1.路由
2.登录页面
3.登录注册的控制器
4.中间件
1.路由
1.注意登录注册的页面不能卸载中间件里面
Route::group(['domain' => 'admin.web.com','namespace' => 'admin'],function(){
Route::post('login','LoginController@loginStore');
Route::get('login','LoginController@login');
Route::post('register','LoginController@registerStore');
Route::get('register','LoginController@register');
Route::get('code','LoginController@code');
// 退出登录
Route::get('logout','LoginController@logout');
Route::group(['middleware' => 'user'],function(){
route::get('/','AdminController@index');
// 关于我们
route::resource('about','AboutController');
// 轮播图
route::resource('carousel','CarouselController');
// 留言反馈
route::resource('comment','CommentController');
// 友情连接
route::resource('blogroll','BlogrollController');
});
});
2.前端登录页面
@extends('layouts.app')
@section('content')
@if (session('message'))
<div class="alert alert-success">
{{ session('message') }}
</div>
@endif
@if(count($errors)>0)
<div class="alert alert-danger">
<p>{{$errors}}</p>
</div>
@endif
<div class="container">
<div class="row">
<div class="col-md-8 col-md-offset-2">
<div class="panel panel-default">
<div class="panel-heading">登录页面</div>
<div class="panel-body">
<form class="form-horizontal" role="form" method="POST" action="{{ url('/login') }}">
{{ csrf_field() }}
<div class="form-group">
<label for="email" class="col-md-4 control-label">用户名</label>
<div class="col-md-6">
<input id="email" type="text" class="form-control" name="name" value="{{ old('name') }}">
</div>
</div>
<div class="form-group">
<label for="password" class="col-md-4 control-label">密码</label>
<div class="col-md-6">
<input id="password" type="password" class="form-control" name="password">
</div>
</div>
<div class="form-group">
<label for="password" class="col-md-4 control-label">验证码</label>
<div class="col-md-6">
<input type="text" class="code" name="code" class="form-control" >
<span><i class="fa fa-check-square-o"></i></span>
<!-- 2.要点,src引入的是获取验证码的路由,做一个点击刷新的JS,并且后面带一个随机参数 -->
<img src="{{url('/code')}}" alt="" onclick="this.src='{{url('/code')}}?'+Math.random()">
</div>
</div>
<div class="form-group">
<div class="col-md-6 col-md-offset-4">
<button type="submit" class="btn btn-primary">
<i class="fa fa-btn fa-sign-in"></i> 登录
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
@endsection
3.登录注册的控制器
<?php
namespace App\Http\Controllers\admin;
use Illuminate\Http\Request;
use App\Http\Requests;
use App\Http\Controllers\Controller;
use App\User;
use Validator;
use Auth;
require_once 'org/code/Code.class.php'; //我的Code类的位置放在了public/org下面
class LoginController extends Controller
{
protected $user;
public function __construct()
{
$this->user = new User();
}
// 跳转到登录页面
public function login()
{
return view('auth.login');
}
// 跳转到注册页面
public function register()
{
return view('auth.register');
}
//用户登录
public function loginStore(\Request $request)
{
$request = $request::all();
$code = new \Code();
session_start(); //3.Code类存储验证码在session里面,要开启session
$getCode = $code->get();
// 4.验证码中取值字母都是大写,所以用户发送过来的验证码要转换下
if(strtoupper($request['code'])!=$getCode){
return back()->with('errors','验证码错误!');
}
//5.这个是自定义的验证,但是注意注册的时候密码一定要用"bcrypt"加密,才能被匹配到
if (Auth::attempt(['name' => $request['name'], 'password' => md5($request['password'])])) {
return redirect('/');
}else{
return back()->with('errors','登录失败')->withInput();
}
}
// 接收注册信息
public function registerStore(\Request $request)
{
$input = $request::all();
$rules = [
'name' => 'required|max:255',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|confirmed|min:6',
];
$message = [
'name.required'=>'用户名必须填写!',
'email.required'=>'邮箱必须填写!',
'email.unique'=>'邮箱已经被注册!',
'password.confirmed'=>'两次密码不一致!',
'password.min'=>'密码至少6位数!',
];
$validator = Validator::make($input,$rules,$message);
if ($validator->fails()){
// 如果注册失败,返回注册信息和错误信息
return back()->withErrors($validator)->withInput();
}else{
$input['password'] = bcrypt(md5($input['password'])); //6.bcrypt是自带的加密方式,不能修改。
if($this->user->add($input)){
return redirect('login')->with('message', '注册成功');
}else{
return back()->with('message','注册失败')->withInput();
}
}
}
// 退出登录
public function logout()
{
Auth::logout();
return redirect('/login');
}
//获取验证码
public function code()
{
$code = new \Code();
$code->make();
}
}
4.中间件
public function handle($request, Closure $next, $guard = null)
{
// 7.如果是来宾用户,跳转到登录页面,否则通过,继续往下执行。
// 用来宾“guest()”和检验"check()"其实是一样的,只是判断的结果正好反过来了
if (Auth::guard($guard)->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
}
return redirect()->guest('/login');
}
return $next($request);
}
