logo标签列表

在 Laravel 5.2 中为特定路由禁用 Web 中间件

phplaravelauthenticationmiddlewarelaravel-5
21

我希望让未注册用户能够访问主页,但是在 Laravel 内置的认证过程中会重定向到登录页面。我该如何让未注册用户访问主页?

我的 routes.php 文件:

Route::group(['middleware' => 'web'], function () {
Route::auth();

Route::get('/', 'HomeController@index');

Route::get('/insert', 'HomeController@insertform');
Route::get('/job/{id}', 'JobsController@show');

Route::get('/city/{city}', 'JobsController@city');

Route::post('/insert', 'HomeController@insert');
Route::get('/cityinsert', 'HomeController@cityinsert');
Route::post('/cityinsert', 'HomeController@cityinsertpost');

});

和 authenticate.php

->

and authenticate.php

class Authenticate
{
 /**
 * Handle an incoming request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Closure  $next
 * @param  string|null  $guard
 * @return mixed
 */
public function handle($request, Closure $next, $guard = null)
{
    if (Auth::guard($guard)->guest()) {
        if ($request->ajax()) {
            return response('Unauthorized.', 401);
        } else {
            return redirect()->guest('login');
        }
    }

    return $next($request);
}
}

这是我的kernel.php文件

class Kernel extends HttpKernel
{
/**
 * The application's global HTTP middleware stack.
 *
 * These middleware are run during every request to your application.
 *
 * @var array
 */
protected $middleware = [
    \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
];

/**
 * The application's route middleware groups.
 *
 * @var array
 */
protected $middlewareGroups = [
    'web' => [
        \App\Http\Middleware\EncryptCookies::class,
        \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\VerifyCsrfToken::class,
    ],

    'api' => [
        'throttle:60,1',
    ],
];

/**
 * The application's route middleware.
 *
 * These middleware may be assigned to groups or used individually.
 *
 * @var array
 */
protected $routeMiddleware = [
    'auth' => \App\Http\Middleware\Authenticate::class,
    'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
    'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
    'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
];
}
7个回答
48

我更倾向于通过路由来排除中间件。有两种方法可以实现:

  1. 单个操作:
  1. 单个动作:
Route::post('login', 'LoginController@login')->withoutMiddleware(['auth']);
  1. 小组模式:
Route::group([
    'prefix' => 'forgot-password',
    'excluded_middleware' => ['auth'],
], function () {
    Route::post('send-email', 'ForgotPasswordController@sendEmail');
    Route::post('save-new-password', 'ForgotPasswordController@saveNewPassword');
});

在 Laravel 7.7 上进行测试

排除路由中间件是很好的,因为即使在构造函数中添加了一个中间件,它仍然不会让那个注册,从而节省了控制器调试的麻烦。 - Abdul Rehman
多么精彩的答案!!非常感谢你,朋友。我在这里测试了一下,可以同时排除中间件和包含它们。 - thiagobraga
1
顺便提一下,withoutMiddleware() 方法仅适用于 Laravel 7.x 及以上版本。请参阅此 API 参考 - ibnɘꟻ
这不是一个旁注。问题明确是“如何在Laravel 5.2中实现此功能”。这个答案对于所提出的版本并不适用。 - DougW
33
在构造函数中的中间件声明中添加一个异常。
Route::get('/', 'HomeController@index');

为了使上述路由免于身份验证,您应该像下面这样将函数名称传递给中间件。
class HomeController extends Controller
{
    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('auth', ['except' => 'index']);
    }
}
12

从HomeController构造函数中移除中间件:

class HomeController extends Controller
{
    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        //$this->middleware('auth');
    }
}
这太棒了!现在我收到了一个阻止我的页面的消息,上面写着“你已登录!”请帮忙,否则我会把头发都拔光。 - Jp Silver
4

我可以补充Sidharth的答案,你可以使用多种方法来处理异常,其中一种是将它们包含在数组中:

class HomeController extends Controller
{
    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('auth', ['except' => ['index', 'show']]);
    }
}

已测试Laravel 5.5。

3
你可以把middlewareexcept分开。试试这个方法:
/**
 * Create a new controller instance.
 *
 * @return void
 */
public function __construct()
{
    $this->middleware('guest')->except([
        'submitLogout',
        'showUserDetail'
    ]);
}

测试过 Laravel 5.4

1

将除外的URL添加到VerifyCsrfToken中

app/http/middleware/VerifyCsrfToken.php


<?php

namespace App\Http\Middleware;

use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;

class VerifyCsrfToken extends Middleware
{
    /**
     * The URIs that should be excluded from CSRF verification.
     *
     * @var array
     */
    protected $except = [
        'stripe/*',
        'http://example.com/foo/bar',
        'http://example.com/foo/*',
    ];
}

源代码:Laravel文档CSRF排除URL

*在Lavarel 7.0上也进行了测试

0

最近我需要在一个旧的Laravel项目中使用这个功能。

感谢Laravel的可扩展特性:)

AppServiceProvider.php

public function boot()
    {
        Route::macro('withoutMiddleware', function ($excludedMiddlewares) {
            $this->action['middleware'] = array_filter(
                $this->action['middleware'],
                function ($middleware) use ($excludedMiddlewares) {
                    return !in_array($middleware, $excludedMiddlewares);
                });

            return $this;
        });
    }

然后你可以像这样使用它:

Route::get('something')->withoutMiddleware(['auth']);
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接