public function login()
{
if (UserAuthController::isLogin()) {
return Redirect::to('/welcome');
}
if (Request::isMethod('get')) {
$user_id = Input::get('id', null);
$user_info = tb_users::where('id', $user_id)->first();
if (null == $user_info) {
return View::make('login')->with('deny_info', '链接失效!')->with('deny_user_id', $user_id);
}
// 使用免登录金牌
if (true !== UserAuthController::login($user_id, null)) {
return Response::make(View::make('login'))->withCookie(Cookie::make('user_id', $user_id));
}
return Redirect::to('/welcome');
}
if (Request::isMethod('post')) {
// 使用邀请码登录
$token = Input::get('token');
$user_id = Cookie::get('user_id');
self::recordAccessLog(array('token' => $token, 'user_id' => $user_id));
$error_info = UserAuthController::login($user_id, $token);
if (true !== $error_info) {
return Redirect::back()->with('error_info', $error_info)->withInput();
}
return Redirect::to('/welcome');
}
return Response::make('此页面只能用GET/POST方法访问!', 404);
}
// Route::filter('auth.basic', function()
// {
// return Auth::basic();
// });
/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/
Route::filter('guest', function () {
if (UserAuthController::isLogin()) {
return Redirect::to('/');
}
});
/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/
Route::filter('csrf', function () {
if (Session::token() != Input::get('_token')) {
