在 laravel 5.2 中禁用特定路由的 Web 中间件
Posted
技术标签:
【中文标题】在 laravel 5.2 中禁用特定路由的 Web 中间件【英文标题】:disable web middleware for specific routes in laravel 5.2 【发布时间】:2016-05-24 10:51:53 【问题描述】:我希望访客用户可以访问主页,但在内置的身份验证过程中,laravel 会重定向到登录页面。如何让访客用户访问主页?
我的路线.php:
Route::group(['middleware' => 'web'], function ()
Route::auth();
Route::get('/', 'HomeController@index');
Route::get('/insert', 'HomeController@insertform');
Route::get('/job/id', 'JobsController@show');
Route::get('/city/city', 'JobsController@city');
Route::post('/insert', 'HomeController@insert');
Route::get('/cityinsert', 'HomeController@cityinsert');
Route::post('/cityinsert', 'HomeController@cityinsertpost');
);
和authenticate.php
class Authenticate
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
if (Auth::guard($guard)->guest())
if ($request->ajax())
return response('Unauthorized.', 401);
else
return redirect()->guest('login');
return $next($request);
这是我的 kernel.php
class Kernel extends HttpKernel
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
];
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
],
'api' => [
'throttle:60,1',
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
];
【问题讨论】:
【参考方案1】:我更喜欢通过路由排除中间件。您可以通过两种方式做到这一点:
-
单次操作:
Route::post('login', 'LoginController@login')->withoutMiddleware(['auth']);
-
组模式:
Route::group([
'prefix' => 'forgot-password',
'excluded_middleware' => ['auth'],
], function ()
Route::post('send-email', 'ForgotPasswordController@sendEmail');
Route::post('save-new-password', 'ForgotPasswordController@saveNewPassword');
);
在 Laravel 7.7 上测试
【讨论】:
+1 在路由中排除中间件很好,因为即使在构造函数中添加了中间件,它仍然不会让该寄存器,从而避免了回火控制器的头痛 多么美妙的答案啊!! ?非常感谢你的朋友。我这里测试了一下,可以排除中间件,同时包含。 附带说明,withoutMiddleware() 方法仅适用于 Laravel 7.x 及更高版本。 Read this reference API【参考方案2】:
在构造中的中间件声明中添加异常
Route::get('/', 'HomeController@index');
要使上述路由免于身份验证,您应该将函数名称传递给中间件,如下所示
class HomeController extends Controller
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
$this->middleware('auth', ['except' => 'index']);
【讨论】:
【参考方案3】:从 HomeController 构造中移除中间件:
class HomeController extends Controller
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
//$this->middleware('auth');
【讨论】:
这太棒了!现在我收到一条消息阻止我的页面显示“您已登录!”请帮我拔掉头发。【参考方案4】:我可以添加到 Sidharth 的答案,您可以使用几种方法 exeption,通过将它们包含在数组中:
class HomeController extends Controller
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
$this->middleware('auth', ['except' => ['index', 'show']]);
Laravel 5.5 测试。
【讨论】:
【参考方案5】:您还可以将middleware 和except 分开。试试这个:
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
$this->middleware('guest')->except([
'submitLogout',
'showUserDetail'
]);
在 Laravel 5.4 上测试
【讨论】:
【参考方案6】:将 URL 除外添加到 VerifyCsrfToken
app/http/middleware/VerifyCsrfToken.php
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
class VerifyCsrfToken extends Middleware
/**
* The URIs that should be excluded from CSRF verification.
*
* @var array
*/
protected $except = [
'stripe/*',
'http://example.com/foo/bar',
'http://example.com/foo/*',
];
来源:Laravel Documentation CSRF exclude URL
*也在 Lavarel 7.0 上测试
【讨论】:
以上是关于在 laravel 5.2 中禁用特定路由的 Web 中间件的主要内容,如果未能解决你的问题,请参考以下文章
在 Laravel 5 中,如何禁用特定路由的 VerifycsrfToken 中间件?