protected function auth()
{
if (Auth::onceBasic("username")) {
return Auth::user()->isDev();
}
return false;
}
protected function download(Path $path)
{
// check basic auth headers as well, so if specified,
// client doesn't have to go through the login and cookie dance.
Auth::onceBasic("username");
// check we're logged in
if (!Auth::check()) {
Session::flash('redirect', URL::current());
return Redirect::route('login');
}
// record the download in the db
$record = $path->loadCreateRecord($path);
$record->downloaded_at = $record->freshTimestamp();
$record->increment('downloads');
$record->save();
$isMisc = strpos($path->getRelative(), '/Misc/') === 0;
if ($isMisc || $path->isSafeExtension()) {
// check if the extension is safe to download
$file = new AsciiSafeDownloadFile($path->getPathname());
// see comments in AsciiSafeDownloadFile class
$baseName = $path->getBasename();
$baseName = str_replace('%', '', $baseName);
try {
return Response::download($file, $baseName);
} catch (InvalidArgumentException $e) {
App::abort(500, 'This file has a malformed filename. Please contact an admin.');
}
} else {
App::abort(403, sprintf('File type "%s" not allowed', $path->getExtension()));
}
}
public function authcheck()
{
Auth::onceBasic('username');
if (Auth::check()) {
return Response::make('', 204);
} else {
return Response::make('', 401, array('WWW-Authenticate' => 'Basic'));
}
}
// Filtro de clase administrador
Route::filter('admin', function () {
if (!Auth::user()->admin) {
Session::flash('message', "No tiene Permisos para acceder a esta opción, si piensa que es un error por favor contacte con su administrador");
return Redirect::to('/');
}
});
// Filtro de las Api
Route::filter('api', function () {
header('Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Key, Auth-Token');
if (Request::method() != "OPTIONS") {
if (Request::header("Auth-Token", null) != null) {
$user = User::find(Crypt::decrypt(Request::header("Auth-Token")));
Auth::setUser($user);
} else {
return Auth::onceBasic('email');
}
}
});
Route::filter('ajax', function () {
if (!Request::ajax()) {
return Response::make('Unauthorized', 401);
}
});
// amarrando el filtro a todas las direcciones admin
Route::when('admin', 'auth|admin');
Route::when('admin/*', 'auth|admin');
//Mismo caso para API
Route::when('api/*', 'api');
App::abort(400, "Invalid token");
}
*/
if (Auth::guest()) {
if (Request::ajax()) {
return Response::make('Unauthorized', 401);
} else {
return Redirect::guest('login');
}
}
});
Route::filter('auth.basic', function () {
return Auth::basic('username');
});
Route::filter('basic.once', function () {
return Auth::onceBasic();
});
/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/
Route::filter('guest', function () {
if (Auth::check()) {
return Redirect::to('/');
}
Auth::logout();
Session::flush();
header("HTTP/1.1 404 Page Not Found", true, 404);
exit("You cannot do this.");
}
}
});
Route::filter('force.ssl', function () {
if (route('home') != 'http://demo.noshchartingsystem.com:444/nosh' && route('home') != 'http://192.168.1.163/nosh' && route('home') != 'http://localhost/nosh' && route('home') != 'http://162.243.111.18/nosh' && route('home') != 'http://uma.noshchartingsystem.com/nosh') {
if (!Request::secure()) {
return Redirect::secure(Request::path());
}
}
});
Route::filter('auth.basic', function () {
return Auth::onceBasic('username');
});
Route::filter('auth.token', function () {
$payload = Request::header('Authorization');
$open_id_url = str_replace('/nosh', '/uma-server-webapp/', URL::to('/'));
$practice = DB::table('practiceinfo')->where('practice_id', '=', '1')->first();
$client_id = $practice->uma_client_id;
$client_secret = $practice->uma_client_secret;
if ($payload) {
// RPT, Perform Token Introspection
$rpt = str_replace('Bearer ', '', $payload);
$oidc = new OpenIDConnectClient($open_id_url, $client_id, $client_secret);
$oidc->refresh($practice->uma_refresh_token, true);
$result_rpt = $oidc->introspect($rpt);
if ($result_rpt['active'] == false) {
// Inactive RPT, Request Permission Ticket
<?php
Route::filter('token', function () {
$token = AccessToken::where('token', Input::get('token'))->first();
if (!$token) {
return Response::json(array('status' => 'Unauthorized'));
}
});
Route::filter('auth', function () {
if (Auth::onceBasic()) {
return Response::json(['error' => ['message' => 'Invalid credentials', 'status_code' => 401]], 401);
}
});
Route::filter('bearer', function () {
$header = Request::header('Authorization');
if (!$header) {
return Response::json(['error' => ['message' => 'Unauthorized', 'status_code' => 401]], 401);
}
$token = explode(' ', $header)[1];
if ($token) {
$device = Device::where('auth_token', $token)->orderBy('id', 'desc')->first();
if (!is_null($device)) {
try {
Auth::onceUsingId($device->user_id);
} catch (Exception $e) {
return Response::json(['error' => ['message' => $e->getMessage(), 'status_code' => 500]], 500);
}
} else {
return Response::json(['error' => ['message' => 'Invalid token', 'status_code' => 401]], 401);
}
} else {
| The following filters are used to verify that the user of the current
| session is logged into this application. The "basic" filter easily
| integrates HTTP Basic authentication for quick, simple checking.
|
*/
Route::filter('auth', function () {
if (Auth::guest()) {
if (Request::ajax()) {
return Response::make('Unauthorized', 401);
} else {
return Redirect::guest('login');
}
}
});
Route::filter('auth.basic', function () {
return Auth::onceBasic("username");
});
/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/
Route::filter('guest', function () {
if (Auth::check()) {
return Redirect::to('/');
}
/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/
Route::filter('csrf', function () {
if (Session::token() !== Input::get('_token')) {
throw new Illuminate\Session\TokenMismatchException();
}
});
/*
|--------------------------------------------------------------------------
| API Filter
|--------------------------------------------------------------------------
|
| For RESTful API
|
*/
Route::filter('auth.api', function () {
$message = '無效的憑證。';
$headers = ['WWW-Authenticate' => 'Basic'];
$response = Auth::onceBasic('email');
if (!is_null($response)) {
return Response::json($message, 401, $headers);
}
});
