public function handle($request, \Closure $next, $return_user = false)
{
if (Session::has('uid')) {
$user = app('users')->get(session('uid'));
if (session('token') != $user->getToken()) {
return redirect('auth/login')->with('msg', trans('auth.check.token'));
}
if ($user->getPermission() == "-1") {
delete_sessions();
delete_cookies();
throw new PrettyPageException(trans('auth.check.banned'), 5);
}
// ask for filling email
if ($user->email == "") {
if (isset($request->email)) {
if (filter_var($request->email, FILTER_VALIDATE_EMAIL)) {
if (User::where('email', $request->email)->get()->isEmpty()) {
$user->setEmail($request->email);
// refresh token
Session::put('token', $user->getToken(true));
Cookie::queue('token', $user->getToken(), 60);
return $next($request);
} else {
echo View::make('auth.bind')->with('msg', trans('auth.validation.email'));
}
} else {
echo View::make('auth.bind')->with('msg', trans('auth.bind.registered'));
}
exit;
}
View::show('auth.bind');
exit;
}
event(new UserAuthenticated($user));
if ($return_user) {
return $user;
}
return $next($request);
} else {
return redirect('auth/login')->with('msg', trans('auth.check.anonymous'));
}
return $next($request);
}
public function handle($request, \Closure $next)
{
// load session from cookie
if ($request->cookie('uid') && $request->cookie('token')) {
Session::put('uid', $request->cookie('uid'));
Session::put('token', $request->cookie('token'));
}
if (Session::has('uid')) {
$user = User::find(session('uid'));
if ($user && $user->getToken() == session('token')) {
// push user instance to repository
app('users')->set($user->uid, $user);
} else {
// remove sessions & cookies
delete_sessions();
delete_cookies();
}
}
return $next($request);
}
}
// セッションを更新
if ($flag === true) {
$resource = update_sessions(array('set' => array('id' => $session, 'user_id' => $_SESSION['auth']['user']['id'], 'agent' => $_SERVER['HTTP_USER_AGENT'], 'keep' => $keep, 'twostep' => $twostep, 'expire' => localdate('Y-m-d H:i:s', time() + $GLOBALS['config']['cookie_expire'])), 'where' => array('id = :id', array('id' => $_COOKIE['auth']['session']))));
if (!$resource) {
error('データを編集できません。');
}
} else {
$resource = insert_sessions(array('values' => array('id' => $session, 'user_id' => $_SESSION['auth']['user']['id'], 'agent' => $_SERVER['HTTP_USER_AGENT'], 'keep' => $keep, 'twostep' => $twostep, 'expire' => localdate('Y-m-d H:i:s', time() + $GLOBALS['config']['cookie_expire']))));
if (!$resource) {
error('データを登録できません。');
}
}
cookie_set('auth[session]', $session, localdate() + $GLOBALS['config']['cookie_expire']);
// 古いセッションを削除
$resource = delete_sessions(array('where' => array('expire < :expire', array('expire' => localdate('Y-m-d H:i:s')))));
if (!$resource) {
error('データを削除できません。');
}
// トランザクションを終了
db_commit();
}
}
} else {
$_view['user'] = array('username' => '', 'password' => '', 'session' => null);
}
// ログイン確認
if (!empty($_SESSION['auth']['user']['id'])) {
if ($_REQUEST['_work'] === 'index') {
if (isset($_GET['referer']) && regexp_match('^\\/', $_GET['referer'])) {
$url = $_GET['referer'];
