关于登录和注册 Laravel自带了一套组件实现了这一功能,我们只需要实现简单的视图即可。
AuthController是专门管理用户注册和登录的。
PassWordController是重置密码用的,今天暂不做记录。
1 配置
我们可以在 config/auth.php 文件中进行用户认证的配置:
<?php return [ /* |-------------------------------------------------------------------------- | Default Authentication Driver |-------------------------------------------------------------------------- | | This option controls the authentication driver that will be utilized. | This driver manages the retrieval and authentication of the users | attempting to get access to protected areas of your application. | | Supported: "database", "eloquent" | */ 'driver' => 'eloquent', /* |-------------------------------------------------------------------------- | Authentication Model |-------------------------------------------------------------------------- | | When using the "Eloquent" authentication driver, we need to know which | Eloquent model should be used to retrieve your users. Of course, it | is often just the "User" model but you may use whatever you like. | */ 'model' => AppUser::class, /* |-------------------------------------------------------------------------- | Authentication Table |-------------------------------------------------------------------------- | | When using the "Database" authentication driver, we need to know which | table should be used to retrieve your users. We have chosen a basic | default value but you may easily change it to any table you like. | */ 'table' => 'users', /* |-------------------------------------------------------------------------- | Password Reset Settings |-------------------------------------------------------------------------- | | Here you may set the options for resetting passwords including the view | that is your password reset e-mail. You can also set the name of the | table that maintains all of the reset tokens for your application. | | The expire time is the number of minutes that the reset token should be | considered valid. This security feature keeps tokens short-lived so | they have less time to be guessed. You may change this as needed. | */ 'password' => [ 'email' => 'emails.password', 'table' => 'password_resets', 'expire' => 60, ], ];
这是默认的配置,注释写的很清楚了 如果有特别需要可以做更改,一般情况中我们使用默认的就OK。
2 创建路由
/** * 用户认证 */ // getLogin 用于展示登录表单。 Route::get('/auth/login', 'AuthAuthController@getLogin'); // postLogin 用于提交用户登录数据。 Route::post('/auth/login', 'AuthAuthController@postLogin'); // getLogout 用于退出登录。 Route::get('/auth/logout', 'AuthAuthController@getLogout'); /** * 用户注册 */ // getRegister 用于展示注册表单。 Route::get('/auth/register', 'AuthAuthController@getRegister'); // postRegister 用于提交用户注册数据。 Route::post('/auth/register', 'AuthAuthController@postRegister');
3 注册实现
3.1 编写视图
注册视图的路径必须放在 views/auth/ 目录中 并命名为 register.blade.php。
<!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title>用户注册</title> <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css"> </head> <body> <div class="container"> <div class="row"> <div class="col-md-8 col-md-offset-2"> <div class="panel panel-default"> <div class="panel-heading">Register</div> <div class="panel-body"> <form action="{{ url('/auth/register') }}" method="post" role="form" class="form-horizontal"> <input type="hidden" name="_token" value="{{ csrf_token() }}"> <div class="form-group"> <label class="col-md-4 control-label">用户名:</label> <div class="col-md-6"> <input type="text" name="name" class="form-control" autofocus> </div> </div> <div class="form-group"> <label class="col-md-4 control-label">邮箱:</label> <div class="col-md-6"> <input type="email" name="email" class="form-control"> </div> </div> <div class="form-group"> <label class="col-md-4 control-label">密码:</label> <div class="col-md-6"> <input type="password" name="password" class="form-control"> </div> </div> <div class="form-group"> <label class="col-md-4 control-label">确认密码:</label> <div class="col-md-6"> <input type="password" name="password_confirmation" class="form-control"> </div> </div> <div class="form-group"> <div class="col-md-offset-4 col-md-8"> <button type="submit" class="btn btn-primary">注册</button> </div> </div> </form> </div> </div> </div> </div> </div> </body> </html>
3.2 修改跳转URL
注册后跳转的URL有时候不是我们想要的,你可以自定义跳转路由,在AuthController中添加即可:
protected $redirectPath = '/';
4 登录实现
我们注册后已经有了用户了 现在可以试试登录的实现了。
4.1 编写视图
登录的视图路径也是有规定的:views/auth/ 然后命名为:login.balde.php
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>用户登录</title>
<link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">
</head>
<body>
<div class="container">
<div class="row">
<div class="col-md-8 col-md-offset-2">
<div class="panel panel-default">
<div class="panel-heading">Login</div>
<div class="panel-body">
<form action="{{ url('/auth/login') }}" method="post" role="form" class="form-horizontal">
<input type="hidden" name="_token" value="{{ csrf_token() }}">
<div class="form-group">
<label class="col-md-4 control-label">邮箱:</label>
<div class="col-md-6">
<input type="email" name="email" class="form-control">
</div>
</div>
<div class="form-group">
<label class="col-md-4 control-label">密码:</label>
<div class="col-md-6">
<input type="password" name="password" class="form-control">
</div>
</div>
<div class="form-group">
<div class="col-md-offset-4 col-md-8">
<button type="submit" class="btn btn-primary">登录</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
4.2 登录后跳转
登录后的跳转跟注册后的跳转是一样的:
protected $redirectPath = '/';
4.3 登录失败跳转
当登录失败了Laravel会默认跳转回 auth/login 路由,这也是可以自定义的:
protected $loginPath = '/error';
4.4 修改登录用户名
默认的登陆用户名是邮箱,我们可以在AuthController中自定义:
// 该属性默认为email,改成name是以用户名作为账号类型登录。 protected $username = 'name';
4.5 查看用户信息
我们可以通过Auth门面的方法来访问已经登录进来的用户:
Auth::user()
4.6 检查用户是否登录
if (Auth::check()) { // 这个用户已经登录... }
4.7 用于登录失败次数限制
Laravel支持这种逻辑,我们只需要在AuthController中引入 ThrottlesLogins 这个trait 即可。一分钟内登录5次都不成功就会锁闭一分钟,它是基于 用户名/邮箱和IP地址的。
5 登出用户
我们只需要访问 /auth/logout 就可以登出用户了,当然还有一个方法 就是Auth门面方法:
Auth::logout();