public function facebook(Request $request)
{
$accessTokenUrl = 'https://graph.facebook.com/v2.5/oauth/access_token';
$graphApiUrl = 'https://graph.facebook.com/v2.5/me';
$params = ['code' => $request->input('code'), 'client_id' => $request->input('clientId'), 'redirect_uri' => $request->input('redirectUri'), 'client_secret' => '76cd1014c10586c33f3e13f03929a221'];
$client = new \GuzzleHttp\Client();
// Step 1. Exchange authorization code for access token.
$accessToken = json_decode($client->get($accessTokenUrl, ['query' => $params])->getBody(), true);
// Step 2. Retrieve profile information about the current user.
$profile = json_decode($client->get($graphApiUrl, ['query' => $accessToken])->getBody(), true);
// Step 3a. If user is already signed in then link accounts.
if ($request->header('Authorization')) {
$user = User::where('facebook', '=', $profile['id']);
if ($user->first()) {
return response()->json(['message' => 'There is already a Facebook account that belongs to you'], 409);
}
$token = explode(' ', $request->header('Authorization'))[1];
$payload = (array) JWT::decode($token, Config::get('jwt.secret'), array('HS256'));
$user = User::find($payload['sub']);
$user->facebook = $profile['id'];
$user->displayName = $user->displayName ?: $profile['name'];
$user->save();
return response()->json(['token' => $this->createToken($user)]);
} else {
$user = User::where('facebook', '=', $profile['id']);
if ($user->first()) {
return response()->json(['token' => $this->createToken($user->first())]);
}
$user = new User();
$user->facebook = $profile['id'];
$user->displayName = $profile['name'];
$user->save();
return response()->json(['token' => $this->createToken($user)]);
}
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$jwt = $request->header('x-auth-jwt');
$key = 'fad';
//env('JWT_KEY');
$decoded = JWT::decode($jwt, $key, array('HS256'));
/*
/*
NOTE: This will now be an object instead of an associative array. To get
an associative array, you will need to cast it as such:
*/
//$decoded_array = (array) $jwt;
/**
* You can add a leeway to account for when there is a clock skew times between
* the signing and verifying servers. It is recommended that this leeway should
* not be bigger than a few minutes.
*
* Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef
*/
//JWT::$leeway = 60; // $leeway in seconds
//$decoded = JWT::decode($jwt, $key, array('HS256'));
return $next($request);
//$res = $next($request);
//echo "after http request!";
//return $res;
}
/**
* Check the request headers.
*
* @param Illuminate\Http\Request $request
* @return void
*/
protected function checkRequest(Request $request)
{
$this->checkAcceptHeader($request->header('accept'));
if (!in_array($request->method(), ['GET', 'OPTIONS'])) {
$this->checkContentTypeHeader($request->header('content-type'));
}
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$access_token = $request->header('access_token');
$refresh_token = $request->header('refresh_token');
if ($access_token == null && $refresh_token == null) {
return response('No Token', 400);
} else {
$verifyAccess = UserTokenModel::find($access_token);
$verifyRefresh = UserRefreshTokenModel::find($refresh_token);
$current_time = time();
// echo(strtotime($verifyAccess->expires)-$current_time .'<br>');
// echo($current_time);
// echo(((strtotime($verifyAccess->expires)-$current_time)<3600)."<br>");
// echo((strtotime($verifyRefresh->expires)-$current_time));
if (count($verifyAccess) > 0) {
if (strtotime($verifyAccess->expires) > $current_time) {
return $next($request);
} else {
return response()->json(['message' => 'Token expired'], 403);
}
} else {
return response()->json(['message' => 'Invalid token'], 403);
}
}
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$token = $request->header('access-token');
$token = isset($token) ? $request->header('access-token') : $request->get('api_token');
if (!$token) {
return response('Unauthorized.', 403);
}
$key = getenv('APP_KEY');
$signer = new Sha256();
$data = new ValidationData();
// It will use the current time to validate (iat, nbf and exp)
$data->setIssuer($request->server('REMOTE_ADDR'));
$data->setAudience($request->server('HTTP_HOST'));
try {
$token = (new Parser())->parse((string) $token);
if (!$token->validate($data)) {
return response('Unauthorized data', 401);
}
if (!$token->verify($signer, $key)) {
return response('Unauthorized sign', 401);
}
putenv("USER=" . $token->getClaim('uid'));
return $next($request);
} catch (\Exception $e) {
return response('Unauthorized: ' . $e->getMessage(), 403);
}
}
public function __construct(Request $request)
{
if (!$request->header('App-token')) {
exit;
}
$this->user_id = TokenService::tokenDecrypt($request->header('App-token'));
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->agent->isRobot() || $request->header('user-agent') == '' || !$request->header('user-agent')) {
return redirect($_SERVER['HTTP_REFERER']);
}
return $next($request);
}
/**
* Get OTP Session Token.
*
* @return string|exception
*/
protected function getToken()
{
if (!$this->request->hasHeader('X-OTP-SESSION-TOKEN')) {
throw new InvalidTwoFactorSessionToken();
}
return $this->request->header('X-OTP-SESSION-TOKEN');
}
public function saveFranchise(Request $request)
{
/* $validator = Validator::make($request->all(), [
'jenis' => 'required|integer',
'namausaha' => 'required|unique:franchises',
'telepon' => 'required',
'alamat' => 'required|max:50'
]);
if ($validator->fails()) {
$message = $validator->errors();
return $this->httpUnprocessableEntity($message);
}
$jenis = $request->input('jenis');
$namausaha = $request->input('namausaha');
$telepon = $request->input('telepon');
$alamat = $request->input('alamat');
$image = $request->input('logo');
*/
$validator = Validator::make($request->all(), ['logo' => 'image|mimes:jpg,jpeg,png|max:2000']);
if ($validator->fails()) {
$message = $validator->errors();
return $this->httpUnprocessableEntity($message);
}
$jenis = $request->header('jenis');
$namausaha = $request->header('namausaha');
$telepon = $request->header('telepon');
$alamat = $request->header('alamat');
$image = $request->file('logo');
$cek = Jenis::where('id', $jenis)->first();
if (empty($cek)) {
return $this->httpUnprocessableEntity('Id jenis tidak valid');
}
$db = new Franchise();
$db->jenis = $jenis;
$db->namausaha = $namausaha;
$db->franchisor_id = $this->userID($request);
$franchisor = new Franchisor();
$franchisor->where('id', $this->userID($request))->update(['alamat' => $alamat, 'telepon' => $telepon]);
if ($image) {
//$image ='data:image/jpeg;base64,' .base64_encode($image);
/*header("Content-type: image/jpeg");
$image = Image::make($image);
$image = $image->response('jpg', 70);*/
$salt = hash('sha256', time() . mt_rand());
$link = substr($salt, 0, 40) . ".png";
$resizedImage = $this->resize($image, 500, 500, $link);
if (!$resizedImage) {
return response()->json(['status' => false, 'msg' => 'gagal'], 204);
}
$db->logo = $link;
$db->logo_url = url('api/logo/' . $link);
}
$db->logo = "avatar.png";
$db->logo_url = url('api/logo/avatar.png');
if ($db->save()) {
return $this->httpCreate();
}
return $this->httpServerError();
}
/**
* Determine if the session and input CSRF tokens match.
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
protected function tokensMatch($request)
{
$token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN');
if (!$token && ($header = $request->header('X-XSRF-TOKEN'))) {
$token = $this->encrypter->decrypt($header);
}
return Str::equals($request->session()->token(), $token);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($this->user->authenticateApiV1($request->header('Authorization')) !== false) {
$this->auth->loginUsingId($this->user->authenticateApiV1($request->header('Authorization')));
} else {
return response('Invalid API token.', 401);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!empty($request->header('credential'))) {
if (Credential::where('key', $request->header('credential'))->count() != 0) {
return $next($request);
}
}
$this->response->error('Not Valid Api Credential', 500);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$cookieLang = Cookie::get('i18next');
if ($cookieLang) {
App::setLocale($cookieLang);
} elseif ($request->header('Accept-Language')) {
App::setLocale($request->header('Accept-Language'));
}
return $next($request);
}
public function validateRequest(Request $request)
{
if ($request->header('Accept') != JsonApi::MIME_TYPE) {
throw new \RuntimeException('Invalid Accept header.');
}
if (!empty($request->getContent()) && $request->header('Content-Type') != JsonApi::MIME_TYPE) {
throw new \RuntimeException('Invalid Content-Type header.');
}
return true;
}
/**
* Create a new controller instance.
*
* @return void
*/
public function create(Request $request)
{
$message['to'] = $request->input('to');
$message['from'] = $request->input('from');
$message['body'] = $request->input('body');
$message['accountSid'] = $request->header('X-TWILIO-ACCOUNT-SID');
$message['authToken'] = $request->header('X-TWILIO-AUTH-TOKEN');
$client = new \Services_Twilio($message['accountSid'], $message['authToken']);
$client->account->messages->create(['To' => $message['to'], 'From' => $message['from'], 'Body' => $message['body']]);
exit;
}
public function summary(Request $request, $regionId)
{
$region = Region::find($regionId);
$user = false;
$token = $request->header('Authorization');
if ($token) {
if (isset($token[1])) {
$token = explode(' ', $request->header('Authorization'))[1];
$payload = (array) JWT::decode($token, Config::get('app.token_secret'), array('HS256'));
$user = User::find($payload['sub']);
}
}
$participants = new Collection();
$past_competitions = new Collection();
$next_competitions = new Collection();
$next_competition = array();
$competitions = array();
if ($regionId == 1) {
$competitions = Competition::all();
$videos = DB::table('medias')->where('region_id', '<>', $region->id)->get();
$region->competitions = $competitions;
} else {
$competitions = $region->competitions;
$videos = DB::table('medias')->where('region_id', '=', $region->id)->get();
}
$competitions->each(function ($competition) use($past_competitions, $next_competitions, $participants, $user) {
$competition->users->each(function ($participant) use($participants, $competition, $user) {
if ($user && $user->id == $participant->id) {
$competition->already_participating = true;
}
$participant->medias;
$participant->competitions;
$participants->push($participant);
});
$competition->location;
$competition->videos;
if (Carbon::now()->gte($competition->event_date)) {
$competition->past = true;
$past_competitions->push($competition);
} else {
$competition->past = false;
$next_competitions->push($competition);
}
});
$region->next_competition = $next_competitions->first();
$region->next_competitions = $next_competitions;
$region->past_competitions = $past_competitions;
$region->videos = $videos;
$region->videos_count = count($videos);
$region->competitions_count = count($competitions);
$region->participants = $participants->unique();
$region->participants_count = count($region->participants);
return $region;
}
/**
* Render an exception into an HTTP response.
*
* @param \Illuminate\Http\Request $request
* @param \Exception $e
* @return \Illuminate\Http\Response
*/
public function render($request, Exception $e)
{
if ($e instanceof HttpException) {
$response = $e->response();
if ($request->header('Origin')) {
Cors::attachHeaders($response);
$response->headers->set('Access-Control-Allow-Origin', $request->header('Origin'));
}
return $response;
}
return parent::render($request, $e);
}
/**
* Handles a webhook.
*
* @param \Illuminate\Http\Request $request
*
* @return void
*/
public function handle(Request $request)
{
$signature = $request->header('X-Hub-Signature');
if ($signature !== ($realSignature = 'sha1=' . hash_hmac('sha1', $request->getContent(), env('WEBHOOK_SECRET')))) {
throw new NotFoundHttpException();
}
$handler = array_get(static::$handlers, $request->header('X-Github-Event'));
if (!$handler) {
throw new NotFoundHttpException();
}
return app()->call([$this, $handler]);
}
public function goToNewUrl(Request $request, $code)
{
$url = Rule::where('short_url', $code)->first();
if (!$url) {
$view = view('errors.404');
return response($view, 404);
}
$user_agent = parse_user_agent($request->header('user-agent'));
$rdr = ['ip_address' => $request->getClientIp(), 'referer' => $request->header('referer'), 'browser' => $user_agent['browser'], 'platform' => $user_agent['platform'], 'country' => $request->header('CF-IPCountry'), 'browser_version' => $user_agent['version']];
Visit::create($rdr);
return redirect()->to($url->long_url);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($request->header('Authorization')) {
$token = explode(' ', $request->header('Authorization'))[1];
$payload = (array) JWT::decode($token, Config::get('app.token_secret'), array('HS256'));
if ($payload['exp'] < time()) {
return response()->json(['message' => 'Token has expired']);
}
$request['user'] = $payload;
return $next($request);
} else {
return response()->json(['message' => 'Please make sure your request has an Authorization header'], 401);
}
}
/**
* Determine if the session and input CSRF tokens match.
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
protected function tokensMatch($request)
{
// Get tokens from session and the request
$sessionToken = $request->session()->token();
$token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN');
if (!$token && ($header = $request->header('X-XSRF-TOKEN'))) {
$token = $this->encrypter->decrypt($header);
}
if (!is_string($sessionToken) || !is_string($token)) {
return false;
}
// Validate them
return hash_equals((string) $request->session()->token(), (string) $token);
}
/**
*
* @param Request $request
* @return mixed
*/
public function getFilterReport(Request $request)
{
$timeEntryObj = new TimeEntry();
$timeEntryQuery = $timeEntryObj->getTimerTrackerReport();
$totalTime = 0;
$totalCount = 0;
//used select field here as we are using same query to get count and time sum
//set select fields for listing
$select = ['te.created_at as created_at', 'te.desc as description', 'te.time as time', 'u.name as username', 'p.name as projectName', 'c.name as clientName', DB::raw("GROUP_CONCAT(t.name) as tags"), DB::raw("DATE(te.created_at) as createdDate")];
//set filters on query
$filters = $request->input('filters');
if ($request->has('xls')) {
$filters = (array) json_decode($filters);
}
if (isset($filters['desc']) && $filters['desc'] != "") {
$timeEntryQuery->where('te.desc', $filters['desc']);
}
if (isset($filters['users']) && !empty($filters['users'])) {
$timeEntryQuery->whereIn('u.id', $filters['users']);
}
if (isset($filters['clients']) && !empty($filters['clients'])) {
$timeEntryQuery->whereIn('c.id', $filters['clients']);
}
if (isset($filters['projects']) && !empty($filters['projects'])) {
$timeEntryQuery->whereIn('p.id', $filters['projects']);
}
if (isset($filters['startDate']) && $filters['startDate'] != "") {
$timeEntryQuery->whereDate('te.created_at', '>=', date('Y-m-d', strtotime($filters['startDate'])));
}
if (isset($filters['endDate']) && $filters['endDate'] != "") {
$timeEntryQuery->whereDate('te.created_at', '<=', date('Y-m-d', strtotime($filters['endDate'])));
}
if ($request->input('xls')) {
$timeEntryQuery->select($select);
$this->getFilteredReport($timeEntryQuery->get());
}
//get total count and time sum
$aggregateResult = \DB::table(\DB::raw(' ( ' . $timeEntryQuery->select('time')->toSql() . ' ) AS counted '))->selectRaw('count(*) AS totalCount, sum(time) as totalTime')->mergeBindings($timeEntryQuery)->first();
if ($aggregateResult) {
$totalCount = $aggregateResult->totalCount;
$totalTime = $aggregateResult->totalTime;
}
$timeEntryQuery->select($select);
//pagination limit
$range = explode('-', $request->header('range'));
$timeEntryQuery->skip($range[0]);
$limit = 0 == $range[0] ? $range[1] : $range[1] - $range[0];
$timeEntryQuery->limit($limit);
return response(['data' => $timeEntryQuery->get(), 'totalTime' => $totalTime])->header('Content-Range', "{$request->header('range')}/{$totalCount}");
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
/*
* Cookie::get('i18next'); - don't work because EncryptCookies executes
* later and it's no seems a way to change a middleware order
*/
if (array_key_exists('i18next', $_COOKIE)) {
$lang = substr($_COOKIE['i18next'], 0, 2);
App::setLocale($lang);
} elseif ($request->header('Accept-Language')) {
App::setLocale($request->header('Accept-Language'));
}
return $next($request);
}
/**
* Get the request formatted as meta data.
*
* @return array
*/
public function getMetaData()
{
$data = [];
$data['url'] = $this->request->fullUrl();
$data['httpMethod'] = $this->request->getMethod();
$data['params'] = $this->request->input();
$data['clientIp'] = $this->request->getClientIp();
if ($agent = $this->request->header('User-Agent')) {
$data['userAgent'] = $agent;
}
if ($headers = $this->request->headers->all()) {
$data['headers'] = $headers;
}
return ['request' => $data];
}
/**
* UserAgent constructor.
*
* @author Morten Rugaard <*****@*****.**>
*
* @param \Illuminate\Http\Request $request
*/
public function __construct(Request $request)
{
if ($request->method() == 'OPTIONS') {
return;
}
// Retrieve user agent from request header
// X-User-Agent is supported since some browsers / platforms override User-Agent header
$this->userAgent = $userAgent = $request->header('X-User-Agent') ?: $request->header('User-Agent');
// Set nodes meta
if ($request->header(self::NODES_META_HEADER)) {
$this->meta = new NodesMeta($request->header(self::NODES_META_HEADER));
}
// Parse received user agent
$this->parse($userAgent);
}
/**
* Determine if the session and input CSRF tokens match.
*
* @param \Illuminate\Http\Request $request
* @return bool
*/
protected function tokensMatch($request)
{
// If request is an ajax request, then check to see if token matches token provider in
// the header. This way, we can use CSRF protection in ajax requests also.
$token = $request->ajax() ? $request->header('X-CSRF-Token') : $request->input('_token');
return $request->session()->token() == $token;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
<<<<<<< HEAD
* @param string $type
=======
>>>>>>> e5c137f82b44a4fbd2d63c36abbfe0cec29ead52
*
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($tz = $request->header('Time-Zone')) {
app('config')->set('cachet.timezone', $tz);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($request->header('x-requested-with') !== 'my.com.derp.whatscarrier') {
throw new Exception("Error Processing Request", 404);
}
return $next($request);
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if ($request->header('origin') !== 'https://sandbox.pagseguro.uol.com.br' && $request->getMethod() !== 'POST') {
return response('Unauthorized.', 401);
}
return $next($request)->header('Access-Control-Allow-Origin', 'https://sandbox.pagseguro.uol.com.br')->header('Access-Control-Allow-Methods', 'POST');
}
/**
* Handles a standard form submit
*
* @return Response
*/
public function submit(Request $request)
{
// get referer
$referer = $request->header('referer');
// get the site
$siteId = $request->input('siteid');
$url = $referer;
$formId = $request->input('formid');
$timestamp = gmdate('D M d Y H:i:s O', time());
// get all fields
$all_fields = $request->all();
$fields = array();
// walk through form fields
foreach ($all_fields as $key => $value) {
if ($key != 'siteid' && $key != 'url' && $key != 'formid') {
// push field
array_push($fields, array('id' => $key, 'value' => $value));
}
}
// get name of
$name = 'New Submission';
if (sizeof($fields) > 0) {
$name = $fields[0]['value'];
}
$arr = array('id' => Utilities::getGUID(), 'name' => $name, 'url' => $url, 'formId' => $formId, 'date' => $timestamp, 'fields' => $fields);
// create a submission from the json file
$submission = new Submission($arr);
// save the submission
$submission->save($siteId);
return redirect($referer . '#success');
}
