コード例 #1
0
 public function __invoke($request, $response, $next)
 {
     $token = Token::validateToken($_SESSION['login_token']);
     if ($token === false || is_null($token)) {
         header('Location: /login');
         exit;
     }
     $token = Token::where('token', $_SESSION['login_token'])->first();
     // Pass in the Routes Response body.
     $response = $next($request, $response);
     return $response;
 }
コード例 #2
0
 public function __invoke($request, $response, $next)
 {
     $token = Token::where('token', $_SESSION['login_token'])->first();
     $user = User::where('id', $token->user_id)->first();
     if ($user->permission_level !== 'Administrator') {
         header('Location: /');
         exit;
     }
     // Pass in the Routes Response body.
     $response = $next($request, $response);
     return $response;
 }
コード例 #3
0
<?php

use GalacticBank\Classes\AuthMiddleware;
use GalacticBank\Models\User;
use GalacticBank\Models\Token;
use GalacticBank\Models\Character;
use GalacticBank\Models\BalanceRequest;
$app->get('/character', function ($request, $response, $args) {
    $token = Token::where('token', $_SESSION['login_token'])->first();
    $user = User::where('id', $token->user_id)->first();
    $characters = Character::where('user_id', $user->id)->get();
    return $this->view->render($response, 'character.php', ['characters' => $characters]);
})->add(new AuthMiddleware());
コード例 #4
0
ファイル: login.php プロジェクト: MichaelLeah/GalacticBank 
/*
 * GET Route
 */
$app->get('/login', function ($request, $response, $args) {
    return $this->view->render($response, 'login.php', []);
});
/*
 * POST Route
 */
$app->post('/login', function ($request, $response, $args) {
    $username = $_POST['username'] ?: '';
    $password = $_POST['password'] ?: '';
    $user = User::where('username', $username)->first();
    // Ensure the user exists in our records.
    if (is_null($user)) {
        return $this->view->render($response, 'login.php', ['error' => 'Invalid Username or password.']);
    }
    // Ensure the passwords match to validate the user.
    if (!password_verify($password, $user->password)) {
        Audit::create(['category' => 'Failed login attempt', 'log_note' => 'Invalid credentials attempted for account: ' . $username, 'user_id' => $user->id, 'ip_address' => $_SERVER['REMOTE_ADDR']]);
        return $this->view->render($response, 'login.php', ['error' => 'Invalid Username or password.']);
    }
    // TODO: Check for any currently active token, de-activate token if exists.
    // Log the user in.
    $token = Token::generateToken();
    Token::create(['token' => $token, 'type' => 'Login Token', 'active' => 'Yes', 'user_id' => $user->id]);
    $_SESSION['login_token'] = $token;
    Audit::create(['category' => 'Successful Login', 'log_note' => 'User successfully logged in for account: ' . $username, 'user_id' => $user->id, 'ip_address' => $_SERVER['REMOTE_ADDR']]);
    header('Location: /');
    exit;
});
コード例 #5
0
ファイル: Token.php プロジェクト: MichaelLeah/GalacticBank 
 /**
  * Validates an existing token in the database.
  *
  * @param  String  $token
  * @return boolean
  */
 public static function validateToken($token)
 {
     $record = Token::where('token', $token)->first();
     return !is_null($record) && $record->active == 'Yes';
 }