public function facebook(Request $request)
 {
     $accessTokenUrl = 'https://graph.facebook.com/v2.5/oauth/access_token';
     $graphApiUrl = 'https://graph.facebook.com/v2.5/me';
     $params = ['code' => $request->input('code'), 'client_id' => $request->input('clientId'), 'redirect_uri' => $request->input('redirectUri'), 'client_secret' => '76cd1014c10586c33f3e13f03929a221'];
     $client = new \GuzzleHttp\Client();
     // Step 1. Exchange authorization code for access token.
     $accessToken = json_decode($client->get($accessTokenUrl, ['query' => $params])->getBody(), true);
     // Step 2. Retrieve profile information about the current user.
     $profile = json_decode($client->get($graphApiUrl, ['query' => $accessToken])->getBody(), true);
     // Step 3a. If user is already signed in then link accounts.
     if ($request->header('Authorization')) {
         $user = User::where('facebook', '=', $profile['id']);
         if ($user->first()) {
             return response()->json(['message' => 'There is already a Facebook account that belongs to you'], 409);
         }
         $token = explode(' ', $request->header('Authorization'))[1];
         $payload = (array) JWT::decode($token, Config::get('jwt.secret'), array('HS256'));
         $user = User::find($payload['sub']);
         $user->facebook = $profile['id'];
         $user->displayName = $user->displayName ?: $profile['name'];
         $user->save();
         return response()->json(['token' => $this->createToken($user)]);
     } else {
         $user = User::where('facebook', '=', $profile['id']);
         if ($user->first()) {
             return response()->json(['token' => $this->createToken($user->first())]);
         }
         $user = new User();
         $user->facebook = $profile['id'];
         $user->displayName = $profile['name'];
         $user->save();
         return response()->json(['token' => $this->createToken($user)]);
     }
 }
Example #2
1
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     $jwt = $request->header('x-auth-jwt');
     $key = 'fad';
     //env('JWT_KEY');
     $decoded = JWT::decode($jwt, $key, array('HS256'));
     /*
     	
     /*
      		NOTE: This will now be an object instead of an associative array. To get
      		an associative array, you will need to cast it as such:
     */
     //$decoded_array = (array) $jwt;
     /**
      * You can add a leeway to account for when there is a clock skew times between
      * the signing and verifying servers. It is recommended that this leeway should
      * not be bigger than a few minutes.
      *
      * Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef
      */
     //JWT::$leeway = 60; // $leeway in seconds
     //$decoded = JWT::decode($jwt, $key, array('HS256'));
     return $next($request);
     //$res = $next($request);
     //echo "after http request!";
     //return $res;
 }
Example #3
0
 /**
  * Check the request headers.
  *
  * @param  Illuminate\Http\Request $request
  * @return void
  */
 protected function checkRequest(Request $request)
 {
     $this->checkAcceptHeader($request->header('accept'));
     if (!in_array($request->method(), ['GET', 'OPTIONS'])) {
         $this->checkContentTypeHeader($request->header('content-type'));
     }
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     $access_token = $request->header('access_token');
     $refresh_token = $request->header('refresh_token');
     if ($access_token == null && $refresh_token == null) {
         return response('No Token', 400);
     } else {
         $verifyAccess = UserTokenModel::find($access_token);
         $verifyRefresh = UserRefreshTokenModel::find($refresh_token);
         $current_time = time();
         //            echo(strtotime($verifyAccess->expires)-$current_time .'<br>');
         //            echo($current_time);
         //            echo(((strtotime($verifyAccess->expires)-$current_time)<3600)."<br>");
         //            echo((strtotime($verifyRefresh->expires)-$current_time));
         if (count($verifyAccess) > 0) {
             if (strtotime($verifyAccess->expires) > $current_time) {
                 return $next($request);
             } else {
                 return response()->json(['message' => 'Token expired'], 403);
             }
         } else {
             return response()->json(['message' => 'Invalid token'], 403);
         }
     }
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     $token = $request->header('access-token');
     $token = isset($token) ? $request->header('access-token') : $request->get('api_token');
     if (!$token) {
         return response('Unauthorized.', 403);
     }
     $key = getenv('APP_KEY');
     $signer = new Sha256();
     $data = new ValidationData();
     // It will use the current time to validate (iat, nbf and exp)
     $data->setIssuer($request->server('REMOTE_ADDR'));
     $data->setAudience($request->server('HTTP_HOST'));
     try {
         $token = (new Parser())->parse((string) $token);
         if (!$token->validate($data)) {
             return response('Unauthorized data', 401);
         }
         if (!$token->verify($signer, $key)) {
             return response('Unauthorized sign', 401);
         }
         putenv("USER=" . $token->getClaim('uid'));
         return $next($request);
     } catch (\Exception $e) {
         return response('Unauthorized: ' . $e->getMessage(), 403);
     }
 }
Example #6
0
 public function __construct(Request $request)
 {
     if (!$request->header('App-token')) {
         exit;
     }
     $this->user_id = TokenService::tokenDecrypt($request->header('App-token'));
 }
Example #7
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($this->agent->isRobot() || $request->header('user-agent') == '' || !$request->header('user-agent')) {
         return redirect($_SERVER['HTTP_REFERER']);
     }
     return $next($request);
 }
Example #8
0
 /**
  * Get OTP Session Token.
  *
  * @return string|exception
  */
 protected function getToken()
 {
     if (!$this->request->hasHeader('X-OTP-SESSION-TOKEN')) {
         throw new InvalidTwoFactorSessionToken();
     }
     return $this->request->header('X-OTP-SESSION-TOKEN');
 }
Example #9
0
 public function saveFranchise(Request $request)
 {
     /*        $validator = Validator::make($request->all(), [
                 'jenis'         => 'required|integer',
                 'namausaha'     => 'required|unique:franchises',
                 'telepon'       => 'required',
                 'alamat'        => 'required|max:50'
             ]);
             if ($validator->fails()) {
                 $message = $validator->errors();
                 return $this->httpUnprocessableEntity($message);
             }
             $jenis      = $request->input('jenis');
             $namausaha  = $request->input('namausaha');
             $telepon    = $request->input('telepon');
             $alamat     = $request->input('alamat');
             $image      = $request->input('logo');
     */
     $validator = Validator::make($request->all(), ['logo' => 'image|mimes:jpg,jpeg,png|max:2000']);
     if ($validator->fails()) {
         $message = $validator->errors();
         return $this->httpUnprocessableEntity($message);
     }
     $jenis = $request->header('jenis');
     $namausaha = $request->header('namausaha');
     $telepon = $request->header('telepon');
     $alamat = $request->header('alamat');
     $image = $request->file('logo');
     $cek = Jenis::where('id', $jenis)->first();
     if (empty($cek)) {
         return $this->httpUnprocessableEntity('Id jenis tidak valid');
     }
     $db = new Franchise();
     $db->jenis = $jenis;
     $db->namausaha = $namausaha;
     $db->franchisor_id = $this->userID($request);
     $franchisor = new Franchisor();
     $franchisor->where('id', $this->userID($request))->update(['alamat' => $alamat, 'telepon' => $telepon]);
     if ($image) {
         //$image ='data:image/jpeg;base64,' .base64_encode($image);
         /*header("Content-type: image/jpeg");
           $image = Image::make($image);
           $image = $image->response('jpg', 70);*/
         $salt = hash('sha256', time() . mt_rand());
         $link = substr($salt, 0, 40) . ".png";
         $resizedImage = $this->resize($image, 500, 500, $link);
         if (!$resizedImage) {
             return response()->json(['status' => false, 'msg' => 'gagal'], 204);
         }
         $db->logo = $link;
         $db->logo_url = url('api/logo/' . $link);
     }
     $db->logo = "avatar.png";
     $db->logo_url = url('api/logo/avatar.png');
     if ($db->save()) {
         return $this->httpCreate();
     }
     return $this->httpServerError();
 }
 /**
  * Determine if the session and input CSRF tokens match.
  *
  * @param  \Illuminate\Http\Request  $request
  * @return bool
  */
 protected function tokensMatch($request)
 {
     $token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN');
     if (!$token && ($header = $request->header('X-XSRF-TOKEN'))) {
         $token = $this->encrypter->decrypt($header);
     }
     return Str::equals($request->session()->token(), $token);
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($this->user->authenticateApiV1($request->header('Authorization')) !== false) {
         $this->auth->loginUsingId($this->user->authenticateApiV1($request->header('Authorization')));
     } else {
         return response('Invalid API token.', 401);
     }
     return $next($request);
 }
Example #12
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if (!empty($request->header('credential'))) {
         if (Credential::where('key', $request->header('credential'))->count() != 0) {
             return $next($request);
         }
     }
     $this->response->error('Not Valid Api Credential', 500);
 }
Example #13
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     $cookieLang = Cookie::get('i18next');
     if ($cookieLang) {
         App::setLocale($cookieLang);
     } elseif ($request->header('Accept-Language')) {
         App::setLocale($request->header('Accept-Language'));
     }
     return $next($request);
 }
Example #14
0
 public function validateRequest(Request $request)
 {
     if ($request->header('Accept') != JsonApi::MIME_TYPE) {
         throw new \RuntimeException('Invalid Accept header.');
     }
     if (!empty($request->getContent()) && $request->header('Content-Type') != JsonApi::MIME_TYPE) {
         throw new \RuntimeException('Invalid Content-Type header.');
     }
     return true;
 }
Example #15
0
 /**
  * Create a new controller instance.
  *
  * @return void
  */
 public function create(Request $request)
 {
     $message['to'] = $request->input('to');
     $message['from'] = $request->input('from');
     $message['body'] = $request->input('body');
     $message['accountSid'] = $request->header('X-TWILIO-ACCOUNT-SID');
     $message['authToken'] = $request->header('X-TWILIO-AUTH-TOKEN');
     $client = new \Services_Twilio($message['accountSid'], $message['authToken']);
     $client->account->messages->create(['To' => $message['to'], 'From' => $message['from'], 'Body' => $message['body']]);
     exit;
 }
 public function summary(Request $request, $regionId)
 {
     $region = Region::find($regionId);
     $user = false;
     $token = $request->header('Authorization');
     if ($token) {
         if (isset($token[1])) {
             $token = explode(' ', $request->header('Authorization'))[1];
             $payload = (array) JWT::decode($token, Config::get('app.token_secret'), array('HS256'));
             $user = User::find($payload['sub']);
         }
     }
     $participants = new Collection();
     $past_competitions = new Collection();
     $next_competitions = new Collection();
     $next_competition = array();
     $competitions = array();
     if ($regionId == 1) {
         $competitions = Competition::all();
         $videos = DB::table('medias')->where('region_id', '<>', $region->id)->get();
         $region->competitions = $competitions;
     } else {
         $competitions = $region->competitions;
         $videos = DB::table('medias')->where('region_id', '=', $region->id)->get();
     }
     $competitions->each(function ($competition) use($past_competitions, $next_competitions, $participants, $user) {
         $competition->users->each(function ($participant) use($participants, $competition, $user) {
             if ($user && $user->id == $participant->id) {
                 $competition->already_participating = true;
             }
             $participant->medias;
             $participant->competitions;
             $participants->push($participant);
         });
         $competition->location;
         $competition->videos;
         if (Carbon::now()->gte($competition->event_date)) {
             $competition->past = true;
             $past_competitions->push($competition);
         } else {
             $competition->past = false;
             $next_competitions->push($competition);
         }
     });
     $region->next_competition = $next_competitions->first();
     $region->next_competitions = $next_competitions;
     $region->past_competitions = $past_competitions;
     $region->videos = $videos;
     $region->videos_count = count($videos);
     $region->competitions_count = count($competitions);
     $region->participants = $participants->unique();
     $region->participants_count = count($region->participants);
     return $region;
 }
Example #17
0
 /**
  * Render an exception into an HTTP response.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Exception  $e
  * @return \Illuminate\Http\Response
  */
 public function render($request, Exception $e)
 {
     if ($e instanceof HttpException) {
         $response = $e->response();
         if ($request->header('Origin')) {
             Cors::attachHeaders($response);
             $response->headers->set('Access-Control-Allow-Origin', $request->header('Origin'));
         }
         return $response;
     }
     return parent::render($request, $e);
 }
 /**
  * Handles a webhook.
  *
  * @param \Illuminate\Http\Request $request
  *
  * @return void
  */
 public function handle(Request $request)
 {
     $signature = $request->header('X-Hub-Signature');
     if ($signature !== ($realSignature = 'sha1=' . hash_hmac('sha1', $request->getContent(), env('WEBHOOK_SECRET')))) {
         throw new NotFoundHttpException();
     }
     $handler = array_get(static::$handlers, $request->header('X-Github-Event'));
     if (!$handler) {
         throw new NotFoundHttpException();
     }
     return app()->call([$this, $handler]);
 }
Example #19
0
 public function goToNewUrl(Request $request, $code)
 {
     $url = Rule::where('short_url', $code)->first();
     if (!$url) {
         $view = view('errors.404');
         return response($view, 404);
     }
     $user_agent = parse_user_agent($request->header('user-agent'));
     $rdr = ['ip_address' => $request->getClientIp(), 'referer' => $request->header('referer'), 'browser' => $user_agent['browser'], 'platform' => $user_agent['platform'], 'country' => $request->header('CF-IPCountry'), 'browser_version' => $user_agent['version']];
     Visit::create($rdr);
     return redirect()->to($url->long_url);
 }
Example #20
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($request->header('Authorization')) {
         $token = explode(' ', $request->header('Authorization'))[1];
         $payload = (array) JWT::decode($token, Config::get('app.token_secret'), array('HS256'));
         if ($payload['exp'] < time()) {
             return response()->json(['message' => 'Token has expired']);
         }
         $request['user'] = $payload;
         return $next($request);
     } else {
         return response()->json(['message' => 'Please make sure your request has an Authorization header'], 401);
     }
 }
 /**
  * Determine if the session and input CSRF tokens match.
  *
  * @param  \Illuminate\Http\Request  $request
  * @return bool
  */
 protected function tokensMatch($request)
 {
     // Get tokens from session and the request
     $sessionToken = $request->session()->token();
     $token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN');
     if (!$token && ($header = $request->header('X-XSRF-TOKEN'))) {
         $token = $this->encrypter->decrypt($header);
     }
     if (!is_string($sessionToken) || !is_string($token)) {
         return false;
     }
     // Validate them
     return hash_equals((string) $request->session()->token(), (string) $token);
 }
Example #22
0
 /**
  *
  * @param Request $request
  * @return mixed
  */
 public function getFilterReport(Request $request)
 {
     $timeEntryObj = new TimeEntry();
     $timeEntryQuery = $timeEntryObj->getTimerTrackerReport();
     $totalTime = 0;
     $totalCount = 0;
     //used select field here as we are using same query to get count and time sum
     //set select fields for listing
     $select = ['te.created_at as created_at', 'te.desc as description', 'te.time as time', 'u.name as username', 'p.name as projectName', 'c.name as clientName', DB::raw("GROUP_CONCAT(t.name) as tags"), DB::raw("DATE(te.created_at) as createdDate")];
     //set filters on query
     $filters = $request->input('filters');
     if ($request->has('xls')) {
         $filters = (array) json_decode($filters);
     }
     if (isset($filters['desc']) && $filters['desc'] != "") {
         $timeEntryQuery->where('te.desc', $filters['desc']);
     }
     if (isset($filters['users']) && !empty($filters['users'])) {
         $timeEntryQuery->whereIn('u.id', $filters['users']);
     }
     if (isset($filters['clients']) && !empty($filters['clients'])) {
         $timeEntryQuery->whereIn('c.id', $filters['clients']);
     }
     if (isset($filters['projects']) && !empty($filters['projects'])) {
         $timeEntryQuery->whereIn('p.id', $filters['projects']);
     }
     if (isset($filters['startDate']) && $filters['startDate'] != "") {
         $timeEntryQuery->whereDate('te.created_at', '>=', date('Y-m-d', strtotime($filters['startDate'])));
     }
     if (isset($filters['endDate']) && $filters['endDate'] != "") {
         $timeEntryQuery->whereDate('te.created_at', '<=', date('Y-m-d', strtotime($filters['endDate'])));
     }
     if ($request->input('xls')) {
         $timeEntryQuery->select($select);
         $this->getFilteredReport($timeEntryQuery->get());
     }
     //get total count and time sum
     $aggregateResult = \DB::table(\DB::raw(' ( ' . $timeEntryQuery->select('time')->toSql() . ' ) AS counted '))->selectRaw('count(*) AS totalCount, sum(time) as totalTime')->mergeBindings($timeEntryQuery)->first();
     if ($aggregateResult) {
         $totalCount = $aggregateResult->totalCount;
         $totalTime = $aggregateResult->totalTime;
     }
     $timeEntryQuery->select($select);
     //pagination limit
     $range = explode('-', $request->header('range'));
     $timeEntryQuery->skip($range[0]);
     $limit = 0 == $range[0] ? $range[1] : $range[1] - $range[0];
     $timeEntryQuery->limit($limit);
     return response(['data' => $timeEntryQuery->get(), 'totalTime' => $totalTime])->header('Content-Range', "{$request->header('range')}/{$totalCount}");
 }
Example #23
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     /*
      * Cookie::get('i18next'); - don't work because EncryptCookies executes
      * later and it's no seems a way to change a middleware order
      */
     if (array_key_exists('i18next', $_COOKIE)) {
         $lang = substr($_COOKIE['i18next'], 0, 2);
         App::setLocale($lang);
     } elseif ($request->header('Accept-Language')) {
         App::setLocale($request->header('Accept-Language'));
     }
     return $next($request);
 }
 /**
  * Get the request formatted as meta data.
  *
  * @return array
  */
 public function getMetaData()
 {
     $data = [];
     $data['url'] = $this->request->fullUrl();
     $data['httpMethod'] = $this->request->getMethod();
     $data['params'] = $this->request->input();
     $data['clientIp'] = $this->request->getClientIp();
     if ($agent = $this->request->header('User-Agent')) {
         $data['userAgent'] = $agent;
     }
     if ($headers = $this->request->headers->all()) {
         $data['headers'] = $headers;
     }
     return ['request' => $data];
 }
Example #25
0
 /**
  * UserAgent constructor.
  *
  * @author Morten Rugaard <moru@nodes.dk>
  *
  * @param \Illuminate\Http\Request $request
  */
 public function __construct(Request $request)
 {
     if ($request->method() == 'OPTIONS') {
         return;
     }
     // Retrieve user agent from request header
     // X-User-Agent is supported since some browsers / platforms override User-Agent header
     $this->userAgent = $userAgent = $request->header('X-User-Agent') ?: $request->header('User-Agent');
     // Set nodes meta
     if ($request->header(self::NODES_META_HEADER)) {
         $this->meta = new NodesMeta($request->header(self::NODES_META_HEADER));
     }
     // Parse received user agent
     $this->parse($userAgent);
 }
Example #26
0
 /**
  * Determine if the session and input CSRF tokens match.
  *
  * @param \Illuminate\Http\Request $request
  * @return bool
  */
 protected function tokensMatch($request)
 {
     // If request is an ajax request, then check to see if token matches token provider in
     // the header. This way, we can use CSRF protection in ajax requests also.
     $token = $request->ajax() ? $request->header('X-CSRF-Token') : $request->input('_token');
     return $request->session()->token() == $token;
 }
Example #27
0
 /**
 * Handle an incoming request.
 *
 * @param \Illuminate\Http\Request $request
 * @param \Closure                 $next
 <<<<<<< HEAD
 * @param string                   $type
 =======
 >>>>>>> e5c137f82b44a4fbd2d63c36abbfe0cec29ead52
 *
 * @return mixed
 */
 public function handle($request, Closure $next)
 {
     if ($tz = $request->header('Time-Zone')) {
         app('config')->set('cachet.timezone', $tz);
     }
     return $next($request);
 }
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request  $request
  * @param  \Closure  $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($request->header('x-requested-with') !== 'my.com.derp.whatscarrier') {
         throw new Exception("Error Processing Request", 404);
     }
     return $next($request);
 }
Example #29
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     if ($request->header('origin') !== 'https://sandbox.pagseguro.uol.com.br' && $request->getMethod() !== 'POST') {
         return response('Unauthorized.', 401);
     }
     return $next($request)->header('Access-Control-Allow-Origin', 'https://sandbox.pagseguro.uol.com.br')->header('Access-Control-Allow-Methods', 'POST');
 }
 /**
  * Handles a standard form submit
  *
  * @return Response
  */
 public function submit(Request $request)
 {
     // get referer
     $referer = $request->header('referer');
     // get the site
     $siteId = $request->input('siteid');
     $url = $referer;
     $formId = $request->input('formid');
     $timestamp = gmdate('D M d Y H:i:s O', time());
     // get all fields
     $all_fields = $request->all();
     $fields = array();
     // walk through form fields
     foreach ($all_fields as $key => $value) {
         if ($key != 'siteid' && $key != 'url' && $key != 'formid') {
             // push field
             array_push($fields, array('id' => $key, 'value' => $value));
         }
     }
     // get name of
     $name = 'New Submission';
     if (sizeof($fields) > 0) {
         $name = $fields[0]['value'];
     }
     $arr = array('id' => Utilities::getGUID(), 'name' => $name, 'url' => $url, 'formId' => $formId, 'date' => $timestamp, 'fields' => $fields);
     // create a submission from the json file
     $submission = new Submission($arr);
     // save the submission
     $submission->save($siteId);
     return redirect($referer . '#success');
 }