在我的Laravel应用程序中,我有 Users
谁可以登录并注册, Admins
谁可以登录,但出于安全原因无法注册 .
我正在利用内置 Auth
功能的Laravels,以便我可以处理登录和密码重置,只需添加提供程序并保护 App\Admin
我正在尝试使用只有其他管理员用户可以访问的表单来创建新的管理员,但我真的很难让流程正常工作:
Here is the method in my AdminController
public function store(StoreAdmin $request)
{
$admin = new Admin();
$admin->first_name = $request->input('first_name');
$admin->last_name = $request->input('last_name');
$admin->email = $request->input('email');
$admin->password = bcrypt(str_random(60));
$admin->access_level = $request->input('access_level');
$admin->save();
Mail::send(new AdminWelcome($admin));
return redirect()->route('admin.index');
}
这会添加一个新的Admin,给定通过 $request
变量传递的凭据,并为它们提供随机密码 . 它还会触发将电子邮件发送到新创建的用户的电子邮件中 .
Here is the Mail class I'm using to pass data to the email:
<?php
namespace App\Mail;
use App\Admin;
use Illuminate\Bus\Queueable;
use Illuminate\Mail\Mailable;
use Illuminate\Queue\SerializesModels;
use Illuminate\Contracts\Queue\ShouldQueue;
use Password;
class AdminWelcome extends Mailable
{
use Queueable, SerializesModels;
/**
* Undocumented variable
*
* @var [type]
*/
public $admin;
/**
* Undocumented variable
*
* @var [type]
*/
public $token;
/**
* @param \App\Models\Admin $user
*/
public function __construct(Admin $admin)
{
$this->admin = $admin;
$this->token = Password::getRepository()->create($admin);
}
/**
* Build the message.
*
* @return $this
*/
public function build()
{
return $this
->to($this->admin->email)
->subject('Welcome to ' . config('app.name'))
->view('emails.admin.welcome');
}
}
当我在电子邮件测试中成功检索此用户的名称时,这正确地抓取了新创建的管理员用户 . 但是, Password::getRepository()->create($admin);
实际上并未生成令牌 .
以下是与电子邮件关联的视图:
@extends('layouts.app')
@section('content')
<h1>Welcome to <a href="{{ config('app.url') }}">{{ config('app.name') }}</a></h1>
<p>
Dear {{ $admin->first_name }},
</p>
<p>
Your account has been approved. You can now pick a password at our site and login.
</p>
<table>
<tr>
<td>
<p>
<a href="password/reset" . {{ $token }} class="btn-primary">
Pick a password
</a>
</p>
</td>
</tr>
</table>
<p><em>This link is valid until {{
Carbon\Carbon::now()->addMinutes(config('auth.passwords.users.expire'))->format('Y/m/d') }}.</em></p>
@endsection
该令牌未添加到URL,也未添加到 password_resets
表中 . 我忘了这里明显的东西吗?