Fix 管理登录页面多重转跳行为及页面管制微加强；

只有有权限者才能使用管理登录页面真正登录！

app/Http/Controllers/AuthController.php

@@ -41,7 +41,7 @@ class AuthController extends Controller
     {
         // 根据权限跳转
         if (Auth::check()) {
-            if (Auth::getUser()->hasPermissionTo('admin.index') || Auth::getUser()->hasRole('Super Admin')) {
+            if (Auth::getUser()->can('admin.index')) {
                 return Redirect::route('admin.index');
             }
 
@@ -75,6 +75,14 @@ class AuthController extends Controller
             return Redirect::back()->withInput()->withErrors(trans('auth.error.login_error'));
         }
 
+        if ($request->routeIs('admin.login.post') && $user->cannot('admin.index')) {
+            // 管理页面登录
+            // 非权限者清场
+            Auth::logout();
+
+            return Redirect::route('login');
+        }
+
         // 校验普通用户账号状态
         if ($user->status === -1) {
             Auth::logout(); // 强制销毁会话，因为Auth::attempt的时候会产生会话

app/Http/Kernel.php

@@ -6,7 +6,6 @@ use App\Http\Middleware\Affiliate;
 use App\Http\Middleware\Authenticate;
 use App\Http\Middleware\CheckForMaintenanceMode;
 use App\Http\Middleware\EncryptCookies;
-use App\Http\Middleware\isAdminLogin;
 use App\Http\Middleware\isForbidden;
 use App\Http\Middleware\isLogin;
 use App\Http\Middleware\isMaintenance;
@@ -78,7 +77,7 @@ class Kernel extends HttpKernel
 
         'admin' => [
             isForbidden::class,
-            isAdminLogin::class,
+            isLogin::class,
             Permission::class,
         ],
 

app/Http/Middleware/isAdminLogin.php

@@ -1,27 +0,0 @@
-<?php
-
-namespace App\Http\Middleware;
-
-use Closure;
-use Illuminate\Http\Request;
-use Redirect;
-
-class isAdminLogin
-{
-    /**
-     * Handle an incoming request.
-     *
-     * @param  Request  $request
-     * @param  Closure  $next
-     *
-     * @return mixed
-     */
-    public function handle(Request $request, Closure $next)
-    {
-        if (auth()->guest()) {
-            return Redirect::route('admin.login');
-        }
-
-        return $next($request);
-    }
-}

app/Http/Middleware/isLogin.php

@@ -19,6 +19,10 @@ class isLogin
     public function handle(Request $request, Closure $next)
     {
         if (auth()->guest()) {
+            if ($request->routeIs('admin.*')) {
+                return Redirect::route('admin.login');
+            }
+
             return Redirect::route('login');
         }
 

routes/web.php

@@ -13,7 +13,7 @@ Route::get('callback/checkout', 'Gateway\PayPal@getCheckout')->name('paypal.chec
 // 登录相关
 Route::middleware(['isForbidden', 'affiliate', 'isMaintenance'])->group(function () {
     Route::get('lang/{locale}', 'AuthController@switchLang')->name('lang'); // 语言切换
-    Route::get('login', 'AuthController@showLoginForm')->middleware('isSecurity')->name('login'); // 登录
+    Route::get('login', 'AuthController@showLoginForm')->middleware('isSecurity')->name('login'); // 登录页面
     Route::post('login', 'AuthController@login')->middleware('isSecurity'); // 登录
     Route::get('logout', 'AuthController@logout')->name('logout'); // 退出
     Route::get('register', 'AuthController@showRegistrationForm')->name('register'); // 注册
@@ -28,4 +28,5 @@ Route::middleware(['isForbidden', 'affiliate', 'isMaintenance'])->group(function
     Route::get('create/uuid', '\Illuminate\Support\Str@uuid')->name('createUUID'); // 生成UUID
     Route::get('getPort', '\App\Components\Helpers@getPort')->name('getPort'); // 获取端口
 });
-Route::match(['get', 'post'], 'admin/login', 'AuthController@login')->name('admin.login')->middleware('isForbidden', 'isSecurity'); // 管理登录
+Route::get('admin/login', 'AuthController@showLoginForm')->name('admin.login')->middleware('isForbidden', 'isSecurity'); // 管理登录页面
+Route::post('admin/login', 'AuthController@login')->middleware('isSecurity')->name('admin.login.post'); // 管理登录