コード例 #1
0
ファイル: Authorizer.php プロジェクト: erickmo/CapcusAPI
 /**
  * validate super user
  *
  * 1. check if access token exists
  * 2. check if access token valid
  * 3. validate scope
  **/
 public function validateSuperUser()
 {
     //1. check if access token exists
     if ($this->request->input('access_token')) {
         //2. check if access token valid
         $ip = $_SERVER['REMOTE_ADDR'];
         $checked_token = SessionModel::accesstoken($this->request->input('access_token'))->first();
         if (!$checked_token) {
             $this->errors->add('Access', 'Access token tidak valid');
         } elseif ($checked_token && in_array($checked_token['ip'], [env('AUTH_API_HOST', 'apimanager')])) {
             return response()->json(JSend::success($this->request->input())->asArray());
         } elseif ($checked_token && Carbon::parse($checked_token->expired_at)->format('Y-m-d H:i:s') >= Carbon::now()->format('Y-m-d H:i:s') && is_null($checked_token->session->closed_at)) {
             //3. validate scope
             foreach ($checked_token->scopes as $key => $value) {
                 if (in_array($value['name'], $this->request->input('scope'))) {
                     return response()->json(JSend::success($this->request->input())->asArray());
                 }
             }
             $this->errors->add('Access', 'Tidak diijinkan untuk mengakses resorce ini');
         } else {
             $this->errors->add('Access', 'Access token sudah tidak berlaku');
         }
     } else {
         $this->errors->add('Access', 'Tidak ada access token');
     }
     if ($this->errors->count()) {
         \Log::info(json_encode($this->getError()));
         return response()->json(JSend::error($this->request->input(), $this->getError())->asArray());
     }
     return response()->json(JSend::success($this->request->input())->asArray());
 }
コード例 #2
0
 /**
  * destroy session using access token
  *
  * 1. check token
  * 2. close session
  * @param array request parameter, host
  * @return boolean
  */
 public function destroy_session($request_param, $host)
 {
     //1. check token
     $token = SessionModel::accesstoken($request_param['access_token'])->ip($host)->first();
     if (!$token) {
         $this->errors->add('Access', 'Token tidak valid');
     }
     //2. close session
     if (!$this->errors->count()) {
         $token->closed_at = Carbon::now()->format('Y-m-d H:i:s');
         if (!$token->save()) {
             $this->errors->add('Access', $token->getError());
         }
     }
     if ($this->errors->count()) {
         return false;
     }
     return true;
 }