feat(auth): 實作後台單一設備登入,並套用 auth.session 中間件

This commit is contained in:
sky121113 2026-05-19 16:51:43 +08:00
parent 1aa5aed72e
commit 1ee57f3e88
2 changed files with 5 additions and 2 deletions

View File

@ -27,6 +27,9 @@ class AuthenticatedSessionController extends Controller
{
$request->authenticate();
// 剔除該帳號在其他設備上的所有 Session 連線
Auth::logoutOtherDevices($request->password);
$request->session()->regenerate();
return redirect()->intended(RouteServiceProvider::HOME);

View File

@ -30,9 +30,9 @@ Route::get('/t/{slug}', [App\Http\Controllers\Guest\PassCodeController::class, '
Route::get('/dashboard', function () {
return redirect()->route('admin.dashboard');
})->middleware(['auth', 'verified'])->name('dashboard');
})->middleware(['auth', 'auth.session', 'verified'])->name('dashboard');
Route::middleware(['auth', 'verified', 'tenant.access'])->prefix('admin')->name('admin.')->group(function () {
Route::middleware(['auth', 'auth.session', 'verified', 'tenant.access'])->prefix('admin')->name('admin.')->group(function () {
// 1. 儀表板
Route::get('/dashboard', [App\Http\Controllers\Admin\DashboardController::class, 'index'])->name('dashboard');