发布时间】:2016-05-24 10:51:53
【问题描述】:

我希望访客用户可以访问主页,但在内置的身份验证过程中,laravel 会重定向到登录页面。如何让访客用户访问主页?

我的路线.php:

Route::group(['middleware' => 'web'], function () {
Route::auth();

Route::get('/', 'HomeController@index');

Route::get('/insert', 'HomeController@insertform');
Route::get('/job/{id}', 'JobsController@show');

Route::get('/city/{city}', 'JobsController@city');

Route::post('/insert', 'HomeController@insert');
Route::get('/cityinsert', 'HomeController@cityinsert');
Route::post('/cityinsert', 'HomeController@cityinsertpost');

});

和authenticate.php

class Authenticate
{
 /**
 * Handle an incoming request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Closure  $next
 * @param  string|null  $guard
 * @return mixed
 */
public function handle($request, Closure $next, $guard = null)
{
    if (Auth::guard($guard)->guest()) {
        if ($request->ajax()) {
            return response('Unauthorized.', 401);
        } else {
            return redirect()->guest('login');
        }
    }

    return $next($request);
}
}

这是我的 kernel.php

class Kernel extends HttpKernel
{
/**
 * The application's global HTTP middleware stack.
 *
 * These middleware are run during every request to your application.
 *
 * @var array
 */
protected $middleware = [
    \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
];

/**
 * The application's route middleware groups.
 *
 * @var array
 */
protected $middlewareGroups = [
    'web' => [
        \App\Http\Middleware\EncryptCookies::class,
        \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\VerifyCsrfToken::class,
    ],

    'api' => [
        'throttle:60,1',
    ],
];

/**
 * The application's route middleware.
 *
 * These middleware may be assigned to groups or used individually.
 *
 * @var array
 */
protected $routeMiddleware = [
    'auth' => \App\Http\Middleware\Authenticate::class,
    'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
    'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
];
}

【问题讨论】:

    标签: php laravel authentication middleware laravel-5.2


    【解决方案1】:

    我更喜欢通过路由排除中间件。您可以通过两种方式做到这一点:

    1. 单次操作:
    Route::post('login', 'LoginController@login')->withoutMiddleware(['auth']);
    1. 组模式:
    Route::group([
    'prefix' => 'forgot-password',
    'excluded_middleware' => ['auth'],
], function () {
    Route::post('send-email', 'ForgotPasswordController@sendEmail');
    Route::post('save-new-password', 'ForgotPasswordController@saveNewPassword');
});

    在 Laravel 7.7 上测试

    【讨论】:

    • +1 在路由中排除中间件很好,因为即使在构造函数中添加了中间件,它仍然不会让该寄存器,从而避免了回火控制器的头痛
    • 多么美妙的答案啊!! ?非常感谢你的朋友。我这里测试了一下,可以排除中间件,同时包含。
    • 附带说明,withoutMiddleware() 方法仅适用于 Laravel 7.x 及更高版本。 Read this reference API
    【解决方案2】:

    在构造中的中间件声明中添加异常

    Route::get('/', 'HomeController@index');

    要使上述路由免于身份验证,您应该将函数名称传递给中间件,如下所示

    class HomeController extends Controller
{
    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('auth', ['except' => 'index']);
    }
}

    【讨论】:

      【解决方案3】:

      从 HomeController 构造中移除中间件:

      class HomeController extends Controller
{
    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        //$this->middleware('auth');
    }
}

      【讨论】:

      • 这太棒了!现在我收到一条消息阻止我的页面显示“您已登录!”请帮我拔掉头发。
      【解决方案4】:

      我可以添加到 Sidharth 的答案,您可以使用几种方法 exeption,通过将它们包含在数组中:

      class HomeController extends Controller
{
    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('auth', ['except' => ['index', 'show']]);
    }
}

      Laravel 5.5 测试。

      【讨论】:

        【解决方案5】:

        您还可以将middlewareexcept 分开。试试这个:

        /**
 * Create a new controller instance.
 *
 * @return void
 */
public function __construct()
{
    $this->middleware('guest')->except([
        'submitLogout',
        'showUserDetail'
    ]);
}

        在 Laravel 5.4 上测试

        【讨论】:

          【解决方案6】:

          将 URL 除外添加到 VerifyCsrfToken

          app/http/middleware/VerifyCsrfToken.php

          <?php

namespace App\Http\Middleware;

use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;

class VerifyCsrfToken extends Middleware
{
    /**
     * The URIs that should be excluded from CSRF verification.
     *
     * @var array
     */
    protected $except = [
        'stripe/*',
        'http://example.com/foo/bar',
        'http://example.com/foo/*',
    ];
}

          来源:Laravel Documentation CSRF exclude URL

          *也在 Lavarel 7.0 上测试

          【讨论】:

            猜你喜欢
            • 2017-07-23
            • 1970-01-01
            • 1970-01-01
            • 2015-09-22
            • 2013-08-07
            • 2015-10-22
            • 1970-01-01
            • 2016-05-14
            • 1970-01-01
            相关资源
            最近更新 更多
            热门标签
            Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode