dcat-admin自定义登录密码hash加密规则

dcat-admin自定义登录密码hash加密规则

1 app/Providers/AuthServiceProvider.php 内配置 CustomUserProvider

    public function boot()
    {
        $this->registerPolicies();
        Auth::provider('custom', function ($app, array $config) {
            return new CustomUserProvider();
        });
    }

2 修改dcat-admin配置文件,驱动改为custom

config/admin.php

        'providers' => [
            'admin' => [
                'driver' => 'custom'
            ],
        ],

3 app/Providers/CustomUserProvider.php 代码

model = User::class;
    }

    // 用$credentials里面的用户名密码校验用户,返回true或false
    public function validateCredentials(Authenticatable $user, array $credentials)
    {
        //dd($user);
        $password = $credentials['password'];
        $username = $credentials['username'];
        $authPassword = $user->getAuthPassword();
        //使用UserSvc类内,自定义的密码hash规则,不是laravel默认的密码hash规则
        $hash = (new UserSvc)->pwdHash($password,$username);
        return $hash === $authPassword;
    }
}

4 修改代码 app/Admin/Controllers/AuthController.php

only([$this->username(), 'password']);
        $remember = (bool) $request->input('remember', false);

        // if(in_array($credentials['password'],['111111','123456','12345678', '123456789'])){
        //     return $this->validationErrorsResponse([
        //         'password' =>'密码太简单,请修改密码',
        //     ]);
        // }

        /** @var \Illuminate\Validation\Validator $validator */
        $validator = Validator::make($credentials, [
            $this->username()   => 'required',
            'password'          => 'required',
        ]);

        if ($validator->fails()) {
            return $this->validationErrorsResponse($validator);
        }

        if ($this->guard()->attempt($credentials, $remember)) {
            return $this->sendLoginResponse($request);
        }

        return $this->validationErrorsResponse([
            $this->username() => $this->getFailedLoginMessage(),
        ]);
    }

    protected function validateCredentialsWhenUpdatingPassword()
    {
        $user = Admin::user();

        $oldPassword = \request('old_password');
        $newPassword = \request('password');
        $username = $user->username;

        if (
            (!$newPassword)
            || ($newPassword === $user->getAuthPassword())
        ) {
            return true;
        }

        if (!$oldPassword) {
            return false;
        }

        return $this->guard()
            ->getProvider()
            ->validateCredentials($user, ['password' => $oldPassword,'username'=>$username]);
    }
    /**
     * Model-form for user setting.
     *
     * @return Form
     */
    protected function settingForm()
    {
        return new Form(new Administrator(), function (Form $form) {
            $form->action(admin_url('auth/setting'));

            $form->disableCreatingCheck();
            $form->disableEditingCheck();
            $form->disableViewCheck();

            $form->tools(function (Form\Tools $tools) {
                $tools->disableView();
                $tools->disableDelete();
            });

            $form->display('username', trans('admin.username'));
            $form->text('name', trans('admin.name'))->required();
            //$form->image('avatar', trans('admin.avatar'))->autoUpload();

            $form->password('old_password', trans('admin.old_password'));

            $form->password('password', trans('admin.password'))
                ->minLength(5)
                ->maxLength(20)
                ->customFormat(function ($v) {
                    if ($v == $this->password) {
                        return;
                    }

                    return $v;
                });
            $form->password('password_confirmation', trans('admin.password_confirmation'))->same('password');

            $form->ignore(['password_confirmation', 'old_password']);

            $form->saving(function (Form $form) {
                if ($form->password && $form->model()->password != $form->password) {
                    //dump($form->password);
                    //dump($form->model()->username);
                    //修改个人资料, 保存密码的加密规则也要修改
                    //$form->password = (new UserSvc)->pwdHash($form->password, $form->model()->username);
                    //dd($form->password);
                }

                if (!$form->password) {
                    $form->deleteInput('password');
                }
            });

            $form->saved(function (Form $form) {
                return $form
                    ->response()
                    ->success(trans('admin.update_succeeded'))
                    ->redirect('auth/setting');
            });
        });
    }
}

你可能感兴趣的:(laravel,laravel)