Laravel三州登录尝试

Question

默认的Laravel登录尝试方法返回布尔，但我想修改它，并获得另一个结果，如果用户存在，但用户的状态是被动的。 我不想更改laravel供应商目录中的任何代码。我可以轻松地在LoginController中编写我自己的登录方法，但问题是SessionGuard::attempt()有自己的生命周期，它不是LoginController使用它的特征。

以下是SessionGuard::attempt()方法的原始版本。

public function attempt(array $credentials = [], $remember = false, $login = false) 
{ 
    $this->fireAttemptEvent($credentials, $remember, $login); 

    $this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials); 

    // If an implementation of UserInterface was returned, we'll ask the provider 
    // to validate the user against the given credentials, and if they are in 
    // fact valid we'll log the users into the application and return true. 
    if ($this->hasValidCredentials($user, $credentials)) { 

     if ($login) { 
      $this->login($user, $remember); 
     } 

     return true; 
    } 

    // If the authentication attempt fails we will fire an event so that the user 
    // may be notified of any suspicious attempts to access their account from 
    // an unrecognized user. A developer may listen to this event as needed. 
    if ($login) { 
     $this->fireFailedEvent($user, $credentials); 
    } 

    return false; 
} 

注：

$credentials = [ 
      'email' => $request->input('email'), 
      'password' => $request->input('password'), 
      'status_id' => 1 
      ]; 

但我想删除STATUS_ID领域，我想表明的消息给用户，如果用户的STATUS_ID不是1

基本上我只是想重写SessionGuard::attempt()方法，像这样。

public function attempt(array $credentials = [], $remember = false, $login = false) 
{ 
    $this->fireAttemptEvent($credentials, $remember, $login); 

    $this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials); 

    // If an implementation of UserInterface was returned, we'll ask the provider 
    // to validate the user against the given credentials, and if they are in 
    // fact valid we'll log the users into the application and return true. 
    if ($this->hasValidCredentials($user, $credentials)) { 
     //User exists but user's status_id is not 1 
     if($user->status_id != 1) 
      return 2; // 2 for passive accounts 
     if ($login) { 
      $this->login($user, $remember); 
     } 

     return 1; //for active accounts 
    } 

    // If the authentication attempt fails we will fire an event so that the user 
    // may be notified of any suspicious attempts to access their account from 
    // an unrecognized user. A developer may listen to this event as needed. 
    if ($login) { 
     $this->fireFailedEvent($user, $credentials); 
    } 

    return 0; // for non exists acounts 
} 

我该如何存档？

Answer 1

你可以做你的控制器的登录功能（通常是LoginController中）

你第一次得到了一个独特的电子邮件的用户里面。然后你检查账户是否有变量。如果是，你可以尝试登录用户，如果没有，你可以抛出一个错误。

class LoginController extends Controller 
{ 

    use AuthenticatesUsers; 

     public function login(Request $request) { 
     $this->validateLogin($request); 

     // If the class is using the ThrottlesLogins trait, we can automatically throttle 
     // the login attempts for this application. We'll key this by the username and 
     // the IP address of the client making these requests into this application. 
     if ($this->hasTooManyLoginAttempts($request)) { 
      $this->fireLockoutEvent($request); 

      return $this->sendLockoutResponse($request); 
     } 
     $user = App\User::where('email', $request->get('email'))->first(); 

     if ($user && $user->status_id == 1 && $this->attemptLogin($request)) { 
      return $this->sendLoginResponse($request); 
     } 

     // If the login attempt was unsuccessful we will increment the number of attempts 
     // to login and redirect the user back to the login form. Of course, when this 
     // user surpasses their maximum number of attempts they will get locked out. 
     $this->incrementLoginAttempts($request); 

     return $this->sendFailedLoginResponse($request); 
    } 
}