前提
今回、Laravelを使って複数のユーザーテーブルに対して、パスワードリセットをしようとした時に躓いたポイントを書きます。
具体的に言うと、今作っているサービスには、ユーザーが2種類存在していて、それぞれにテーブルが振り分けられている設計で、1種類目のユーザーのパスワードリセットに加えて、2種類目のユーザーのパスワードリセットを行う際の登録認証で躓いたポイントのことです。
以下に変更前のコードを貼っておきます。
この段階では、まだ1種類目のユーザーの登録認証しか行われないようになっています。
デフォルトのコード(config/auth.php)
auth.php
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'service',
'passwords' => 'users',
]
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'service' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
]
]
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
]
]
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'user_password_resets',
'expire' => 60,
]
]
パスワードbrokerはデフォルトでusersが登録されている。
上のコードのように、デフォルトではusersテーブルが紐付けられていて、何も指定しなければ、usersテーブルに紐付いたパスワードbrokerが使わてしまうため、使いたいテーブルに紐付いたパスワードbrokerを作成する必要があります。
今回は、2種類目のユーザーを管理者に設定しているので、'admin'brokerを作ります。
事前準備としてadmin_password_resetsテーブルを管理者用に作っておきます。
これ以降は、実際にどのように変更を加えていくのかを書いていきます。
実践
大きく分けて変更点は3点。
1.providers以下に新たなproviderを追加
auth.php
'providers' => [
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
]
]
今回は、providers以下に管理者ユーザー用のadminsを新たに作成します。
ここで、providerについて少し説明を入れておきます。
config/auth.php内で定義されているproviderには、永続ストレージからどのようにユーザ情報を取得するかが定義されています。
LaravelはEloquentとデータベースクリエビルダを使用しユーザ情報を取得する機能が用意されていて、今回は、\Infra\Eloquent\Admin::classからユーザー情報を取得することにしました。
2.passwords以下に新たなpasswordを追加
auth.php
'passwords' => [
'admins' => [
'provider' => 'admins',
'table' => 'admin_password_resets',
'expire' => 60,
],
]
admin_password_resetsテーブルと紐付いた、adminsのパスワードbrokerを作りたいので、以上のように指定します。providerには、先程定義した'admins'providerを使用します。
2に関しては、以下のレファレンスで触れられています。
https://readouble.com/laravel/5.6/ja/passwords.html#password-customization
以上でconfig/auth.phpについての変更は終了したので、変更後のコードを記載しておきます。
変更後のコード(config/auth.php)
auth.php
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'service',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'service' => [
'driver' => 'session',
'provider' => 'users',
],
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'admins' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
]
]
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => 'user_password_resets',
'expire' => 60,
],
'admins' => [
'provider' => 'admins',
'table' => 'admin_password_resets',
'expire' => 60,
],
]
3.Controllerでオーバーライドしているbrokerの引数に指定値を渡します
今回の指定値はadmins。
上記で、adminsのパスワードbrokerが指定できたので、以下のように、各ResetPasswordController.phpとForgotPasswordController.phpのbrokerメソッドの引数として、adminsを渡してあげれば操作完了。
ForgotPasswordController.php
class ForgotPasswordController extends Controller
{
use SendsPasswordResetEmails;
public function broker()
{
return Password::broker('admins');
}
}
ResetPasswordController.php
class ResetPasswordController extends Controller
{
use ResetsPasswords;
public function broker()
{
return Password::broker('admins');
}
}