如何使个人资料用户除了自己以外,禁止其他人访问?

huangapple go评论80阅读模式
英文:

How to make the profile user forbid to anyone except the own user?

问题

我有以下路由:

Route::get('@{username}', 'HomePageController@username')->name('user.profile');

该路由允许所有人查看用户的个人资料(包含个人信息和简历等)。在用户注册时,用户必须等待管理员激活他的帐户。

我需要检查用户的帐户是否仍在处理中,如果是,则只为该用户显示上述路由。当帐户激活后,对所有人开放上述路由以查看他的个人资料。

我尝试创建中间件,但不知道如何禁止"访客用户"。

我的错误之处:

public function username($username)
{
    $user = User::where('username', '=', $username)->firstOrFail();

    if($user->active){
        return view('frontend.user_profile',compact('user','projects_last','first_project','whole_projects'));
    }else{
        return redirect('/');
    }
}

最佳方案是如何实现类似功能?

谢谢。

英文:

I have route:

Route::get('@{username}', 'HomePageController@username')->name('user.profile');

that route to allow for everyone to see the profile ( contains his info and his cv .. etc ), and in the beginning of register any user user must wait to active his account by the admin

I need to see if account of user still under process show above route just for him. and when the account is active open above route for everyone can see his profile.

I tried to create middleware but don't know how can I forbid the guest user

My wrong shut:

public function username($username)
{
    $user = User::where('username' , '=' , $username)->firstOrFail();

    if($user->active){
        return view('frontend.user_profile',compact('user','projects_last','first_project','whole_projects'));
    }else{
        return redirect('/');
    }
}

What the best scenario to do something like that?

thanks.

答案1

得分: 1

如果($user->active || $username == Auth::user()->username){
return view('frontend.user_profile', compact('user', 'projects_last', 'first_project', 'whole_projects'));
}else{
return redirect('/');
}

英文:
if($user->active || $username == Auth::user()->username){
        return view('frontend.user_profile',compact('user','projects_last','first_project','whole_projects'));
}else{
    return redirect('/');
}

答案2

得分: 1

if ($user->active) {
    // 所有人都可以看到
} else {
    if (Auth::user() && Auth::user()->username == $username) {
        // 只有授权用户和本人可以看到
    } else {
        // 重定向到主页
    }
}
英文:
if ($user->active) {
    // Everyone can see
} else {
   if (Auth::user() && Auth::user()->username == $username) {
      // only auth and himself can see
   } else {
      // redirect to home page
   }
}

答案3

得分: 0

你也可以像这样使用它:

if ($username == Auth::user()->username) {
    return view('frontend.user_profile', compact('user', 'projects_last', 'first_project', 'whole_projects'));
} else {
    return abort(403, '未经授权的操作。');
}
英文:

You can also use it like this

if( $username == Auth::user()->username){
   return view('frontend.user_profile',compact('user','projects_last','firs.   t_project','whole_projects'));
}else{
   return abort(403, 'Unauthorized action.');
}

答案4

得分: 0


public function username($username)
{
    $user = User::where(['username' => $username, 'status' => 'active'])->firstOrFail();

    if($user && auth()->user()->username == $username){
        return view('frontend.user_profile',compact('user','projects_last','first_project','whole_projects'));
    }else{
        return abort(403, 'Unauthorized action.');
    }
}
}
英文:

You can try this


public function username($username)
{
    $user = User::where(['username' => $username,'status' => 'active'])->firstOrFail();

    if($user && auth()->user()->username == $username){
        return view('frontend.user_profile',compact('user','projects_last','first_project','whole_projects'));
    }else{
        return abort(403, 'Unauthorized action.');
    }
}
}

huangapple
  • 本文由 发表于 2020年1月3日 20:36:13
  • 转载请务必保留本文链接:https://go.coder-hub.com/59578762.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定