public function handle($request, \Closure $next, $return_user = false) { if (Session::has('uid')) { $user = app('users')->get(session('uid')); if (session('token') != $user->getToken()) { return redirect('auth/login')->with('msg', trans('auth.check.token')); } if ($user->getPermission() == "-1") { delete_sessions(); delete_cookies(); throw new PrettyPageException(trans('auth.check.banned'), 5); } // ask for filling email if ($user->email == "") { if (isset($request->email)) { if (filter_var($request->email, FILTER_VALIDATE_EMAIL)) { if (User::where('email', $request->email)->get()->isEmpty()) { $user->setEmail($request->email); // refresh token Session::put('token', $user->getToken(true)); Cookie::queue('token', $user->getToken(), 60); return $next($request); } else { echo View::make('auth.bind')->with('msg', trans('auth.validation.email')); } } else { echo View::make('auth.bind')->with('msg', trans('auth.bind.registered')); } exit; } View::show('auth.bind'); exit; } event(new UserAuthenticated($user)); if ($return_user) { return $user; } return $next($request); } else { return redirect('auth/login')->with('msg', trans('auth.check.anonymous')); } return $next($request); }
public function handle($request, \Closure $next) { // load session from cookie if ($request->cookie('uid') && $request->cookie('token')) { Session::put('uid', $request->cookie('uid')); Session::put('token', $request->cookie('token')); } if (Session::has('uid')) { $user = User::find(session('uid')); if ($user && $user->getToken() == session('token')) { // push user instance to repository app('users')->set($user->uid, $user); } else { // remove sessions & cookies delete_sessions(); delete_cookies(); } } return $next($request); }