我有以下代码
<?php
namespace App\Http\Middleware;
use Closure;
use Session;
class CheckLogin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if(!Session::has('userAuthDetail')){
// return redirect('login');
// return redirect()->guest('/login');
} else {
return $next($request);
}
}
}
在web.php中
Route::get('/login', ['as' => 'login', 'uses' => 'Auth\LoginController@login']);
Route::group(['middleware' => ['login']], function () {
Route::post('/add','MyController@submitData');
});
登录控制器
public function postLogin(Request $request) {
// print_r($request->all());
$data['email']=$request->email;
$data['password']=$request->password;
$response= ApiModel::userLogin($data);
if($response->msg=='success'){
session(['userAuthDetail' => $response->data[0]]);
return redirect('/');
} else if($response->msg=='failed'){
return redirect('/');
}
}
如果我在中间件中添加if else条件然后网站抛出错误
VerifyCsrfToken.php第156行中的ErrorException:尝试获取非对象的属性
如果我删除if else并添加只是
public function handle($request, Closure $next)
{
if(!Session::has('userAuthDetail')){
}
return $next($request);
}
然后工作正常,但如果凭据失败,那么它重定向到仪表板 .
注意:我不能使用laravel auth,因为我正在与在核心php中编写的api进行通信
更新;
kernal.php
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
];
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'web' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
// \Illuminate\Session\Middleware\AuthenticateSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\Illuminate\Routing\Middleware\SubstituteBindings::class,
\App\Http\Middleware\CheckLogin::class,
],
'api' => [
'throttle:60,1',
'bindings',
],
];
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'login' => \App\Http\Middleware\CheckLogin::class,
];
}
2 回答
如果未创建用户会话,则应返回登录页面
Line 156 of VerifyCsrfToken.php显示它试图调用
$response->headers->setCookie(...)
. 您的错误表明$ response为null,这就是if(!Session::has('userAuthDetail')) { ... }
场景中的CheckLogin中间件会发生的情况 .基本上,你有一个返回null的中间件(或者什么也没有,在PHP世界中哪种被视为null) . 这是不允许的,中间件必须始终返回某种响应(或抛出异常) .
TL;DR: 您的中间件必须为所有执行路径返回响应 .