laravel 模仿
1.7.5
Laravel Impersonate可以轻松地对您的用户进行身份验证。向您的用户模型添加一个简单的特征,然后一键模拟为您的用户之一。
| 版本 | 发布 |
|---|---|
| 6.x 至 11.x | 1.7 |
| 6.x、7.x | 1.6 |
| 5.8 | 1.5 |
| 5.7, 5.6 | 1.2 |
| 5.5, 5.4 | 1.1 |
composer require lab404/laravel-impersonateconfig/app.php末尾添加服务提供者: ' providers ' => [
// ...
Lab404 Impersonate ImpersonateServiceProvider ::class,
],Lab404ImpersonateModelsImpersonate添加到您的用户模型中。 冒充用户:
Auth :: user ()-> impersonate ( $ other_user );
// You're now logged as the $other_user留下模拟:
Auth :: user ()-> leaveImpersonation ();
// You're now logged as your original user.在路由文件中的 Web 中间件下,您必须调用impersonate路由宏。
Route :: impersonate ();或者,您可以使用RouteServiceProvider执行此宏。
namespace App Providers ;
class RouteServiceProvider extends ServiceProvider
{
public function map () {
Route :: middleware ( ' web ' )-> group ( function ( Router $ router ) {
$ router -> impersonate ();
});
}
} // Where $id is the ID of the user you want impersonate
route ( ' impersonate ' , $ id )
// Or in case of multi guards, you should also add ` guardName ` (defaults to ` web `)
route ( ' impersonate ' , [ ' id ' => $ id , ' guardName ' => ' admin ' ])
// Generate an URL to leave current impersonation
route ( ' impersonate.leave ' )默认情况下,所有用户都可以模拟用户。
您需要将方法canImpersonate()添加到您的用户模型中:
/**
* @return bool
*/
public function canImpersonate ()
{
// For example
return $ this -> is_admin == 1 ;
}默认情况下,所有用户都可以被模拟。
您需要将方法canBeImpersonated()添加到您的用户模型中以扩展此行为:
/**
* @return bool
*/
public function canBeImpersonated ()
{
// For example
return $ this -> can_be_impersonated == 1 ;
} // With the app helper
app ( ' impersonate ' )
// Dependency Injection
public function impersonate ( ImpersonateManager $ manager , $ user_id ) { /* ... */ } $ manager = app ( ' impersonate ' );
// Find an user by its ID
$ manager -> findUserById ( $ id );
// TRUE if your are impersonating an user.
$ manager -> isImpersonating ();
// Impersonate an user. Pass the original user and the user you want to impersonate
$ manager -> take ( $ from , $ to );
// Leave current impersonation
$ manager -> leave ();
// Get the impersonator ID
$ manager -> getImpersonatorId ();防止冒充
您可以使用中间件impersonate.protect来保护您的路由免遭用户模拟。
当您想要保护特定页面(例如用户订阅、用户信用卡等)时,此中间件非常有用。
Router :: get ( ' /my-credit-card ' , function () {
echo " Can't be accessed by an impersonator " ;
})-> middleware ( ' impersonate.protect ' );有两个事件可用于改进您的工作流程:
TakeImpersonation会被触发。LeaveImpersonation 。每个事件返回两个属性$event->impersonator和$event->impersonated包含 User 模型实例。
该软件包附带一个配置文件。
使用以下命令发布它:
php artisan vendor:publish --tag=impersonate可用选项:
// The session key used to store the original user id.
' session_key ' => ' impersonated_by ' ,
// Where to redirect after taking an impersonation.
// Only used in the built-in controller.
// You can use: an URI, the keyword back (to redirect back) or a route name
' take_redirect_to ' => ' / ' ,
// Where to redirect after leaving an impersonation.
// Only used in the built-in controller.
// You can use: an URI, the keyword back (to redirect back) or a route name
' leave_redirect_to ' => ' / ' 共有三个可用的 Blade 指令。
@canImpersonate ( $guard = null )
< a href = " {{ route ( ' impersonate ' , $user -> id ) } } " >Impersonate this usera >
@endCanImpersonate当您有一个用户列表并希望在所有用户旁边显示“模拟”按钮时,这会派上用场。但是您不希望该按钮位于当前经过身份验证的用户旁边,也不希望该按钮位于根据您的canBeImpersonated()实现而无法模拟的用户旁边。
@canBeImpersonated ( $user , $guard = null )
< a href = " {{ route ( ' impersonate ' , $user -> id ) } } " >Impersonate this usera >
@endCanBeImpersonated @impersonating ( $guard = null )
< a href = " {{ route ( ' impersonate.leave ' ) } } " >Leave impersonationa >
@endImpersonating vendor/bin/phpunitloginAsId() ?该软件包添加了更广泛的功能,包括 Blade 指令,允许您在模拟时覆盖分析和其他跟踪事件、基于模拟状态的火灾事件等。 issues/5 中的简短讨论
麻省理工学院
