/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { //1. Check input if (!Input::has('password')) { \App::abort(404); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (\Input::get('apikey') != \Config::get('app.apikey')) { \App::abort(401, 'Ingreso no autorizado.'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next, $role) { if (!\Auth::user()->{$role}) { return \App::abort(401, 'You are not allowed to access this resource.'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$request->ajax()) { return App::abort(403, 'Ajax request needed.'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $apikey = $request->route('apikey'); if ($apikey !== \Config::get('app.apikey')) { return App::abort(403, 'Unauthorized action'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (Auth::check()) { return $next($request); } else { return App::abort(403); } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $u = \User::where("session_key", "=", \Input::get("session_key"))->where("session_expira", ">=", date("Y-m-d H:i:s"))->get(); if (count($u) == 0) { \App::abort(401, 'Ud no está autenticado.'); } \Auth::loginUsingId($u[0]->id); return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $instance = \App::make('MyService'); if ($instance->check_if_user_agent_is_forbidden()) { \App::abort(403, 'Access denied'); } else { return $next($request); } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param string|null $guard * @return mixed */ public function handle($request, Closure $next, $guard = null) { if (Auth::guard($guard)->guest() || !Auth::guard($guard)->user()->hasRole('admin')) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { return Auth::check() ? \App::abort(403) : redirect()->guest('login'); } } return $next($request); }
public function handle($request, Closure $next) { // Get the required roles from the route $roles = $this->getRequiredRoleForRoute($request->route()); // Role ตรงกับที่ล็อกอินมา if ($request->user()->hasRole($roles) || !$roles) { return $next($request); } // ไม่พบ Role //return view('admin.pages.permission_denie'); App::abort(404); }
/** * 送られてきたリクエストの処理 * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { //Get session info bag $bag = \Session::getMetadataBag(); //Get session lifetime config $lifetime_second = config('session.lifetime') * 60; //Compare session expired or not if ($bag && $lifetime_second < time() - $bag->getLastUsed()) { // Throw 403 error when session timeout \App::abort(403); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { //1. Check input if (!Input::has('password')) { return Redirect::route('auth.login'); } //2. Check password $APIMe = new APIMe(); $me = $APIMe->getShow(true); if ($me['status'] != 'success') { \App::abort(404); } $apiUrl = '/oauth/access_token'; $apiData = ['email' => $me['data']['email'], 'password' => Input::get('password'), 'grant_type' => 'password', 'client_id' => env('API_client_id'), 'client_secret' => env('API_client_secret')]; $api = new API(); $result = json_decode($api->post($apiUrl, $apiData), true); //3. Check status if ($result['status'] != "success") { return Redirect::back()->withErrors('Password tidak valid')->with('msg-type', 'danger'); } Session::set('APIToken', $result['data']['token']['token']); Session::set('userID', $result['data']['me']['id']); return $next($request); }