public function handle($request, \Closure $next, $return_user = false) { if (Session::has('uid')) { $user = app('users')->get(session('uid')); if (session('token') != $user->getToken()) { return redirect('auth/login')->with('msg', trans('auth.check.token')); } if ($user->getPermission() == "-1") { delete_sessions(); delete_cookies(); throw new PrettyPageException(trans('auth.check.banned'), 5); } // ask for filling email if ($user->email == "") { if (isset($request->email)) { if (filter_var($request->email, FILTER_VALIDATE_EMAIL)) { if (User::where('email', $request->email)->get()->isEmpty()) { $user->setEmail($request->email); // refresh token Session::put('token', $user->getToken(true)); Cookie::queue('token', $user->getToken(), 60); return $next($request); } else { echo View::make('auth.bind')->with('msg', trans('auth.validation.email')); } } else { echo View::make('auth.bind')->with('msg', trans('auth.bind.registered')); } exit; } View::show('auth.bind'); exit; } event(new UserAuthenticated($user)); if ($return_user) { return $user; } return $next($request); } else { return redirect('auth/login')->with('msg', trans('auth.check.anonymous')); } return $next($request); }
public function handle($request, \Closure $next) { // load session from cookie if ($request->cookie('uid') && $request->cookie('token')) { Session::put('uid', $request->cookie('uid')); Session::put('token', $request->cookie('token')); } if (Session::has('uid')) { $user = User::find(session('uid')); if ($user && $user->getToken() == session('token')) { // push user instance to repository app('users')->set($user->uid, $user); } else { // remove sessions & cookies delete_sessions(); delete_cookies(); } } return $next($request); }
} // セッションを更新 if ($flag === true) { $resource = update_sessions(array('set' => array('id' => $session, 'user_id' => $_SESSION['auth']['user']['id'], 'agent' => $_SERVER['HTTP_USER_AGENT'], 'keep' => $keep, 'twostep' => $twostep, 'expire' => localdate('Y-m-d H:i:s', time() + $GLOBALS['config']['cookie_expire'])), 'where' => array('id = :id', array('id' => $_COOKIE['auth']['session'])))); if (!$resource) { error('データを編集できません。'); } } else { $resource = insert_sessions(array('values' => array('id' => $session, 'user_id' => $_SESSION['auth']['user']['id'], 'agent' => $_SERVER['HTTP_USER_AGENT'], 'keep' => $keep, 'twostep' => $twostep, 'expire' => localdate('Y-m-d H:i:s', time() + $GLOBALS['config']['cookie_expire'])))); if (!$resource) { error('データを登録できません。'); } } cookie_set('auth[session]', $session, localdate() + $GLOBALS['config']['cookie_expire']); // 古いセッションを削除 $resource = delete_sessions(array('where' => array('expire < :expire', array('expire' => localdate('Y-m-d H:i:s'))))); if (!$resource) { error('データを削除できません。'); } // トランザクションを終了 db_commit(); } } } else { $_view['user'] = array('username' => '', 'password' => '', 'session' => null); } // ログイン確認 if (!empty($_SESSION['auth']['user']['id'])) { if ($_REQUEST['_work'] === 'index') { if (isset($_GET['referer']) && regexp_match('^\\/', $_GET['referer'])) { $url = $_GET['referer'];