Laravel 7中间件-如何为未经身份验证的用户/来宾为某些视图/刀片文件创建分组中间件

Question

我为注册用户创建了一个组中间件。如果用户是经过身份验证和登录的，那么用户将能够访问中间件中的视图/页面，否则它们将重定向到带有错误消息的页面。

但是，当我访问login 的视图时，它也会将我重定向到未经授权的用户(未经身份验证的用户的页面)，甚至注册视图、密码重置视图和其他非用户可以访问的页面。

如何将这些页面分开，这样它们就可以被访问，而无需登录或认证？

下面是我的中间件UserMiddleware的代码：

<?php

namespace App\Http\Middleware;
use Closure;

class UserMiddleware
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if (!$request->user())
        {
            return redirect('unauthorized');
        }
        return $next($request);
    }
}

这是我的分组路由和其他路由的代码，web.php

<?php

use Illuminate\Support\Facades\Route;
use Spatie\Activitylog\Models\Activity;

Route::get('/', function () {
    return view('welcome');
});

//Views for non-users/not logged-in users
Route::view('unauthorized', 'unauthorized');
Route::get('/home', 'HomeController@index')->name('home');
Route::get('/showLoginForm', 'LoginController@showLoginForm');


Route::group(['middleware' => ['user_middleware']], function() //Group middleware for authenticated / logged-in users
{
    Auth::routes();

    Route::get('/logout', 'Auth\LoginController@logout');
    Route::resource('master/vendor', 'Master\VendorController');
    Route::get('vendor/datatable', 'Master\VendorController@datatable')->name('vendor/datatable');

    Route::resource('master/product', 'Master\ProductController');
    Route::get('product/datatable', 'Master\ProductController@datatable')->name('product/datatable');
    Route::get('product/datatableTrash', 'Master\ProductController@datatableTrash')->name('product/datatableTrash');
    Route::post('product/undoTrash/{id}', 'Master\ProductController@undoTrash')->name('product/undoTrash/{id}');
    Route::get('master/product/history/{id}', 'Master\ProductController@history')->name('master/product/history/{id}');

    Route::resource('transaction/purchase-order', 'Transaction\PurchaseController');
    Route::get('transaction/purchase-order/vendor/popup_media', 'Transaction\PurchaseController@popup_media_vendor')->name('transaction/purchase-order/vendor/popup_media');
    Route::get('transaction/purchase-order/product/popup_media/{id_count}', 'Transaction\PurchaseController@popup_media_product')->name('transaction/purchase-order/product/popup_media/{id_count}');
    Route::get('browse-product/datatable', 'Master\ProductController@datatable_product')->name('browse-product/datatable');
    Route::get('browse-vendor/datatable', 'Master\VendorController@datatable_vendor')->name('browse-vendor/datatable');
    Route::get('purchase-order/datatable', 'Transaction\PurchaseController@datatable')->name('purchase-order/datatable');
    Route::post('transaction/purchase-order/receive/{id}', 'Transaction\PurchaseController@received')->name('transaction/purchase-order/received/{id}');
    Route::get('transaction/purchase-order/print/{id}', 'Transaction\SaleController@print')->name('transaction/purchase-order/print/{id}');

    Route::resource('transaction/sales', 'Transaction\SaleController');
    Route::get('transaction/sales/product/popup_media/{id_count}', 'Transaction\SaleController@popup_media_product')->name('transaction/sales/product/popup_media/{id_count}');
    Route::get('sales/datatable', 'Transaction\SaleController@datatable')->name('sales/datatable');
    Route::get('transaction/sales/print/{id}', 'Transaction\SaleController@print')->name('transaction/sales/print/{id}');

    Route::get('transaction/stock', 'Transaction\StockController@index')->name('transaction/stock');
    Route::get('transaction/stock/product/popup_media', 'Transaction\StockController@popup_media_product')->name('transaction/stock/product/popup_media');
    Route::post('transaction/stock', 'Transaction\StockController@update')->name('transaction/stock');
    Route::get('stock/report', 'Transaction\StockController@report')->name('stock/report');

    Route::resource('user', 'UserController');
    Route::get('/datatable_Activities', 'UserController@datatable_Activities')->name('datatable_Activities');
    Route::get('/RecentActivities', 'UserController@RecentActivities')->name('RecentActivities');
    Route::get('/password', 'UserController@Password');
    //Route::get('/calendar', 'UserController@Calendar');
    Route::post('user/updatePassword', 'UserController@updatePassword')->name('user.updatePassword');

});

和我的Kernel.php代码片段

protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            \Illuminate\Session\Middleware\AuthenticateSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],

        'api' => [
            'throttle:60,1',
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],

        'user_middleware' => [
            \App\Http\Middleware\UserMiddleware::class,
        ]
    ];

下面是我的问题演示：

​

​

Answer 1

在本例中，在“user_middleware”之外放置Auth::routes()应该是正确的方法。