Laravel-密码保护路线
我有一个没有用户角色的应用程序,因为除1个功能外,所有功能都向所有用户开放。
当我们添加了带有成本的SMS通知功能时,我想限制谁可以在密码后使用此功能。
因此,目前以我的形式有以下内容:
<div class="row">
<div class="col-sm-8">
<div class="card">
<h2 class="text-center">Send SMS Notification</h2>
<p class="text-center">Please note a password is required for this function</p>
<div class="card-header card-header-rose card-header-text">
<div class="card-text">
<h4 class="card-title">Enter Message</h4>
</div>
</div>
{!! Form::open(array('action' => ['NotificationController@sms'],'method'=>'POST', 'class'=>'form-horizontal')) !!}
<div class = "card-body">
@if (count($errors)>0)
<div class = "alert alert-danger">
<strong>Whoops!</strong> There were some problems with your input.<br><br>
<ul>
@foreach ($errors->all() as $error)
<li>{{ $error }}</li>
@endforeach
</ul>
</div>
@endif
<div class = "row">
<label class = "col-sm-2 col-form-label">Message: </label>
<div class = "col-sm-6">
<div class = "form-group">
<input type = "text" class = "form-control" maxlength="160" name="message">
</div>
</div>
</div>
</div>
<div class = "card-footer">
<div class = "row">
<div class = "col-md-4">
<div class="pull-left">
<a href="{{action('HomeController@index')}}" class = "btn btn-danger">Cancel</a>
</div>
</div>
<div class ="col-md-4">
<button type="submit" class="btn btn-success">Send SMS Notification</button>
</div>
</div>
</div>
{!!Form::close()!!}
</div>
</div>
</div>
因此,想法是当发送短信通知是按下时,系统将询问用户需要输入的密码。
我不知道如何添加此功能,而Google也没有帮助。 当前,发送消息的代码很好,在此处不遇到任何问题。
欢迎其他建议。
谢谢
I have an application which doesn't have user roles, as all functions apart from 1 are open to all users.
As we have added an SMS notification function which comes with a cost, I want to limit who can use this function behind a password.
So currently in my Form I have the following:
<div class="row">
<div class="col-sm-8">
<div class="card">
<h2 class="text-center">Send SMS Notification</h2>
<p class="text-center">Please note a password is required for this function</p>
<div class="card-header card-header-rose card-header-text">
<div class="card-text">
<h4 class="card-title">Enter Message</h4>
</div>
</div>
{!! Form::open(array('action' => ['NotificationController@sms'],'method'=>'POST', 'class'=>'form-horizontal')) !!}
<div class = "card-body">
@if (count($errors)>0)
<div class = "alert alert-danger">
<strong>Whoops!</strong> There were some problems with your input.<br><br>
<ul>
@foreach ($errors->all() as $error)
<li>{{ $error }}</li>
@endforeach
</ul>
</div>
@endif
<div class = "row">
<label class = "col-sm-2 col-form-label">Message: </label>
<div class = "col-sm-6">
<div class = "form-group">
<input type = "text" class = "form-control" maxlength="160" name="message">
</div>
</div>
</div>
</div>
<div class = "card-footer">
<div class = "row">
<div class = "col-md-4">
<div class="pull-left">
<a href="{{action('HomeController@index')}}" class = "btn btn-danger">Cancel</a>
</div>
</div>
<div class ="col-md-4">
<button type="submit" class="btn btn-success">Send SMS Notification</button>
</div>
</div>
</div>
{!!Form::close()!!}
</div>
</div>
</div>
So the idea is when the Send SMS Notification is press, the system will ask for a password which the user needs to enter.
I have no idea how to add this function, and google hasn't helped.
Currently, the code for sending a message is fine and not facing any issues here.
Other suggestions are welcome.
Thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我认为您正在寻找 Laravel Basic Auth 。
Basic Auth带有盒子的Laravel Auot。
您需要一个用户表,其中包括他们的电子邮件和密码。
您可以使用中Midleware Witch保护路线,仅接受Authenticater用户以获取下一个请求。
在您的情况下,如果您想将用户限制到SMS发送功能,则必须在用户模型中添加某种差异化
您可以控制哪些用户可以或无法发送SMS的策略。
HTTP Basic Auth期望在基本验证表单中找到一封电子邮件作为用户名。
您需要做的唯一一件事就是
在
I think you are looking for Laravel Basic Auth.
Basic Auth comes with Laravel auot of the box.
You need an users table with their emails and passwords.
You can protect routes with that midleware witch only accept authenticater users to get next request.
In your case if you want to limit users acces to sms sending feature you will have to add some kind of differentiation in your user model something like
a policy where you control which users can or cannot send sms.
Http basic auth expect find an email as username in Basic Auth form.
The only thing, you need to do is
More about this in Laravel Doc
除了中间件外,您还可以在控制器中进行简单的检查(假设您已经存储了密码,因为应该存储它),只需在“发送SMS”表单中添加密码字段,
允许您非常简单地扩展密码保护功能,因此如果有任何机会发送SMS不是最后一个密码保护函数您最好坚持使用中间件
besides middleware you can do simple check in controller (assuming you storing password hased, as it should be stored), just add password field in send sms form
in general middleware allowes you extend password protected functions very easy, so if there is any chance that sending sms is not the last password protected function you'd better stick with middleware