/** * Construct a form. * * @param null $route * @param array $options * @return string */ public static function open($route = null, $options = []) { $opts = self::evalOptions($options); $route = $route == null ? $_SERVER['REQUEST_URI'] : $route; $method = preg_match('/method\\=/i', $opts) ? "" : "method='POST' "; return "<form action='{$route}' {$method}{$opts} accept-charset='UTF-8'>\n\n <input type='hidden' name='__FORM_TOKEN__' value='" . Token::create() . "'>"; }
/** * Determines whether a user is authenticated * by checking keys if they are valid. * * @return mixed **/ public function guard() { if (!isset($_SESSION['user'])) { return Route::redirect(route('login')); } else { if (!Token::verify(Session::user()->remember_token)) { return $this->restartSession(); } } return true; }
/** * Execute the Process * * @todo execute * @param $callback * @return mixed */ public function execute($callback = "") { $request = new LoginRequest($_POST); if ($request->validate()) { $attempt = User::where('username', $request->get('username'))->where('password', Hash::encode($request->get('password')))->where('active', 'yes'); if ($attempt->exists()) { $user = $attempt->first(); $user->remember_token = Token::create(); $user->save(); $_SESSION['user'] = $user(); return Route::redirect('welcome'); } else { Session::setFlash('flash', 'username/password is incorrect.<br><br>'); return $callback(); } } else { return $callback(); } }
/** * Catches request method, and filter * each values * * @param $request */ public function __construct($request = null) { $request = is_null($request) ? $_POST : $request; if (is_null($this->request)) { if (array_key_exists('__FORM_TOKEN__', $request)) { unset($request['__FORM_TOKEN__']); } $this->request = filter_var_array($request, FILTER_SANITIZE_STRIPPED); } if (array_key_exists('__FORM_TOKEN__', $_POST)) { $token = $_POST['__FORM_TOKEN__']; unset($_POST['__FORM_TOKEN__']); if (!Token::verify($token)) { $auth = new \Auth(); return $auth->restartSession(); } } return true; }