我正在使用 laravel 11 + livewire 3 和 apereo cas 构建一个系统进行身份验证。我面临着多个问题,因为我认为是由会话(更新:和/或 Laravel Guard)引起的,以及我已阅读并尝试解决它但仍然没有成功。
php artisan config:clear
php artisan route:clear
php artisan view:clear
php artisan cache:clear
php artisan optimize
web.php
Route::middleware(['cas.auth'])->group(function () {
// Define routes that require authentication here
Route::get('/', Home::class); //redirect here after cas login
Route::get('staff', Staff::class);
Route::get('performance', Performance::class);
Route::get('calendar', Holiday::class);
});
Route::get('logout', function () {
Auth::guard('cas')->logout();
cas()->logout();
});
customcasauth.php(中间件cas.auth)
class CustomCasAuth extends BaseCASAuth
{
protected $auth;
protected $cas;
public function __construct(Guard $auth)
{
$this->auth = $auth;
$this->cas = app('cas');
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->cas->checkAuthentication()) {
$sessionId = session()->getId();
$session = DB::table('sessions')->where('id', $sessionId)->first();
dump(Auth::guard('cas')->user());
if ($session) {
$sessionLifetime = config('session.lifetime');
$sessionExpiration = now()->subMinutes($sessionLifetime)->timestamp;
if (!session('cas_user'))
dump('no session');
elseif (session('cas_user'))
dump('have');
else
dump('alou');
dump(session()->getId());
if ($session->user_id === null || !session('cas_user')) {
dump('in');
$staff = Staff::where('staff_short', $this->cas->getUser())->first();
if ($staff) {
Auth::guard('cas')->login($staff, true);
// Store the user credentials in a Laravel managed session
session()->put('user_id', $staff->id);
session()->save();
session()->put('cas_user', $this->cas->user());
} else {
// Optionally handle the case where no staff record is found
abort(403, 'Unauthorized action, please contact administrator to check your existence in the system.');
}
}
dump('out');
if (!session('cas_user'))
dump('no session');
elseif (session('cas_user'))
dump('have');
else
dump('alou');
if ($session->last_activity < $sessionExpiration) {
// Session has expired
Auth::guard('cas')->logout();
$this->cas->authenticate();
}
} else {
dump('no session');
$this->cas->authenticate();
}
} else {
if ($request->ajax() || $request->wantsJson()) {
return response('Unauthorized.', 401);
}
Auth::guard('cas')->logout();
$this->cas->authenticate();
}
return $next($request);
}
}
auth.php(配置员工模型而不是用户进行身份验证)
'defaults' => [
'guard' => env('AUTH_GUARD', 'cas'),
'passwords' => env('AUTH_PASSWORD_BROKER', 'staff'),
],
'guards' => [
'cas' => [
'driver' => 'session', // Custom driver for CAS authentication
'provider' => 'staff', // Provider for the CAS user
],
],
'providers' => [
'staff' => [
'driver' => 'eloquent', // Use Eloquent or a custom provider if needed
'model' => App\Models\Staff::class,
],
],
员工.php
use Illuminate\Auth\Authenticatable as AuthAuthenticatable; //use this instead of below because this can be implemented as a trait
// use Illuminate\Foundation\Auth\User as Authenticatable; //not using this since already extend model
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use OwenIt\Auditing\Contracts\Auditable;
class Staff extends Model implements Auditable, AuthenticatableContract
{
use AuthAuthenticatable;
use HasFactory;
protected $username = 'staff_short';
更新:我发现中间件中的 dump() 会话与我的 livewire 中的 dump() 会话不同
使用检查 auth::guard->hasuser,如果没有用户 auth::guard->login,因此不再有新的操作会话