/** * Builds up routes for API authorization in the given router context. * * @param Router $router */ protected function buildRoutesForAuth(Router $router) { $auth = $this->core->auth(); $router->group(['prefix' => 'auth'], function (Router $router) use($auth) { $router->{$this->getLoginMethod()}($this->getLoginPath(), $auth->getApiRouteLoginAction()); $router->{$this->getLogoutMethod()}($this->getLogoutPath(), $auth->getApiRouteLogoutAction()); }); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param Closure $next * @param string|null $permission * @return mixed */ public function handle($request, Closure $next, $permission = null) { if ($permission && !$this->core->auth()->admin() && !$this->core->auth()->can($permission)) { if ($this->core->bootChecker()->isCmsApiRequest()) { return $this->core->api()->error('Permission denied', 403); } if ($request->ajax() || $request->wantsJson()) { return response('Permission denied.', 403); } /** @var CoreInterface $core */ $core = app(Component::CORE); return redirect()->route($core->prefixRoute(NamedRoute::HOME)); } return $next($request); }
/** * Builds up routes for authorization in the given router context. * * @param Router $router */ protected function buildRoutesForAuth(Router $router) { $auth = $this->core->auth(); $router->group(['prefix' => 'auth'], function (Router $router) use($auth) { $router->get('login', $auth->getRouteLoginAction()); $router->post('login', $auth->getRouteLoginPostAction()); $router->get('logout', $auth->getRouteLogoutAction()); $router->get('password/email', $auth->getRoutePasswordEmailGetAction()); $router->post('password/email', $auth->getRoutePasswordEmailPostAction()); $router->get('password/reset/{token?}', $auth->getRoutePasswordResetGetAction()); $router->post('password/reset', $auth->getRoutePasswordResetPostAction()); }); }