/**
* Create an activity log entry.
*
* @param mixed
* @return boolean
*/
public static function log($data = array())
{
if (is_object($data)) {
$data = (array) $data;
}
if (is_string($data)) {
$data = array('action' => $data);
}
$user = Auth::user();
$activity = new static();
$activity->user_id = isset($user->id) ? $user->id : 0;
$activity->content_id = isset($data['contentID']) ? $data['contentID'] : 0;
$activity->content_type = isset($data['contentType']) ? $data['contentType'] : "";
$activity->action = isset($data['action']) ? $data['action'] : "";
$activity->description = isset($data['description']) ? $data['description'] : "";
$activity->details = isset($data['details']) ? $data['details'] : "";
//set action and allow "updated" boolean to replace activity text "Added" or "Created" with "Updated"
if (isset($data['updated'])) {
if ($data['updated']) {
$activity->description = str_replace('Added', 'Updated', str_replace('Created', 'Updated', $activity->description));
$activity->action = "Updated";
} else {
$activity->action = "Created";
}
}
if (isset($data['deleted']) && $data['deleted']) {
$activity->action = "Deleted";
}
//set developer flag
$activity->developer = !is_null(Session::get('developer')) ? true : false;
$activity->ip_address = Request::getClientIp();
$activity->user_agent = $_SERVER['HTTP_USER_AGENT'];
$activity->save();
return true;
}
/**
* Write a logout history item for this user
*
* @param \Illuminate\Auth\Events\Logout $event
*/
public static function handle(LogoutEvent $event)
{
$event->user->login_history()->save(new UserLoginHistory(['source' => Request::getClientIp(), 'user_agent' => Request::header('User-Agent'), 'action' => 'logout']));
$message = 'User logged out from ' . Request::getClientIp();
event('security.log', [$message, 'authentication']);
return;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
//saco el listado de ip's con acceso
$secure = config('ws.secure');
//compruebo si la ip de la consulta esta en la lista de acceso
if (!in_array(Request::getClientIp(), $secure)) {
//busqueda por Rangos de IP
foreach ($secure as $a) {
//limpio el caracter * para hacer las comparaciones por rango de ip
$a = str_replace("*", "", $a);
//compruebo si el rango es igual
if ($a == substr(Request::getClientIp(), 0, strlen($a))) {
return $next($request);
}
}
//si no estoy en la lista de ip compruebo si es ejecutada la consulta con el dominio
if (!empty($_SERVER['HTTP_REFERER'])) {
//si el dominio viene en la lista de seguros dejo pasar la consulta
if (in_array(getdomain($_SERVER['HTTP_REFERER']), $secure)) {
return $next($request);
}
}
//pinto error 500 (acceso denegado)
return response("Acceso denegado " . Request::getClientIp(), 500);
}
return $next($request);
}
public function anyIndex()
{
$uid = Session::get('uid');
$ip = Request::getClientIp();
$callback = Request::input('callback');
if ($_POST) {
$username = Request::input('username');
$password = Request::input('password');
$captcha = Request::input('captcha');
$uid = $this->authModel->verify_user($username, $password);
if (!$uid) {
$data['message'] = 'validation failed';
} else {
Session::put('uid', $uid);
Session::save();
}
}
if ($uid) {
// todo :: 保护机制 防止循环跳转
$ticket = $this->authModel->generate_ticket($uid, $ip, $callback);
if (strpos($callback, '?')) {
$callback .= '&ticket=' . $ticket;
} else {
$callback .= '?ticket=' . $ticket;
}
header("Location:" . $callback);
exit;
}
$data['callback'] = $callback;
return view('api.sso.index', $data);
}
/**
* Register the service provider.
*
* @return void
*/
public function register()
{
$this->app['router']->before(function ($request) {
// First clear out all "old" visitors
Visitor::clear();
$page = Request::path();
$ignore = Config::get('visitor-log::ignore');
if (is_array($ignore) && in_array($page, $ignore)) {
//We ignore this site
return;
}
$visitor = Visitor::getCurrent();
if (!$visitor) {
//We need to add a new user
$visitor = new Visitor();
$visitor->ip = Request::getClientIp();
$visitor->useragent = Request::server('HTTP_USER_AGENT');
$visitor->sid = str_random(25);
}
$user = null;
$usermodel = strtolower(Config::get('visitor-log::usermodel'));
if (($usermodel == "auth" || $usermodel == "laravel") && Auth::check()) {
$user = Auth::user()->id;
}
if ($usermodel == "sentry" && class_exists('Cartalyst\\Sentry\\SentryServiceProvider') && Sentry::check()) {
$user = Sentry::getUser()->id;
}
//Save/Update the rest
$visitor->user = $user;
$visitor->page = $page;
$visitor->save();
});
}
/**
* Update the last login values and write a new
* login history item
*
* @param $user
*/
public static function handle($user)
{
$user->last_login_source = Request::getClientIp();
$user->last_login = new DateTime();
$user->save();
$user->login_history()->save(new UserLoginHistory(['source' => Request::getClientIp(), 'user_agent' => Request::header('User-Agent'), 'action' => 'login']));
$message = 'User logged in from ' . Request::getClientIp();
Event::fire('security.log', [$message, 'authentication']);
return;
}
public static function add($data = array())
{
$user = Auth::user();
$entry = new static();
$entry->user_id = isset($user->id) ? $user->id : false;
$entry->ip_address = Request::getClientIp();
$entry->data = isset($data['data']) ? json_encode($data['data']) : null;
foreach (array('group', 'type', 'action') as $field) {
$entry->{$field} = isset($data[$field]) ? $data[$field] : null;
}
return (bool) $entry->save();
}
public function postAdminDelete()
{
session_start();
Request::setTrustedProxies(array('192.0.0.1', '10.0.0.0/8'));
if (isset($_SESSION["logged_in"]) && isset($_SESSION["logged_in_ip"]) && $_SESSION["logged_in_ip"] == Request::getClientIp()) {
if (Request::has("id")) {
$id = Request::input("id");
DB::table("contestants")->where(array("id" => $id))->delete();
}
}
return redirect()->action("AdminController@getAdminDelete");
}
public function handleProviderCallback($provider)
{
try {
$user = Socialite::driver($provider)->user();
} catch (Exception $e) {
return redirect('auth/' . $provider);
}
$authUser = $this->findOrCreateUser($user);
Auth::login($authUser, true);
$user = Auth::user();
$user->ip = RequestData::getClientIp();
$user->save();
return redirect('dashboard');
}
public function postLogin(Request $request)
{
$this->validate($request, ['email' => 'required|email', 'password' => 'required']);
$credentials = $request->only('email', 'password');
$ip_naslov = \Illuminate\Support\Facades\Request::getClientIp();
// dobi ip naslov
$ip_je_v_bazi = Ip_tabela::where('ip_naslov', $ip_naslov)->first();
// poglej če je ip naslov že v bazi v tabeli ip_tabela
if ($this->auth->attempt($credentials, $request->has('remember'))) {
if ($ip_je_v_bazi == null) {
// če ip naslova še ni v bazi, ga dodaj, nastavi števec napačnih poskusov na 0 in se vpiši
$ip_tabela = new Ip_tabela();
$ip_tabela->ip_naslov = $ip_naslov;
$ip_tabela->stevec = 0;
$ip_tabela->save();
return redirect()->intended($this->redirectPath());
} elseif ($ip_je_v_bazi->stevec < 3) {
// če je ip naslov v bazi, števec napačnih poskusov pa je manjši od 3, resetiraj števec in se vpiši
$ip_je_v_bazi->stevec = 0;
$ip_je_v_bazi->save();
return redirect()->intended($this->redirectPath());
} elseif ($ip_je_v_bazi->stevec >= 3) {
// če je ip naslov v bazi, števec napačnih poskusov pa je večji ali enak 3
if ($ip_je_v_bazi->updated_at < new Carbon('-2 minutes')) {
// če sta minili več kot 2 minuti od zadnjega neveljavnega poskusa, resetiraj števec in se vpiši
$ip_je_v_bazi->stevec = 0;
$ip_je_v_bazi->save();
return redirect()->intended($this->redirectPath());
} else {
// drugače izpiši opozorilo
$this->auth->logout();
return redirect($this->loginPath())->withInput($request->only('email', 'remember'))->withErrors(['Vpis z vašega IP naslova je blokiran za 2 minuti zaradi 3 neuspelih poskusov.']);
}
}
}
// če vnesemo napačno uporabniško ime ali geslo
if ($ip_je_v_bazi == null) {
// če ip naslova še ni v bazi, ga dodaj in nastavi števec napačnih poskusov na 1
$ip_tabela = new Ip_tabela();
$ip_tabela->ip_naslov = $ip_naslov;
$ip_tabela->stevec = 1;
$ip_tabela->save();
} else {
// če je ip naslov v bazi, povečaj števec napačnih poskusov
$ip_je_v_bazi->stevec = $ip_je_v_bazi->stevec + 1;
$ip_je_v_bazi->save();
}
return redirect($this->loginPath())->withInput($request->only('email', 'remember'))->withErrors(['Vnesli ste napačno uporabniško ime ali geslo.']);
}
/**
* 统一返回格式
* @param $msgcode
* @param null $message
* @param null $data
* @return string
*/
public static function encodeResult($msgcode, $message = NULL, $data = NULL)
{
if ($data == null) {
$data = new \stdClass();
}
$log = new RestLog();
$log->request = json_encode(Request::all());
$log->request_route = Route::currentRouteName();
$log->response = json_encode($data);
$log->msgcode = $msgcode;
$log->message = $message;
$log->client_ip = Request::getClientIp();
$log->client_useragent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : NULL;
$log->save();
$result = array("rest_id" => $log->id, 'msgcode' => $msgcode, 'message' => $message, 'data' => $data, 'version' => self::VERSION, 'servertime' => time());
return \Response::json($result);
}
/**
* 统一返回格式
* @param $msgcode
* @param null $message
* @param null $data
* @return string
*/
protected function encodeResult($msgcode, $message = NULL, $data = NULL)
{
if ($data == null) {
$data = new \stdClass();
}
$log = new RestLog();
$log->request = json_encode(Request::except('file'));
$log->request_route = Route::currentRouteName();
$log->response = json_encode($data);
$log->msgcode = $msgcode;
$log->message = $message;
$log->client_ip = Request::getClientIp();
$log->client_useragent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : NULL;
if (Auth::check()) {
$log->user_id = Auth::user()->user_id;
}
$log->save();
$result = array("rest_id" => $log->id, 'msgcode' => $msgcode, 'message' => $message, 'date' => $data, 'version' => '1.0', 'servertime' => time());
return \Response::json($result);
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(TermsAndConditionRequest $request)
{
$user_id = isset(Auth::user()->id) ? Auth::user()->id : 0;
$ipaddress = Request::getClientIp();
$input = $request->except("_token");
if (isset($input['agree']) && $input['agree'] == "Agree") {
$input['agree'] = '1';
$input['user_id'] = $user_id;
$input['ipaddress'] = $ipaddress;
$this->repo->create($input);
return Redirect::to("/");
} elseif (isset($input['disagree']) && $input['disagree'] == "Disagree") {
$input['agree'] = '0';
$input['user_id'] = $user_id;
$input['ipaddress'] = $ipaddress;
unset($input['disagree']);
$this->repo->create($input);
return Redirect::to("/");
}
return Redirect::back()->with("unsuccess", "Woops Something is wrong..!");
}
/**
* reCAPTCHA validation
*
* @param $recaptcha
*
* @return bool
*/
public function validateReCapthca($recaptcha)
{
if (\Config::get('schauth::config.recaptcha.required.login') !== true) {
return true;
}
if (empty($recaptcha)) {
return false;
}
try {
$recaptchaUrl = 'https://www.google.com/recaptcha/api/siteverify?secret=' . \Config::get('schauth::config.recaptcha.secretkey') . '&response=' . $recaptcha . '&remoteip=' . Request::getClientIp();
$client = new GuzzleHttpClient();
$response = $client->get($recaptchaUrl);
$json = $response->json();
if (empty($json['success'])) {
return false;
}
} catch (\Exception $e) {
return false;
}
return true;
}
/**
* Create an activity log entry.
*
* @param mixed $data
* @return boolean
*/
public static function log($data = [])
{
if (is_object($data)) {
$data = (array) $data;
}
if (is_string($data)) {
$data = ['action' => $data];
}
$activity = new static();
if (config('log.auto_set_user_id')) {
$user = call_user_func(config('log.auth_method'));
$activity->user_id = isset($user->id) ? $user->id : null;
}
if (isset($data['userId'])) {
$activity->user_id = $data['userId'];
}
$activity->content_id = isset($data['contentId']) ? $data['contentId'] : null;
$activity->content_type = isset($data['contentType']) ? $data['contentType'] : null;
$activity->action = isset($data['action']) ? $data['action'] : null;
$activity->description = isset($data['description']) ? $data['description'] : null;
$activity->details = isset($data['details']) ? $data['details'] : null;
//set action and allow "updated" boolean to replace activity text "Added" or "Created" with "Updated"
if (isset($data['updated'])) {
if ($data['updated']) {
$activity->action = "Update";
$activity->description = str_replace('Added', 'Updated', str_replace('Created', 'Updated', $activity->description));
} else {
$activity->action = "Create";
}
}
if (isset($data['deleted']) && $data['deleted']) {
$activity->action = "Delete";
}
//set developer flag
$activity->developer = !is_null(Session::get('developer')) ? true : false;
$activity->ip_address = Request::getClientIp();
$activity->user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : 'No UserAgent';
$activity->save();
return true;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$apiKey = Request::input('api_key');
if (!$apiKey) {
$apiKey = $request->headers->get(Config::get('apiguard.keyName'));
}
if ($apiKey) {
if ($user = $this->userService->getUserByApiKey($apiKey)) {
if (empty($user->allowed_ip_range) || IpRangeChecker\Checker::isIpInRange(Request::getClientIp(), $user->allowed_ip_range)) {
$this->auth->setUser($user);
}
}
}
if ($this->auth->guest()) {
if ($request->ajax()) {
return response('Unauthorized.', 401);
} else {
return redirect()->guest('auth/login');
}
}
return $next($request);
}
public static function log($track)
{
Tracker::create(['user_id' => Auth::user()->id, 'event' => $track, 'ip' => Request::getClientIp(), 'version' => $_SERVER['HTTP_USER_AGENT'], 'machine' => $_SERVER['HTTP_USER_AGENT']]);
}
/**
* Insert new transaction to poolport_transactions table
*
* @return int last inserted id
*/
protected function newTransaction()
{
$uid = $this->getTimeId();
$this->transactionId = $this->getTable()->insert(['id' => $uid, 'port' => $this->getPortName(), 'price' => $this->amount, 'status' => Enum::TRANSACTION_INIT, 'ip' => Request::getClientIp(), 'created_at' => Carbon::now(), 'updated_at' => Carbon::now()]) ? $uid : null;
return $this->transactionId;
}
/**
* Handle the event.
*
* @param Events $event
*/
public function handle(Administrators $user)
{
$user->authentificated_at = new \DateTime();
$user->ip = Request::getClientIp();
$user->save();
}
/**
* Login Post
*/
public function loginPost()
{
$save_old_session_id = \Session::getId();
if (\Auth::attempt(array('email' => \Input::get('email'), 'password' => \Input::get('password'), 'banned' => 0, 'sites_id' => app('veer')->siteId))) {
\Auth::user()->increment('logons_count');
\Session::put('roles_id', \Auth::user()->roles_id);
\Veer\Models\UserList::where('session_id', '=', $save_old_session_id)->update(array('users_id' => \Auth::id()));
\Session::put('shopping_cart_items', $this->showUser->getUserLists(app('veer')->siteId, \Auth::id(), app('session')->getId()));
if (administrator() == true) {
\Veer\Models\UserAdmin::where('id', '=', app('veer')->administrator_credentials['id'])->update(array("sess_id" => \Session::getId(), "last_logon" => now(), "ips" => \Illuminate\Support\Facades\Request::getClientIp(), "logons_count" => app('veer')->administrator_credentials['logons_count'] + 1));
}
return \Redirect::intended();
}
return $this->login();
// @todo withErrors()
}
