public static function getOwner()
{
$token = Input::get('access_token');
$access_token = AccessToken::whereAccessToken($token)->first();
return $access_token->user_id;
}
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/
Route::filter('csrf', function () {
if (Session::token() != Input::get('_token')) {
throw new Illuminate\Session\TokenMismatchException();
}
});
Route::filter('admin', function () {
if (!Entrust::hasRole(Config::get('customConfig.roles.admin'))) {
return Redirect::to('/');
}
});
Route::filter('oauth', function () {
$token = Input::get('access_token');
if (isset($token)) {
$access_token = AccessToken::whereAccessToken($token)->first();
if (!$access_token) {
return Response::json(['error' => 'Unauthorized', 'status' => 401]);
}
$date = Carbon::parse($access_token->updated_at);
if ($date->diffInMinutes() >= $access_token->expire_time) {
return Response::json(['error' => 'Expire', 'status' => 400]);
}
} else {
return Response::json(['error' => 'Access Token Required', 'status' => 400]);
}
});
