0
我使用帶有標準內置Auth支持的Laravel 4框架。在本地環境中,一切都很好(MAMP,OSx),但在我的生產服務器上(Ubuntu,Apache,Php 5.5.9的Digital Ocean標準映像)auth過濾失敗,並允許訪問而無需身份驗證。Laravel auth過濾器在生產服務器上失敗
routes.php文件:
Route::group(['before'=>'auth'], function(){
Route::get('admin', array('uses' => '[email protected]'));
Route::get('admin/dashboard', function(){
return Redirect::to('admin');
});
Route::post('payment/ok', array('uses' => '[email protected]'));
Route::post('payment/fail', array('uses' => '[email protected]'));
Route::get('admin/makeDMS/{id}', array('uses' => '[email protected]'));
Route::get('admin/products', array('uses' => '[email protected]'));
Route::get('admin/product/{id}', array('uses' => '[email protected]'));
Route::get('admin/orders', array('uses' => '[email protected]'));
Route::get('admin/order/{id}', array('uses' => '[email protected]'));
Route::post('admin/setOrderStatus', array('uses' => '[email protected]'));
Route::post('admin/updateProduct', array('uses' => '[email protected]'));
Route::get('admin/transactions', array('uses' => '[email protected]'));
});
filters.php:
Route::filter('auth', function()
{
if (Auth::guest())
{
if (Request::ajax())
{
return Response::make('Unauthorized', 401);
}
else
{
return Redirect::guest('login');
}
}
});
Route::filter('auth.basic', function()
{
return Auth::basic();
});
Route::filter('guest', function()
{
if (Auth::check()) return Redirect::to('/');
});
我試圖保護所需的線路都與Route::group和控制器的構造,但輸出是一樣的:具有良好的登錄憑據有效,具有錯誤憑據的用戶無法登錄,但應該受到保護的路由組可用於未經身份驗證的用戶。
我發現在快速CGI模式的PHP可能會產生這樣的行爲,但這裏是我sudo apachectl -M輸出:
Loaded Modules:
core_module (static)
so_module (static)
watchdog_module (static)
http_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
unixd_module (static)
access_compat_module (shared)
alias_module (shared)
auth_basic_module (shared)
authn_core_module (shared)
authn_file_module (shared)
authz_core_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
filter_module (shared)
mime_module (shared)
mpm_prefork_module (shared)
negotiation_module (shared)
php5_module (shared)
rewrite_module (shared)
setenvif_module (shared)
status_module (shared)