Laravel 自动生成验证的实例讲解:login / logout

Auth::routes();
Route::get('/home','HomeController@index')->name('home');

/**
  * Register the typical authentication routes for an application.
  *
  * @return void
  */
 public function auth()
 {
  // Authentication Routes...
  $this->get('login', 'Auth\LoginController@showLoginForm')->name('login');
  $this->post('login', 'Auth\LoginController@login');
  $this->post('logout', 'Auth\LoginController@logout')->name('logout');

  // Registration Routes...
  $this->get('register', 'Auth\RegisterController@showRegistrationForm')->name('register');
  $this->post('register', 'Auth\RegisterController@register');

  // Password Reset Routes...
  $this->get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');
  $this->post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');
  $this->get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');
  $this->post('password/reset', 'Auth\ResetPasswordController@reset');
 }

class LoginController extends Controller
{
 /*
 |--------------------------------------------------------------------------
 | Login Controller
 |--------------------------------------------------------------------------
 |
 | This controller handles authenticating users for the application and
 | redirecting them to your home screen. The controller uses a trait
 | to conveniently provide its functionality to your applications.
 |
 */

 use AuthenticatesUsers;

 /**
  * Where to redirect users after login.
  *
  * @var string
  */
 protected $redirectTo = '/home';

 /**
  * Create a new controller instance.
  *
  * @return void
  */
 public function __construct()
 {
  $this->middleware('guest')->except('logout');
 }
}

public function showLoginForm()
 {
  return view('auth.login');
 }

<form class="form-horizontal" method="POST" action="{{ route('login') }}">
</form>

public function login(Request $request)
 {
  $this->validateLogin($request);
  /**
  *
  protected function validateLogin(Request $request)
 {
  $this->validate($request, [
   $this->username() => 'required|string',
   'password' => 'required|string',
  ]);
 }
  其中 $this->username() 就是 return 'email';
  **/
  // 限制请求次数，防止暴力破解的
  if ($this->hasTooManyLoginAttempts($request)) {
   $this->fireLockoutEvent($request);

   return $this->sendLockoutResponse($request);
  }
  /**
  // 关于 attempt 的介绍可以看我上一篇博客
  protected function attemptLogin(Request $request)
 {
  return $this->guard()->attempt(
   $this->credentials($request), $request->has('remember')
  );
 }
 **/
  // 如果验证通过的话
  if ($this->attemptLogin($request)) {
   return $this->sendLoginResponse($request);
  }
  // 否则的话增加验证的统计次数
  $this->incrementLoginAttempts($request);
  // 返回错误信息
  return $this->sendFailedLoginResponse($request);
 }

public function logout(Request $request)
 {
  $this->guard()->logout();

  $request->session()->invalidate();

  return redirect('/');
 }

protected function guard()
 {
  return Auth::guard();
 }

public function logout()
 {
  $user = $this->user();

  $this->clearUserDataFromStorage();

  if (! is_null($this->user)) {
   $this->cycleRememberToken($user);
  }

  if (isset($this->events)) {
   $this->events->dispatch(new Events\Logout($user));
  }

  // Once we have fired the logout event we will clear the users out of memory
  // so they are no longer available as the user is no longer considered as
  // being signed into this application and should not be available here.
  $this->user = null;

  $this->loggedOut = true;
 }

public function logout(Request $request)
 {
  Auth::guard()->logout();

  $request->session()->invalidate();
  // 自定义重定向地址
  return redirect('/');
 }