/**
  * Create an activity log entry.
  *
  * @param  mixed
  * @return boolean
  */
 public static function log($data = array())
 {
     if (is_object($data)) {
         $data = (array) $data;
     }
     if (is_string($data)) {
         $data = array('action' => $data);
     }
     $user = Auth::user();
     $activity = new static();
     $activity->user_id = isset($user->id) ? $user->id : 0;
     $activity->content_id = isset($data['contentID']) ? $data['contentID'] : 0;
     $activity->content_type = isset($data['contentType']) ? $data['contentType'] : "";
     $activity->action = isset($data['action']) ? $data['action'] : "";
     $activity->description = isset($data['description']) ? $data['description'] : "";
     $activity->details = isset($data['details']) ? $data['details'] : "";
     //set action and allow "updated" boolean to replace activity text "Added" or "Created" with "Updated"
     if (isset($data['updated'])) {
         if ($data['updated']) {
             $activity->description = str_replace('Added', 'Updated', str_replace('Created', 'Updated', $activity->description));
             $activity->action = "Updated";
         } else {
             $activity->action = "Created";
         }
     }
     if (isset($data['deleted']) && $data['deleted']) {
         $activity->action = "Deleted";
     }
     //set developer flag
     $activity->developer = !is_null(Session::get('developer')) ? true : false;
     $activity->ip_address = Request::getClientIp();
     $activity->user_agent = $_SERVER['HTTP_USER_AGENT'];
     $activity->save();
     return true;
 }
Beispiel #2
0
 /**
  * Write a logout history item for this user
  *
  * @param \Illuminate\Auth\Events\Logout $event
  */
 public static function handle(LogoutEvent $event)
 {
     $event->user->login_history()->save(new UserLoginHistory(['source' => Request::getClientIp(), 'user_agent' => Request::header('User-Agent'), 'action' => 'logout']));
     $message = 'User logged out from ' . Request::getClientIp();
     event('security.log', [$message, 'authentication']);
     return;
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     //saco el listado de ip's con acceso
     $secure = config('ws.secure');
     //compruebo si la ip de la consulta esta en la lista de acceso
     if (!in_array(Request::getClientIp(), $secure)) {
         //busqueda por Rangos de IP
         foreach ($secure as $a) {
             //limpio el caracter * para hacer las comparaciones por rango de ip
             $a = str_replace("*", "", $a);
             //compruebo si el rango es igual
             if ($a == substr(Request::getClientIp(), 0, strlen($a))) {
                 return $next($request);
             }
         }
         //si no estoy en la lista de ip compruebo si es ejecutada la consulta con el dominio
         if (!empty($_SERVER['HTTP_REFERER'])) {
             //si el dominio viene en la lista de seguros dejo pasar la consulta
             if (in_array(getdomain($_SERVER['HTTP_REFERER']), $secure)) {
                 return $next($request);
             }
         }
         //pinto error 500 (acceso denegado)
         return response("Acceso denegado " . Request::getClientIp(), 500);
     }
     return $next($request);
 }
Beispiel #4
0
 public function anyIndex()
 {
     $uid = Session::get('uid');
     $ip = Request::getClientIp();
     $callback = Request::input('callback');
     if ($_POST) {
         $username = Request::input('username');
         $password = Request::input('password');
         $captcha = Request::input('captcha');
         $uid = $this->authModel->verify_user($username, $password);
         if (!$uid) {
             $data['message'] = 'validation failed';
         } else {
             Session::put('uid', $uid);
             Session::save();
         }
     }
     if ($uid) {
         // todo :: 保护机制 防止循环跳转
         $ticket = $this->authModel->generate_ticket($uid, $ip, $callback);
         if (strpos($callback, '?')) {
             $callback .= '&ticket=' . $ticket;
         } else {
             $callback .= '?ticket=' . $ticket;
         }
         header("Location:" . $callback);
         exit;
     }
     $data['callback'] = $callback;
     return view('api.sso.index', $data);
 }
 /**
  * Register the service provider.
  *
  * @return void
  */
 public function register()
 {
     $this->app['router']->before(function ($request) {
         // First clear out all "old" visitors
         Visitor::clear();
         $page = Request::path();
         $ignore = Config::get('visitor-log::ignore');
         if (is_array($ignore) && in_array($page, $ignore)) {
             //We ignore this site
             return;
         }
         $visitor = Visitor::getCurrent();
         if (!$visitor) {
             //We need to add a new user
             $visitor = new Visitor();
             $visitor->ip = Request::getClientIp();
             $visitor->useragent = Request::server('HTTP_USER_AGENT');
             $visitor->sid = str_random(25);
         }
         $user = null;
         $usermodel = strtolower(Config::get('visitor-log::usermodel'));
         if (($usermodel == "auth" || $usermodel == "laravel") && Auth::check()) {
             $user = Auth::user()->id;
         }
         if ($usermodel == "sentry" && class_exists('Cartalyst\\Sentry\\SentryServiceProvider') && Sentry::check()) {
             $user = Sentry::getUser()->id;
         }
         //Save/Update the rest
         $visitor->user = $user;
         $visitor->page = $page;
         $visitor->save();
     });
 }
Beispiel #6
0
 /**
  * Update the last login values and write a new
  * login history item
  *
  * @param $user
  */
 public static function handle($user)
 {
     $user->last_login_source = Request::getClientIp();
     $user->last_login = new DateTime();
     $user->save();
     $user->login_history()->save(new UserLoginHistory(['source' => Request::getClientIp(), 'user_agent' => Request::header('User-Agent'), 'action' => 'login']));
     $message = 'User logged in from ' . Request::getClientIp();
     Event::fire('security.log', [$message, 'authentication']);
     return;
 }
Beispiel #7
0
 public static function add($data = array())
 {
     $user = Auth::user();
     $entry = new static();
     $entry->user_id = isset($user->id) ? $user->id : false;
     $entry->ip_address = Request::getClientIp();
     $entry->data = isset($data['data']) ? json_encode($data['data']) : null;
     foreach (array('group', 'type', 'action') as $field) {
         $entry->{$field} = isset($data[$field]) ? $data[$field] : null;
     }
     return (bool) $entry->save();
 }
 public function postAdminDelete()
 {
     session_start();
     Request::setTrustedProxies(array('192.0.0.1', '10.0.0.0/8'));
     if (isset($_SESSION["logged_in"]) && isset($_SESSION["logged_in_ip"]) && $_SESSION["logged_in_ip"] == Request::getClientIp()) {
         if (Request::has("id")) {
             $id = Request::input("id");
             DB::table("contestants")->where(array("id" => $id))->delete();
         }
     }
     return redirect()->action("AdminController@getAdminDelete");
 }
 public function handleProviderCallback($provider)
 {
     try {
         $user = Socialite::driver($provider)->user();
     } catch (Exception $e) {
         return redirect('auth/' . $provider);
     }
     $authUser = $this->findOrCreateUser($user);
     Auth::login($authUser, true);
     $user = Auth::user();
     $user->ip = RequestData::getClientIp();
     $user->save();
     return redirect('dashboard');
 }
 public function postLogin(Request $request)
 {
     $this->validate($request, ['email' => 'required|email', 'password' => 'required']);
     $credentials = $request->only('email', 'password');
     $ip_naslov = \Illuminate\Support\Facades\Request::getClientIp();
     // dobi ip naslov
     $ip_je_v_bazi = Ip_tabela::where('ip_naslov', $ip_naslov)->first();
     // poglej če je ip naslov že v bazi v tabeli ip_tabela
     if ($this->auth->attempt($credentials, $request->has('remember'))) {
         if ($ip_je_v_bazi == null) {
             // če ip naslova še ni v bazi, ga dodaj, nastavi števec napačnih poskusov na 0 in se vpiši
             $ip_tabela = new Ip_tabela();
             $ip_tabela->ip_naslov = $ip_naslov;
             $ip_tabela->stevec = 0;
             $ip_tabela->save();
             return redirect()->intended($this->redirectPath());
         } elseif ($ip_je_v_bazi->stevec < 3) {
             // če je ip naslov v bazi, števec napačnih poskusov pa je manjši od 3, resetiraj števec in se vpiši
             $ip_je_v_bazi->stevec = 0;
             $ip_je_v_bazi->save();
             return redirect()->intended($this->redirectPath());
         } elseif ($ip_je_v_bazi->stevec >= 3) {
             // če je ip naslov v bazi, števec napačnih poskusov pa je večji ali enak 3
             if ($ip_je_v_bazi->updated_at < new Carbon('-2 minutes')) {
                 // če sta minili več kot 2 minuti od zadnjega neveljavnega poskusa, resetiraj števec in se vpiši
                 $ip_je_v_bazi->stevec = 0;
                 $ip_je_v_bazi->save();
                 return redirect()->intended($this->redirectPath());
             } else {
                 // drugače izpiši opozorilo
                 $this->auth->logout();
                 return redirect($this->loginPath())->withInput($request->only('email', 'remember'))->withErrors(['Vpis z vašega IP naslova je blokiran za 2 minuti zaradi 3 neuspelih poskusov.']);
             }
         }
     }
     // če vnesemo napačno uporabniško ime ali geslo
     if ($ip_je_v_bazi == null) {
         // če ip naslova še ni v bazi, ga dodaj in nastavi števec napačnih poskusov na 1
         $ip_tabela = new Ip_tabela();
         $ip_tabela->ip_naslov = $ip_naslov;
         $ip_tabela->stevec = 1;
         $ip_tabela->save();
     } else {
         // če je ip naslov v bazi, povečaj števec napačnih poskusov
         $ip_je_v_bazi->stevec = $ip_je_v_bazi->stevec + 1;
         $ip_je_v_bazi->save();
     }
     return redirect($this->loginPath())->withInput($request->only('email', 'remember'))->withErrors(['Vnesli ste napačno uporabniško ime ali geslo.']);
 }
Beispiel #11
0
 /**
  * 统一返回格式
  * @param $msgcode
  * @param null $message
  * @param null $data
  * @return string
  */
 public static function encodeResult($msgcode, $message = NULL, $data = NULL)
 {
     if ($data == null) {
         $data = new \stdClass();
     }
     $log = new RestLog();
     $log->request = json_encode(Request::all());
     $log->request_route = Route::currentRouteName();
     $log->response = json_encode($data);
     $log->msgcode = $msgcode;
     $log->message = $message;
     $log->client_ip = Request::getClientIp();
     $log->client_useragent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : NULL;
     $log->save();
     $result = array("rest_id" => $log->id, 'msgcode' => $msgcode, 'message' => $message, 'data' => $data, 'version' => self::VERSION, 'servertime' => time());
     return \Response::json($result);
 }
Beispiel #12
0
 /**
  * 统一返回格式
  * @param $msgcode
  * @param null $message
  * @param null $data
  * @return string
  */
 protected function encodeResult($msgcode, $message = NULL, $data = NULL)
 {
     if ($data == null) {
         $data = new \stdClass();
     }
     $log = new RestLog();
     $log->request = json_encode(Request::except('file'));
     $log->request_route = Route::currentRouteName();
     $log->response = json_encode($data);
     $log->msgcode = $msgcode;
     $log->message = $message;
     $log->client_ip = Request::getClientIp();
     $log->client_useragent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : NULL;
     if (Auth::check()) {
         $log->user_id = Auth::user()->user_id;
     }
     $log->save();
     $result = array("rest_id" => $log->id, 'msgcode' => $msgcode, 'message' => $message, 'date' => $data, 'version' => '1.0', 'servertime' => time());
     return \Response::json($result);
 }
 /**
  * Store a newly created resource in storage.
  *
  * @param  \Illuminate\Http\Request  $request
  * @return \Illuminate\Http\Response
  */
 public function store(TermsAndConditionRequest $request)
 {
     $user_id = isset(Auth::user()->id) ? Auth::user()->id : 0;
     $ipaddress = Request::getClientIp();
     $input = $request->except("_token");
     if (isset($input['agree']) && $input['agree'] == "Agree") {
         $input['agree'] = '1';
         $input['user_id'] = $user_id;
         $input['ipaddress'] = $ipaddress;
         $this->repo->create($input);
         return Redirect::to("/");
     } elseif (isset($input['disagree']) && $input['disagree'] == "Disagree") {
         $input['agree'] = '0';
         $input['user_id'] = $user_id;
         $input['ipaddress'] = $ipaddress;
         unset($input['disagree']);
         $this->repo->create($input);
         return Redirect::to("/");
     }
     return Redirect::back()->with("unsuccess", "Woops Something is wrong..!");
 }
Beispiel #14
0
 /**
  * reCAPTCHA validation
  *
  * @param $recaptcha
  *
  * @return bool
  */
 public function validateReCapthca($recaptcha)
 {
     if (\Config::get('schauth::config.recaptcha.required.login') !== true) {
         return true;
     }
     if (empty($recaptcha)) {
         return false;
     }
     try {
         $recaptchaUrl = 'https://www.google.com/recaptcha/api/siteverify?secret=' . \Config::get('schauth::config.recaptcha.secretkey') . '&response=' . $recaptcha . '&remoteip=' . Request::getClientIp();
         $client = new GuzzleHttpClient();
         $response = $client->get($recaptchaUrl);
         $json = $response->json();
         if (empty($json['success'])) {
             return false;
         }
     } catch (\Exception $e) {
         return false;
     }
     return true;
 }
Beispiel #15
0
 /**
  * Create an activity log entry.
  *
  * @param  mixed    $data
  * @return boolean
  */
 public static function log($data = [])
 {
     if (is_object($data)) {
         $data = (array) $data;
     }
     if (is_string($data)) {
         $data = ['action' => $data];
     }
     $activity = new static();
     if (config('log.auto_set_user_id')) {
         $user = call_user_func(config('log.auth_method'));
         $activity->user_id = isset($user->id) ? $user->id : null;
     }
     if (isset($data['userId'])) {
         $activity->user_id = $data['userId'];
     }
     $activity->content_id = isset($data['contentId']) ? $data['contentId'] : null;
     $activity->content_type = isset($data['contentType']) ? $data['contentType'] : null;
     $activity->action = isset($data['action']) ? $data['action'] : null;
     $activity->description = isset($data['description']) ? $data['description'] : null;
     $activity->details = isset($data['details']) ? $data['details'] : null;
     //set action and allow "updated" boolean to replace activity text "Added" or "Created" with "Updated"
     if (isset($data['updated'])) {
         if ($data['updated']) {
             $activity->action = "Update";
             $activity->description = str_replace('Added', 'Updated', str_replace('Created', 'Updated', $activity->description));
         } else {
             $activity->action = "Create";
         }
     }
     if (isset($data['deleted']) && $data['deleted']) {
         $activity->action = "Delete";
     }
     //set developer flag
     $activity->developer = !is_null(Session::get('developer')) ? true : false;
     $activity->ip_address = Request::getClientIp();
     $activity->user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'No UserAgent';
     $activity->save();
     return true;
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     $apiKey = Request::input('api_key');
     if (!$apiKey) {
         $apiKey = $request->headers->get(Config::get('apiguard.keyName'));
     }
     if ($apiKey) {
         if ($user = $this->userService->getUserByApiKey($apiKey)) {
             if (empty($user->allowed_ip_range) || IpRangeChecker\Checker::isIpInRange(Request::getClientIp(), $user->allowed_ip_range)) {
                 $this->auth->setUser($user);
             }
         }
     }
     if ($this->auth->guest()) {
         if ($request->ajax()) {
             return response('Unauthorized.', 401);
         } else {
             return redirect()->guest('auth/login');
         }
     }
     return $next($request);
 }
 public static function log($track)
 {
     Tracker::create(['user_id' => Auth::user()->id, 'event' => $track, 'ip' => Request::getClientIp(), 'version' => $_SERVER['HTTP_USER_AGENT'], 'machine' => $_SERVER['HTTP_USER_AGENT']]);
 }
Beispiel #18
0
 /**
  * Insert new transaction to poolport_transactions table
  *
  * @return int last inserted id
  */
 protected function newTransaction()
 {
     $uid = $this->getTimeId();
     $this->transactionId = $this->getTable()->insert(['id' => $uid, 'port' => $this->getPortName(), 'price' => $this->amount, 'status' => Enum::TRANSACTION_INIT, 'ip' => Request::getClientIp(), 'created_at' => Carbon::now(), 'updated_at' => Carbon::now()]) ? $uid : null;
     return $this->transactionId;
 }
 /**
  * Handle the event.
  *
  * @param Events $event
  */
 public function handle(Administrators $user)
 {
     $user->authentificated_at = new \DateTime();
     $user->ip = Request::getClientIp();
     $user->save();
 }
Beispiel #20
0
 /**
  * Login Post
  */
 public function loginPost()
 {
     $save_old_session_id = \Session::getId();
     if (\Auth::attempt(array('email' => \Input::get('email'), 'password' => \Input::get('password'), 'banned' => 0, 'sites_id' => app('veer')->siteId))) {
         \Auth::user()->increment('logons_count');
         \Session::put('roles_id', \Auth::user()->roles_id);
         \Veer\Models\UserList::where('session_id', '=', $save_old_session_id)->update(array('users_id' => \Auth::id()));
         \Session::put('shopping_cart_items', $this->showUser->getUserLists(app('veer')->siteId, \Auth::id(), app('session')->getId()));
         if (administrator() == true) {
             \Veer\Models\UserAdmin::where('id', '=', app('veer')->administrator_credentials['id'])->update(array("sess_id" => \Session::getId(), "last_logon" => now(), "ips" => \Illuminate\Support\Facades\Request::getClientIp(), "logons_count" => app('veer')->administrator_credentials['logons_count'] + 1));
         }
         return \Redirect::intended();
     }
     return $this->login();
     // @todo withErrors()
 }