/** * Determines whether a user is authenticated * by checking keys if they are valid. * * @return mixed **/ public function guard() { if (!isset($_SESSION['user'])) { return Route::redirect(route('login')); } else { if (!Token::verify(Session::user()->remember_token)) { return $this->restartSession(); } } return true; }
/** * Catches request method, and filter * each values * * @param $request */ public function __construct($request = null) { $request = is_null($request) ? $_POST : $request; if (is_null($this->request)) { if (array_key_exists('__FORM_TOKEN__', $request)) { unset($request['__FORM_TOKEN__']); } $this->request = filter_var_array($request, FILTER_SANITIZE_STRIPPED); } if (array_key_exists('__FORM_TOKEN__', $_POST)) { $token = $_POST['__FORM_TOKEN__']; unset($_POST['__FORM_TOKEN__']); if (!Token::verify($token)) { $auth = new \Auth(); return $auth->restartSession(); } } return true; }