作者:L鸿玖 | 来源:互联网 | 2023-09-05 17:41
跟踪查看用户认证实现在路由器加个反射routeweb.php<?phpRoute::get(,function(){returnview(welcome);});A
跟踪查看用户认证实现
在路由器加个反射 route/web.php
php
Route::get('/', function () {
return view('welcome');
});
Auth::routes();
Route::get('/home', 'HomeController@index');
Route::get('/find/{class}/{action?}',function($class,$action = null){
if($action == null)
{
$ca = new ReflectionClass($class);
}
else
{
$ca = new ReflectionMethod($class, $action);
}
dd($ca);
});
看到 Auth::routes() 查找 Auth 的 routes 方法
在浏览器输入 http://localhost/find/auth/routes 得到
![](https://www.#.com/go/aHR0cHM6Ly9pbWFnZXMyMDE1LmNuYmxvZ3MuY29tL2Jsb2cvMTE5MjI4Mi8yMDE3MDcvMTE5MjI4Mi0yMDE3MDcyNDIyMzkxNTM0MC0xOTMzNDgyMTUucG5n)
打开文件我可以查看到
![](https://www.#.com/go/aHR0cHM6Ly9pbWFnZXMyMDE1LmNuYmxvZ3MuY29tL2Jsb2cvMTE5MjI4Mi8yMDE3MDcvMTE5MjI4Mi0yMDE3MDcyNDIyNDIzMjMwOS0yNzM4NjA4NzAucG5n)
其实 就是
Route::auth();Route::get('/', function () {
return view('welcome');
});
//Auth::routes();
Route::auth();
Route::get('/home', 'HomeController@index');
Route::auth() 调用Illuminate/Routing/Router类的auth方法
![](https://www.#.com/go/aHR0cHM6Ly9pbWFnZXMyMDE3LmNuYmxvZ3MuY29tL2Jsb2cvMTE5MjI4Mi8yMDE3MDcvMTE5MjI4Mi0yMDE3MDcyNTIyMjMxOTIwMS01Mzg5MjEwMzgucG5n)
Auth\LoginController的 login 方法public function login(Request $request){//VDL 验证请求的数据$this->validateLogin($request);//HTMLA 查询数据库用户登陆次数错误(1分钟内失败5次)if ($this->hasTooManyLoginAttempts($request)) {//FLE 触发事件监听$this->fireLockoutEvent($request);//SLR 这方法被调用意味着用户已经超过登录上限,此时方法会 back 到登录页,并携带'登录超过上限,请于58秒后再次登录'这样的提示;return $this->sendLockoutResponse($request);}//AL 查询帐号密码正确性if ($this->attemptLogin($request)) {//SLR(1) 重新生成 Session ID 清除错误次数 转到'/home'return $this->sendLoginResponse($request);}//ILA 用户在缓存数据库中的登录次数值,如果存在则加1;不存在,则新增,同时设置过期时间(默认是1分钟)$this->incrementLoginAttempts($request);//SFLR 返回表单输出错误的信息return $this->sendFailedLoginResponse($request);}attemptLogin 方法:
Auth::guard()->attempt( $request->only('email', 'password'),$request->has('remember')); attempt方法: Illuminate\Auth\SessionGuard.php public function attempt(array $credentials = [], $remember = false)
{
$this->fireAttemptEvent($credentials, $remember);
$this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials);//查询数据库返加USER模型
// If an implementation of UserInterface was returned, we'll ask the provider
// to validate the user against the given credentials, and if they are in
// fact valid we'll log the users into the application and return true.
if ($this->hasValidCredentials($user, $credentials)) { //确认帐号密码是否正确
$this->login($user, $remember);//存到session; 设置id (user表的id);设置remmbertoken; 存储user信息
return true;
}
// If the authentication attempt fails we will fire an event so that the user
// may be notified of any suspicious attempts to access their account from
// an unrecognized user. A developer may listen to this event as needed.
$this->fireFailedEvent($user, $credentials);
return false;
}