コード例 #1
0
ファイル: GitController.php プロジェクト: ZR2/site
 protected function auth()
 {
     if (Auth::onceBasic("username")) {
         return Auth::user()->isDev();
     }
     return false;
 }
コード例 #2
0
 protected function download(Path $path)
 {
     // check basic auth headers as well, so if specified,
     // client doesn't have to go through the login and cookie dance.
     Auth::onceBasic("username");
     // check we're logged in
     if (!Auth::check()) {
         Session::flash('redirect', URL::current());
         return Redirect::route('login');
     }
     // record the download in the db
     $record = $path->loadCreateRecord($path);
     $record->downloaded_at = $record->freshTimestamp();
     $record->increment('downloads');
     $record->save();
     $isMisc = strpos($path->getRelative(), '/Misc/') === 0;
     if ($isMisc || $path->isSafeExtension()) {
         // check if the extension is safe to download
         $file = new AsciiSafeDownloadFile($path->getPathname());
         // see comments in AsciiSafeDownloadFile class
         $baseName = $path->getBasename();
         $baseName = str_replace('%', '', $baseName);
         try {
             return Response::download($file, $baseName);
         } catch (InvalidArgumentException $e) {
             App::abort(500, 'This file has a malformed filename. Please contact an admin.');
         }
     } else {
         App::abort(403, sprintf('File type "%s" not allowed', $path->getExtension()));
     }
 }
コード例 #3
0
 public function authcheck()
 {
     Auth::onceBasic('username');
     if (Auth::check()) {
         return Response::make('', 204);
     } else {
         return Response::make('', 401, array('WWW-Authenticate' => 'Basic'));
     }
 }
コード例 #4
0
ファイル: filters.php プロジェクト: seedgabo/condominio
// Filtro de clase administrador
Route::filter('admin', function () {
    if (!Auth::user()->admin) {
        Session::flash('message', "No tiene Permisos para acceder a esta opción, si piensa que es un error por favor contacte con su administrador");
        return Redirect::to('/');
    }
});
// Filtro de las Api
Route::filter('api', function () {
    header('Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS');
    header('Access-Control-Allow-Origin: *');
    header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization,  Key, Auth-Token');
    if (Request::method() != "OPTIONS") {
        if (Request::header("Auth-Token", null) != null) {
            $user = User::find(Crypt::decrypt(Request::header("Auth-Token")));
            Auth::setUser($user);
        } else {
            return Auth::onceBasic('email');
        }
    }
});
Route::filter('ajax', function () {
    if (!Request::ajax()) {
        return Response::make('Unauthorized', 401);
    }
});
// amarrando el filtro a todas las direcciones admin
Route::when('admin', 'auth|admin');
Route::when('admin/*', 'auth|admin');
//Mismo caso para API
Route::when('api/*', 'api');
コード例 #5
0
    	App::abort(400, "Invalid token");
    }
    */
    if (Auth::guest()) {
        if (Request::ajax()) {
            return Response::make('Unauthorized', 401);
        } else {
            return Redirect::guest('login');
        }
    }
});
Route::filter('auth.basic', function () {
    return Auth::basic('username');
});
Route::filter('basic.once', function () {
    return Auth::onceBasic();
});
/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/
Route::filter('guest', function () {
    if (Auth::check()) {
        return Redirect::to('/');
    }
コード例 #6
0
ファイル: routes.php プロジェクト: carlosqueiroz/nosh-core
            Auth::logout();
            Session::flush();
            header("HTTP/1.1 404 Page Not Found", true, 404);
            exit("You cannot do this.");
        }
    }
});
Route::filter('force.ssl', function () {
    if (route('home') != 'http://demo.noshchartingsystem.com:444/nosh' && route('home') != 'http://192.168.1.163/nosh' && route('home') != 'http://localhost/nosh' && route('home') != 'http://162.243.111.18/nosh' && route('home') != 'http://uma.noshchartingsystem.com/nosh') {
        if (!Request::secure()) {
            return Redirect::secure(Request::path());
        }
    }
});
Route::filter('auth.basic', function () {
    return Auth::onceBasic('username');
});
Route::filter('auth.token', function () {
    $payload = Request::header('Authorization');
    $open_id_url = str_replace('/nosh', '/uma-server-webapp/', URL::to('/'));
    $practice = DB::table('practiceinfo')->where('practice_id', '=', '1')->first();
    $client_id = $practice->uma_client_id;
    $client_secret = $practice->uma_client_secret;
    if ($payload) {
        // RPT, Perform Token Introspection
        $rpt = str_replace('Bearer ', '', $payload);
        $oidc = new OpenIDConnectClient($open_id_url, $client_id, $client_secret);
        $oidc->refresh($practice->uma_refresh_token, true);
        $result_rpt = $oidc->introspect($rpt);
        if ($result_rpt['active'] == false) {
            // Inactive RPT, Request Permission Ticket
コード例 #7
0
ファイル: filters.php プロジェクト: SenhorBardell/yol
<?php

Route::filter('token', function () {
    $token = AccessToken::where('token', Input::get('token'))->first();
    if (!$token) {
        return Response::json(array('status' => 'Unauthorized'));
    }
});
Route::filter('auth', function () {
    if (Auth::onceBasic()) {
        return Response::json(['error' => ['message' => 'Invalid credentials', 'status_code' => 401]], 401);
    }
});
Route::filter('bearer', function () {
    $header = Request::header('Authorization');
    if (!$header) {
        return Response::json(['error' => ['message' => 'Unauthorized', 'status_code' => 401]], 401);
    }
    $token = explode(' ', $header)[1];
    if ($token) {
        $device = Device::where('auth_token', $token)->orderBy('id', 'desc')->first();
        if (!is_null($device)) {
            try {
                Auth::onceUsingId($device->user_id);
            } catch (Exception $e) {
                return Response::json(['error' => ['message' => $e->getMessage(), 'status_code' => 500]], 500);
            }
        } else {
            return Response::json(['error' => ['message' => 'Invalid token', 'status_code' => 401]], 401);
        }
    } else {
コード例 #8
0
| The following filters are used to verify that the user of the current
| session is logged into this application. The "basic" filter easily
| integrates HTTP Basic authentication for quick, simple checking.
|
*/
Route::filter('auth', function () {
    if (Auth::guest()) {
        if (Request::ajax()) {
            return Response::make('Unauthorized', 401);
        } else {
            return Redirect::guest('login');
        }
    }
});
Route::filter('auth.basic', function () {
    return Auth::onceBasic("username");
});
/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/
Route::filter('guest', function () {
    if (Auth::check()) {
        return Redirect::to('/');
    }
コード例 #9
0
ファイル: filters.php プロジェクト: htchien/prayerweb
/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/
Route::filter('csrf', function () {
    if (Session::token() !== Input::get('_token')) {
        throw new Illuminate\Session\TokenMismatchException();
    }
});
/*
|--------------------------------------------------------------------------
| API Filter
|--------------------------------------------------------------------------
|
| For RESTful API
|
*/
Route::filter('auth.api', function () {
    $message = '無效的憑證。';
    $headers = ['WWW-Authenticate' => 'Basic'];
    $response = Auth::onceBasic('email');
    if (!is_null($response)) {
        return Response::json($message, 401, $headers);
    }
});