問題描述

我使用 Laravel 5.2，我想知道如何強制用戶通過 id 注銷.我正在構建一個管理面板，可以選擇停用當前登錄到 Web 應用程序的特定用戶.Laravel 為當前用戶提供了這個選項.

I use Laravel 5.2, and I want to know how to force a user to log out by id. I'm building an admin panel with the option to deactivate a specific user that is currently logged in to the web application. Laravel gives you this option for a current user.

Auth::logout()

但我不想注銷當前用戶，因為我是經過身份驗證的用戶.因此，我需要通過特定用戶的 id 強制退出該用戶.就像我們使用特定 id 登錄用戶一樣.

But I don't want to log out the current user, as I am an authenticated user. So I need to force log out of a specific user by its id. Just like when we log in a user with a specific id.

Auth::loginUsingId($id);

有沒有類似的東西?

Auth::logoutUsingId($id);

推薦答案

目前，沒有直接的方法可以做到這一點；作為 StatefulGuard 合約及其 SessionGuard 實現不像 logoutUsingId()Auth/SessionGuard.php#L507" rel="noreferrer">登錄.

Currently, there's no straightforward way to do this; As the StatefulGuard contract and its SessionGuard implementation don't offer a logoutUsingId() as they do for login.

您需要在用戶表中添加一個新字段，并在您希望特定用戶注銷時將其設置為 true.然后使用中間件檢查當前用戶是否需要強制注銷.

You need to add a new field to your users table and set it to true when you want a specific user to be logged out. Then use a middleware to check if the current user needs a force logout.

這是一個快速實現.

讓我們為users表遷移類添加一個新字段:

Let's add a new field to users table migration class:

<?php

use IlluminateSupportFacadesSchema;
use IlluminateDatabaseSchemaBlueprint;
use IlluminateDatabaseMigrationsMigration;

class CreateUsersTable extends Migration
{
    /**
     * Run the migrations.
     *
     * @return void
     */
    public function up()
    {
        Schema::create('users', function (Blueprint $table) {
            // ...
            $table->boolean('logout')->default(false);
            // other fields...
        });
    }

    // ...
}

確保在更改遷移后運行 php artisan migrate:refresh [--seed].

Make sure you run php artisan migrate:refresh [--seed] after changing the migration.

讓我們創建一個新的中間件:

php artisan make:middleware LogoutUsers

以下是檢查用戶是否需要被踢出的邏輯:

Here's the logic to check if a user needs to be kicked out:

<?php

namespace AppHttpMiddleware;

use Auth;
use Closure;

class LogoutUsers
{
    /**
     * Handle an incoming request.
     *
     * @param  IlluminateHttpRequest  $request
     * @param  Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $user = Auth::user();

        // You might want to create a method on your model to
        // prevent direct access to the `logout` property. Something
        // like `markedForLogout()` maybe.
        if (! empty($user->logout)) {
            // Not for the next time!
            // Maybe a `unmarkForLogout()` method is appropriate here.
            $user->logout = false;
            $user->save();

            // Log her out
            Auth::logout();

            return redirect()->route('login');
        }

        return $next($request);
    }
}

3.在HTTP內核中注冊中間件

打開app/Http/Kernel.php 并添加中間件的 FQN:

3. Register the middleware in HTTP kernel

Open up the app/Http/Kernel.php and add your middleware's FQN:

/**
 * The application's route middleware groups.
 *
 * @var array
 */
protected $middlewareGroups = [
    'web' => [
        AppHttpMiddlewareEncryptCookies::class,
        IlluminateCookieMiddlewareAddQueuedCookiesToResponse::class,
        IlluminateSessionMiddlewareStartSession::class,
        IlluminateViewMiddlewareShareErrorsFromSession::class,
        AppHttpMiddlewareVerifyCsrfToken::class,
        IlluminateRoutingMiddlewareSubstituteBindings::class,
        AppHttpMiddlewareLogoutUsers::class, // <= Here
    ],

    'api' => [
        'throttle:60,1',
        'bindings',
    ],
];

這是未經測試的代碼，但它應該給你一個想法.將幾個 API 方法添加到您的 User 模型以配合此功能是一個很好的做法:

It's untested code, but it should give you the idea. It'd be a good practice to add a couple of API methods to your User model to accompany with this functionality:

• markedForLogout() :檢查用戶的 logout 標志.
• markForLogout() :將用戶的 logout 標志設置為 true.
• unmarkForLogout() :將用戶的 logout 標志設置為 false.

• markedForLogout() : Checks user's logout flag.
• markForLogout() : Sets user's logout flag to true.
• unmarkForLogout() : Sets user's logout flag to false.

然后在管理方面(我想這是您的情況)，您只需要在特定用戶模型上調用 markForLogout() 即可在下一個請求中將其踢出.或者，如果模型對象不可用，您可以使用查詢構建器來設置標志:

Then on the administration side (I suppose it's your case), you just need to call markForLogout() on the specific user model to kick him out on the next request. Or you can utilize the query builder to set the flag, if the model object is not available:

User::where('id', $userId)
    ->update(['logout' => true]);

它可以是一個 markForLogoutById($id) 方法.

It can be a markForLogoutById($id) method.

相關討論
[提案] 通過 ID 注銷用戶
刪除登錄用戶時的多個語句

這篇關于通過 Laravel 中的用戶 ID 強制注銷特定用戶的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！