public function login() { if (UserAuthController::isLogin()) { return Redirect::to('/welcome'); } if (Request::isMethod('get')) { $user_id = Input::get('id', null); $user_info = tb_users::where('id', $user_id)->first(); if (null == $user_info) { return View::make('login')->with('deny_info', '链接失效!')->with('deny_user_id', $user_id); } // 使用免登录金牌 if (true !== UserAuthController::login($user_id, null)) { return Response::make(View::make('login'))->withCookie(Cookie::make('user_id', $user_id)); } return Redirect::to('/welcome'); } if (Request::isMethod('post')) { // 使用邀请码登录 $token = Input::get('token'); $user_id = Cookie::get('user_id'); self::recordAccessLog(array('token' => $token, 'user_id' => $user_id)); $error_info = UserAuthController::login($user_id, $token); if (true !== $error_info) { return Redirect::back()->with('error_info', $error_info)->withInput(); } return Redirect::to('/welcome'); } return Response::make('此页面只能用GET/POST方法访问!', 404); }
// Route::filter('auth.basic', function() // { // return Auth::basic(); // }); /* |-------------------------------------------------------------------------- | Guest Filter |-------------------------------------------------------------------------- | | The "guest" filter is the counterpart of the authentication filters as | it simply checks that the current user is not logged in. A redirect | response will be issued if they are, which you may freely change. | */ Route::filter('guest', function () { if (UserAuthController::isLogin()) { return Redirect::to('/'); } }); /* |-------------------------------------------------------------------------- | CSRF Protection Filter |-------------------------------------------------------------------------- | | The CSRF filter is responsible for protecting your application against | cross-site request forgery attacks. If this special token in a user | session does not match the one given in this request, we'll bail. | */ Route::filter('csrf', function () { if (Session::token() != Input::get('_token')) {