|
*/
Route::filter('auth', function () {
if (Auth::guest()) {
if (Request::ajax()) {
return Response::make('Unauthorized', 401);
} else {
return Redirect::guest('login');
}
}
});
Route::filter('auth.basic', function () {
return Auth::basic();
});
Route::filter('userAuth', function () {
$res = AccessToken::where('user_id', '=', Request::header('id'))->where('token', '=', Request::header('accessToken'))->first();
if (!$res) {
return Response::json(['msg' => 'unauthorized']);
}
});
/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/
Route::filter('guest', function () {
/**
* Revokes all access tokens for a give refresh token
* @param $value refresh token value
* @param bool $is_hashed
* @return bool|void
*/
public function clearAccessTokensForRefreshToken($value, $is_hashed = false)
{
$hashed_value = !$is_hashed ? Hash::compute('sha256', $value) : $value;
$res = false;
$cache_service = $this->cache_service;
$this->tx_service->transaction(function () use($hashed_value, &$res, &$cache_service) {
$refresh_token_db = DBRefreshToken::where('value', '=', $hashed_value)->first();
if (!is_null($refresh_token_db)) {
$access_tokens_db = DBAccessToken::where('refresh_token_id', '=', $refresh_token_db->id)->get();
if (!count($access_tokens_db)) {
$res = true;
}
foreach ($access_tokens_db as $access_token_db) {
$res = $cache_service->delete($access_token_db->value);
$client = $access_token_db->client()->first();
$res = $cache_service->deleteMemberSet($client->client_id . TokenService::ClientAccessTokenPrefixList, $access_token_db->value);
$access_token_db->delete();
}
}
});
return $res;
}
<?php
Route::filter('token', function () {
$token = AccessToken::where('token', Input::get('token'))->first();
if (!$token) {
return Response::json(array('status' => 'Unauthorized'));
}
});
Route::filter('auth', function () {
if (Auth::onceBasic()) {
return Response::json(['error' => ['message' => 'Invalid credentials', 'status_code' => 401]], 401);
}
});
Route::filter('bearer', function () {
$header = Request::header('Authorization');
if (!$header) {
return Response::json(['error' => ['message' => 'Unauthorized', 'status_code' => 401]], 401);
}
$token = explode(' ', $header)[1];
if ($token) {
$device = Device::where('auth_token', $token)->orderBy('id', 'desc')->first();
if (!is_null($device)) {
try {
Auth::onceUsingId($device->user_id);
} catch (Exception $e) {
return Response::json(['error' => ['message' => $e->getMessage(), 'status_code' => 500]], 500);
}
} else {
return Response::json(['error' => ['message' => 'Invalid token', 'status_code' => 401]], 401);
}
} else {
