具体思路很简单-当用户登录删除上次登录的session并记录现在登录的session id
文档上所写 我们可以重写父类AuthController的方法
namespace App\Admin\Controllers;
use Dcat\Admin\Controllers\AuthController as BaseAuthController;
class AuthController extends BaseAuthController
{
protected $view = 'admin.login';
public function getLogin(Content $content){
...
}
...
}
查看继承的父类BaseAuthController,可以看到验证登录的方法
public function postLogin(Request $request){
$credentials = $request->only([$this->username(), 'password']);
$remember = (bool) $request->input('remember', false);
$validator = Validator::make($credentials, [$this->username() => 'required','password' => 'required',]);
if ($validator->fails()) {
return $this->validationErrorsResponse($validator);
}
if ($this->guard()->attempt($credentials, $remember)) {
return $this->sendLoginResponse($request);
}
return $this->validationErrorsResponse([$this->username() => $this->getFailedLoginMessage(),]);
}
验证登录成功后执行sendLoginResponse方法并会生成一个session令牌
protected function sendLoginResponse(Request $request){
$request->session()->regenerate();
return $this->redirectToIntended($this->redirectPath(),trans('admin.login_successful'));
}
在新创建的子类里面重写该方法
protected function sendLoginResponse(Request $request){
$this->delSessionForRedis();
$request->session()->regenerate();
$this->setSessionForRedis();
return $this->redirectToIntended($this->redirectPath(),trans('admin.login_successful'));
}
private function setSessionForRedis(){
Redis::set('session_id_'.auth()->id(),'_database__cache:'.session()->getId());
}
private function delSessionForRedis(){
$key = Redis::get('session_id_'.auth()->id());
if($key){$key = '_'.trim($key,"_database_");
Redis::del($key);
}
}
实现了两步删除上一次登录的session、记录当前的session会话id 最后在.env中将SESSION_DRIVER更改为redis驱动
