由於某些原因,某些人在我的Laravel 5.1應用程序的用戶表中登錄到隨機用戶。我想不出它是什麼。嘗試所有會話驅動程序。目前我在數據庫會話驅動器上,因爲我可以很容易地清除它。Laravel 5.1隨機登錄到應用程序
當它發生某人,網站所有者與我聯繫,但我不能自己複製它。當我得到符號時,再次發生我清除數據庫中的會話表並在服務器上運行php artisan auth:clear-resets
。
大多數已登錄的訪問者正在首次訪問該網站。據我所知,它發生在Windows和Osx以及Chrome和IE中。
我使用https://github.com/laravel/socialite - 認爲這是問題,但人們也登錄爲未通過SocialMedia註冊的用戶。
可能是我的驗證代碼有問題..但是什麼?我重寫了登錄部分,但看起來很好。
Route::get('auth/login', 'Auth\[email protected]');
Route::get('auth/logout', 'Auth\[email protected]');
Route::get('auth/register', 'Auth\[email protected]');
Route::post('auth/authenticate', 'Auth\[email protected]');
Route::post('auth/register', 'Auth\[email protected]');
Route::post('auth/email', 'Auth\[email protected]');
Route::get('auth/{socialite}', 'Auth\[email protected]');
Route::get('auth/{socialite}/callback', 'Auth\[email protected]');
的AuthController:
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
use App\User;
use App\Social;
use Auth;
use Socialite;
use Validator;
use Carbon\Carbon;
class AuthController extends Controller
{
use AuthenticatesAndRegistersUsers, ThrottlesLogins;
protected $redirectPath = '/dashboard';
/**
* Create a new authentication controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest', ['except' => ['getLogout']]);
}
/**
* Redirect the user to the Socialite authentication page.
*
* @return Response
*/
public function redirectToProvider(\Illuminate\Http\Request $request, $socialite)
{
] return Socialite::driver($socialite)->redirect();
}
/**
* Obtain the user information from Socialite.
*
* @return Response
*/
public function handleProviderCallback($socialite)
{
$user = Socialite::driver($socialite)->user();
$authUser = $this->findOrCreateUser($user, $socialite);
Auth::login($authUser, true);
return redirect()->intended('dashboard');
}
private function findOrCreateUser($provider, $socialite)
{
if ($authUser = Social::whereSecret($provider->id)->first()) {
return User::findOrFail($authUser->user_id);
}
if($user = User::whereEmail($provider->email)->first())
{
$user = $user;
}
else
{
$user = User::create([
'name' => @$provider->name,
'email' => $provider->email,
'password' => bcrypt(md5($provider->id)),
]);
}
$social = Social::create([
'user_id' => $user->id,
'secret' => $provider->id,
'provider' => $socialite,
]);
return $user;
}
/**
* Get a validator for an incoming registration request.
*
* @param array $data
* @return \Illuminate\Contracts\Validation\Validator
*/
protected function validator(array $data)
{
return Validator::make($data, [
'email' => 'required|email|unique:users',
'password' => 'required|min:8',
]);
}
/**
* Create a new user instance after a valid registration.
*
* @param array $data
* @return User
*/
protected function create(array $data)
{
return User::create($data);
}
/**
* Handle an authentication attempt.
*
* @return Response
*/
public function authenticateLogin(\Illuminate\Http\Request $request)
{
$this->validate($request, [
'email' => 'required|email',
'password' => 'required',
]);
if(User::whereEmail($request->get('email'))->firstOrFail())
{
if (Auth::attempt(['email' => $request->get('email'), 'password' => $request->get('password')], @$request->get('remember')))
{
return route('dashboard');
}
return abort(403);
}
}
public function updateLastLogin(User $ser)
{
$user = auth()->user();
$user->last_login = Carbon::now();
$user->save();
}
}
而且我在這不礙事我猜eventsServicePrvider監聽器:
protected $listen = [
'auth.login' => ['\App\Http\Controllers\Auth\[email protected]'],
];
任何人都看到了錯誤?或者提示如何調試呢?我無法弄清楚它是如何發生的..
CACHE_DRIVER =文件 SESSION_DRIVER = Redis的
你的'AuthController :: redirectToProvider()'方法中的''''是什麼? – Arcesilas
您能否澄清問題何時發生。假設用戶登錄到您的頁面。然後,用戶以不同的用戶身份登錄?或者在訪問您網站上的某些頁面時隨機發生?爲了調試我個人使用'https:// github.com/barryvdh/laravel-debugbar'。也許在這裏你可以找到關於實際正在發生的事情的一些提示(即檢查數據庫查詢)。 – LaDude
@daniela有時會發生,對於某些用戶;完全隨機。只發生在生產上,而不發生在當地。 .arcesilas多數民衆贊成在社交網絡包功能 – user1469734