Domanda

When I run artisan routes in laravel 4

auth/login/{v1}/{v2}/{v3}/{v4}/{v5}

Is this normal or is there something wrong. My routes work just wondering if there might be a bug or something. Below are my routes for auth. I'm using restful routes for auth.

Route::controller('auth','AuthController');

Route::get('AuthController/login', array('as' => 'login', 'uses' => 'AuthController@login'));
Route::get('auth/logout', array('as' => 'logout', 'uses' => 'auth@logout'));
Route::post('auth/login', array('uses' => 'auth@login'));
È stato utile?

Soluzione

This is expected. When you register controllers with Route::controller() the controller inspector adds the URI wildcards. Consider the following example:

Route::controller('user', 'UserController');

You might then have a method like this on your UserController:

public function getProfile($username)
{
    $user = User::where('username', $username)->first();

    return View::make('profile')->with('user', $user); 
}

You could then hit that method by going to localhost/yourapp/user/profile/jason

In a nut shell it allows you to pass extra parameters to a method. To me this is a very old school way of doing it, as it looks nicer like localhost/yourapp/user/jason/profile and in this case you'd need to use a route to map to the controller method.

Altri suggerimenti

I suggest you 2 improvements:

1 - keep a standard with URIs

You don't need Route::controller in this case. In order to mantain all routes with the same structure I would do:

Route::group( array('prefix'=>'auth,function(){   //make all auth routes starting by auth
    Route::get('getLogin', array('as' => 'getLogin', 'uses' => 'AuthController@getLogin'));
    Route::get('getLogin', array('as' => 'logout', 'uses' => 'AuthController@logout'));
    Route::post('postLogin', array('as' => 'postLogin', 'uses' => 'AuthController@postLogin'));
});

It is not necessary to use group but if you app grows could be better. Without group code will be:

Route::get('auth/getLogin', array('as' => 'getLogin', 'uses' => 'AuthController@getLogin'));
Route::get('auth/getLogin', array('as' => 'logout', 'uses' => 'AuthController@logout'));
Route::post('auth/postLogin', array('as' => 'postLogin', 'uses' => 'AuthController@postLogin'));

2 - Protect your post routes

For every post and put request we've to prevent CSRF attacks like this:

Route::post('postLogin',array('before' => 'csrf','uses'=>AuthController@postLogin) );
Autorizzato sotto: CC-BY-SA insieme a attribuzione
Non affiliato a StackOverflow
scroll top