/** * Register action. * * @return $this|\Illuminate\Http\RedirectResponse */ public function register() { $validator = $this->getRegistrationValidator(); if ($validator->passes()) { //only allow users to register who actually have a valid ldap account if ($this->isLdap) { $creds = $this->getLoginCredentials(); $creds['isRegister'] = true; if (!Auth::validate($creds)) { return Redirect::back()->withInput()->withErrors(["password" => [Lang::get('messages.invalid_credentials')]]); } } //if we are using ldap and auto registration, the user will have been created in the Auth::attemp call above //thus, we need to just load the user using eloquent and not create a new one. if ($this->isLdap && Config::get('ldap.autoRegister')) { $user = User::query()->where('username', Input::get('username'))->first(); } else { $user = $this->userRegistrator->registerUser(Input::except('_token', 'password_confirmation', 'ui_language'), Input::get('ui_language')); } if ($user) { Auth::login($user); Session::put('ui_language', Input::get('ui_language')); return Redirect::route("/"); } return Redirect::back()->withErrors(["password" => [Lang::get('messages.account_creation_failed')]]); } else { return Redirect::back()->withInput()->withErrors($validator); } }
public function doLogin() { $rules = array('username' => 'required', 'password' => 'required'); $validator = Validator::make(Input::all(), $rules); if ($validator->passes()) { $userdata = array('username' => Input::get('username'), 'password' => Input::get('password')); // attempt to do the login if (Auth::validate($userdata)) { if (Auth::attempt($userdata)) { // validation successful! // redirect them to the secure section or whatever // return Redirect::to('secure'); // for now we'll just echo success (even though echoing in a controller is bad) return Redirect::to('admin'); } else { echo "gagal login"; // validation not successful, send back to form //return Redirect::to('login'); } } else { echo "gagal validasi"; } } else { //echo 'gagal validasi'; return Redirect::to('login')->withErrors($validator)->withInput(); } }
public function changepwd() { $error = ''; if (Request::isMethod('post')) { $oldpwd = trim(Input::get('oldpwd')); $newpwd = trim(Input::get('newpwd')); $repwd = trim(Input::get('repwd')); $project_ids = Input::get('project', array()); if (!$oldpwd || !$newpwd) { $error = '信息填写不完整'; } else { if (!Auth::validate(array('username' => Auth::user()->username, 'password' => $oldpwd))) { $error = '旧密码不正确'; } else { if ($newpwd != $repwd) { $error = '2次输入的新密码不一致!'; } } } if (!$error) { Auth::user()->password = Hash::make($newpwd); Auth::user()->save(); return Redirect::action('ProjectsController@allProjects'); } } return View::make('users/pwd', array('error' => $error)); }
public function postLogin() { $input = Input::all(); $attempt = Auth::attempt(array('email' => $input['email'], 'password' => $input['password'], 'confirmed' => 1)); if ($attempt) { if (Request::ajax()) { return Response::json(array('user' => Auth::user())); } else { return Redirect::intended('home'); } } else { //Attempt again without checking 'confirmed' $attempt = Auth::validate(array('email' => $input['email'], 'password' => $input['password'])); if ($attempt) { //Credentials are correct. but email not verified $error = __('emailNotConfirmedYet'); $emailNotConfirmed = true; } else { $error = __('emailOrPasswordIncorrect'); } if (Request::ajax()) { return Response::json(array('error' => $error, 'emailNotConfirmed' => !empty($emailNotConfirmed) ? true : false), 400); } else { return Redirect::to(route('login'))->with('login:errors', [$error])->withInput(); } } }
/** * Store a newly created resource in storage. * * @return Response */ public function store() { $response = new stdClass(); $statusCode = 201; $in = Input::only('uuidx', 'email'); $rules = array('uuidx' => 'required | alpha_dash', 'email' => 'required | email | unique:users'); $vd = Validator::make($in, $rules); if ($vd->fails()) { $errs = $vd->messages(); if ($errs->has('email')) { $credentials['email'] = $in['email']; $credentials['password'] = $in['uuidx']; if (Auth::validate($credentials)) { $statusCode = 200; $response = Auth::user(); } else { $statusCode = 403; $response = $errs->all(); } } else { $statusCode = 400; $response = $errs->all(); } } else { mt_srand(crc32(microtime())); $in['uuidx'] = Hash::make($in['uuidx']); $in['seed'] = mt_rand(); $response = User::create($in); } return Response::json($response, $statusCode); }
public function store() { // get inputs from the api $username = Request::get('username'); $password = Request::get('password'); // determine whether username or email $identifier = filter_var(Input::get('email'), FILTER_VALIDATE_EMAIL) ? 'email' : 'username'; $credentials = array($identifier => $username, 'password' => $password); // check if creds are valid if (Auth::validate($credentials)) { // get the relevant user $user = \User::where($identifier, '=', $username)->first(); // build the groups array and then loop through the collection to turn it into an array // unserialising permissions as we go $user_groups = array(); foreach (\Auth::getUserGroups($user) as $index => $group) { $group['permissions'] = unserialize($group['permissions']); array_push($user_groups, $group->toArray()); } // return user and group info return Response::json(array('error' => false, 'user' => $user->toArray(), 'groups' => $user_groups), 200); } else { // if validation fails, respond return Response::json(array('error' => true, 'message' => 'user authentication failed'), 401); } }
public function postLogin() { $input = Input::all(); $rules = array('email' => 'required', 'password' => 'required'); $v = Validator::make($input, $rules); if ($v->fails()) { return Redirect::to('login')->withErrors($v); } else { $credentials = array('email' => $input['email'], 'password' => $input['password']); //Check ob Logindaten korrekt if (Auth::validate($credentials)) { //Wenn Logindaten korrekt: Check ob Konto aktiviert $credentials = array('email' => $input['email'], 'password' => $input['password'], 'confirmed' => 1); if (Auth::validate($credentials)) { //Falls Logindaten korrekt und Konto aktiviert: User Einloggen Auth::attempt($credentials); //Daten aus SAP ziehen $pispdm = array('ROLLFKT' => 'INST', 'PARTID' => '10000', 'TITLE' => '', 'NAME1' => '', 'NAME2' => '', 'POSTCODE1' => '', 'CITY1' => '', 'CITY2' => '', 'STREET' => '', 'HOUSENUM1' => '', 'TELNUMBER1' => '', 'MOBNUMBER1' => '', 'SMTPADDR' => '', 'ZULNR' => '', 'ZUDATB' => '', 'ZUERNA' => '', 'INSTBART' => '', 'FKTITLE' => '', 'FKNAM' => '', 'FKVNM' => ''); $params = array('PI_ACTVT' => '03', 'PI_ASART' => 'IAB1', 'PI_S_PD_M' => $pispdm); //$sapresult = App::make('SoapSapController')->callWebserviceRead($params); //Session::put('sapdata', $sapresult); return Redirect::to('/'); } else { //Falls Logindaten korrekt aber Konto nicht aktiviert: //Redirekt auf Verify Seite mit Option, sich die VerifyMail nochmal schicken zu lassen $user = User::findByEmailOrFail($input['email']); $toMail = array('email' => $user->email, 'username' => $user->username, 'confirmation_code' => $user->confirmation_code, 'login' => true); return View::make('home.verify')->with('toMail', $toMail); } } else { //Falls Logindaten falsch return Redirect::to('login')->withErrors(['credentials' => 'Benutzername oder Passwort ungültig.']); } } }
public function postIndex() { if (Input::has('changepw')) { $rules = array('oldPass' => 'required', 'newPass1' => 'required|min:8', 'newPass2' => 'required|min:8|same:newPass1'); $input = Input::all(); $validator = Validator::make($input, $rules); if ($validator->fails()) { return Redirect::to('/account')->withErrors($validator); } $user = Auth::user(); if (!Auth::validate(array('name' => $user->name, 'password' => $input['oldPass']))) { return Redirect::to('/account')->withErrors(array('message' => 'You have entered a wrong password.')); } $user->password = Hash::make($input['newPass2']); $user->save(); return Redirect::to('/account'); } elseif (Input::has('removeacc')) { $rules = array('remPass' => 'required|min:8'); $input = Input::all(); $validator = Validator::make($input, $rules); if ($validator->fails()) { return Redirect::to('/account')->withErrors($validator); } $user = Auth::user(); if (!Auth::validate(array('name' => $user->name, 'password' => $input['oldPass']))) { return Redirect::to('/account')->withErrors(array('message' => 'You have entered a wrong password.')); } $user->delete(); Auth::logout(); return Redirect::to('/'); } }
/** * Validacao: checkpass. * * @param $attribute * @param $value * @param $parameters * * @return int */ public function checkpass($attribute, $value, $parameters) { if (\Auth::check() != true) { return false; } // Validar $user = \Auth::user(); $credentials = ['email' => $user->email, 'password' => $value]; return \Auth::validate($credentials); }
public function updateSettings() { $user = Auth::user(); $validation = Validator::make(Input::all(), array('old_password' => 'required', 'password' => 'required|min:6|confirmed', 'password_confirmation' => 'required|min:6')); if ($validation->fails()) { return Redirect::route('settings')->withErrors($validation); } $authParams = array('email' => $user->email, 'password' => Input::get('old_password')); if (Auth::validate($authParams)) { $user->password = Hash::make(Input::get('password')); return Redirect::route('settings')->with('success', 'Password is successfully changed'); } else { return Redirect::route('settings')->with('error', 'Current password is incorrect'); } }
public function postChangePassword() { $user = \Auth::User(); $validation = new Validators\SeatUserPasswordValidator(); if ($validation->passes()) { if (Auth::validate(array('email' => Auth::User()->email, 'password' => Input::get('oldPassword')))) { $user->password = \Hash::make(Input::get('newPassword_confirmation')); $user->save(); return Redirect::action('ProfileController@getView')->with('success', 'Your password has successfully been changed.'); } else { return Redirect::action('ProfileController@getView')->withInput()->withErrors('Your current password did not match.'); } } else { return Redirect::action('ProfileController@getView')->withInput()->withErrors($validation->errors); } }
public function doChangePassword() { $password = Input::get('password'); $newpassword = Input::get('newpassword'); $confirm = Input::get('confirm'); $user = Auth::user(); $credentials = ['username' => Auth::user()->username, 'password' => $password]; if (!Auth::validate($credentials)) { return Redirect::to('profile/edit')->with('error', 'Invalid password')->with('model', $user); } if ($newpassword != $confirm) { return Redirect::to('profile/edit')->with('error', 'Your new password and confirmation are different')->with('model', $user); } $user->password = Hash::make($newpassword); $user->save(); return Redirect::to('profile/edit')->with('model', $user)->with('message', 'Password updated successfully'); }
public function testUserLogin() { $user = new User(); $user->username = '******'; $user->password = Hash::make('admin'); $user->email = '*****@*****.**'; $this->assertTrue($user->save()); print "\nID do usuário criado :::: {$user->id} : {$user->username} : {$user->password} ::"; // assert the user is not loggedin $this->assertFalse(Auth::check()); $user_find = User::find($user->id); $this->assertTrue($user_find->id == 1); // melhorar $this->assertTrue(Hash::check('admin', $user_find->password)); $this->assertTrue(Auth::validate(array('username' => $user->username, 'password' => 'admin'))); $this->assertTrue(Auth::attempt()); // if attempt returns true the user is auth }
public function checkLogin() { $username = \Input::get('username'); $password = \Input::get('password'); $validator = new Validate(); $validated = $validator->validateCreds(); $attempt = \Auth::attempt(array('username' => $username, 'password' => $password)); $menu_items = \MenuItem::all(); $categories = \MenuCategory::all(); if ($validated->passes()) { if (!\Auth::validate(array('username' => $username, 'password' => $password))) { return \View::make('accounts.login')->withErrors($validated)->withInput(\Input::only('username'))->with('message', '<p class="alert alert-dismissible alert-danger">Invalid username or password</p>'); } if ($attempt === true) { return \View::make('admin.dashboard')->with('menu_items', $menu_items)->with('categories', $categories); } } return \View::make('accounts.login')->withErrors($validated)->withInput(\Input::only('username')); }
public function Login() { $data = Input::all(); $rules = array('username' => 'required|username', 'password' => 'required|min:6'); $validator = Validator::make($data, $rules); if ($validator->fails()) { return Redirect::to('/login')->withInput(Input::except('password'))->withErrors($validator); } else { $userdata = array('email' => Input::get('email'), 'password' => Input::get('password')); if (Auth::validate($userdata)) { if (Auth::attempt($userdata)) { return Redirect::intended('/'); } } else { Session::flash('error', 'Something went wrong'); return Redirect::to('login'); } } }
/** * Register action. * * @return $this|\Illuminate\Http\RedirectResponse */ public function register() { $validator = $this->getRegistrationValidator(); if ($validator->passes()) { //only allow users to register who actually have a valid ldap account if ($this->isLdap) { $creds = $this->getLoginCredentials(); $creds['isRegister'] = true; if (!Auth::validate($creds)) { return Redirect::back()->withInput()->withErrors(["password" => [Lang::get('messages.invalid_credentials')]]); } } //if we are using ldap and auto registration, the user will have been created in the Auth::attemp call above //thus, we need to just load the user using eloquent and not create a new one. if ($this->isLdap && Config::get('ldap.autoRegister')) { $user = User::query()->where('username', Input::get('username'))->first(); } else { $user = $this->userRegistrator->registerUser(Input::except('_token', 'password_confirmation', 'ui_language'), Input::get('ui_language')); } if ($user && !Request::ajax()) { Auth::login($user); Session::put('ui_language', Input::get('ui_language')); return Redirect::route("/"); } else { if ($user) { return PaperworkHelpers::apiResponse(PaperworkHelpers::STATUS_SUCCESS, array()); } } if (!Request::ajax()) { return Redirect::back()->withErrors(["password" => [Lang::get('messages.account_creation_failed')]]); } else { return Response::json(array('html' => View::make('partials/registration-form', array('password' => Lang::get('messages.account_creation_failed'))), 'input' => Input::all()), 400); } } else { if (!Request::ajax()) { return Redirect::back()->withInput()->withErrors($validator); } else { return Response::json(array('html' => View::make('partials/registration-form')->withErrors($validator)->render(), 'input' => Input::all()), 400); } } }
public function postChangePassword() { $current_password = Input::get('current_password', ''); $password = Input::get('password', ''); $password_confirmation = Input::get('password_confirmation', ''); if ($password == $password_confirmation) { if (Auth::validate(['email' => Auth::user()->email, 'password' => $current_password])) { $user = \Cashout\Models\User::find(Auth::user()->id); $user->password = Hash::make($password); $user->save(); Session::flash('success_msg', 'Password changed successfully'); return Redirect::back(); } else { Session::flash('error_msg', 'Invalid password entered'); return Redirect::back(); } } else { Session::flash('error_msg', 'New Password and Confirm Password should be same'); return Redirect::back(); } }
/** * 动作:登录 * @return Response */ public function postSignin() { // 凭证 $credentials = array('email' => Input::get('email'), 'password' => Input::get('password')); // 是否记住登录状态 $remember = Input::get('remember-me', 0); // 验证登录 if (Auth::validate($credentials)) { // 验证成功,确认是否已经激活 $user = Auth::getLastAttempted(); if (is_null($user->activated_at)) { // 未激活,跳回 return Redirect::back()->withInput()->withErrors(array('attempt' => '“邮箱”未激活,请打开您邮箱中的激活邮件,完成激活操作。')); } // 已激活,手动登录,跳回之前被拦截的页面 Auth::login($user, $remember); return Redirect::intended(); } else { // 登录失败,跳回 return Redirect::back()->withInput()->withErrors(array('attempt' => '“邮箱”或“密码”错误,请重新登录。')); } }
public function postEditAccount() { $data = Input::all(); $rules = array('email' => 'email', 'about' => 'max:1024', 'newpassword' => 'confirmed|min:8', 'password' => 'required'); if (Auth::validate(array('username' => Auth::User()->username, 'password' => Input::get('password')))) { $messages = array('newpassword.min' => 'Your new password must be at least :min characters', 'newpassword.confirmed' => 'Your new passwords do not match'); $validator = Validator::make($data, $rules, $messages); if ($validator->passes()) { $user = Auth::User(); if (Input::has('email')) { $user->email = Input::get('email'); } if (Input::has('newpassword')) { $user->password = Hash::make(Input::get('newpassword')); } $user->save(); return Redirect::to('/'); } } else { return Redirect::route('user.dashboard.account')->withErrors(array('invalidpassword' => 'Invalid old password')); } return Redirect::route('user.dashboard.account')->withErrors($validator); }
public function validate() { $rules = array('username' => 'required|alpha_num|exists:users,username', 'password' => 'required|min:3'); $validator = \Validator::make($this->input(), $rules); if ($validator->passes()) { $username = $this->input('username'); $password = $this->input('password'); if (!\Auth::validate(array('username' => $username, 'password' => $password))) { $this->error(['password' => 'Your password is incorrect.']); } else { $user = \User::whereUsername($username)->first(['_id']); if ($user->banned != null) { $this->error(['global' => 'Your account has been suspended. If you believe this is a mistake, please contact support.']); } else { if ($user->activation != null) { $this->error(['global' => 'You must click the activation link in the email we sent you.']); } } } } else { $this->error($validator); } }
function render() { $render = new Render($this->db); // Check our authorization $auth = new Auth($this->db); // If we've been posted a password and it's wrong if (isset($_POST['user']) && isset($_POST['pass']) && !$auth->validate($_POST['user'], $_POST['pass'])) { // TODO: Use a real error handler instead of this header('HTTP/1.1 403 Forbidden'); $render->assign('title', 'There was an error'); $render->assign('reason', "I'm sorry, the password you entered is incorrect"); $render->display('auth_fail.tpl'); return; } // Otherwise we need to check to see if the user has already logged in or not if (!$this->auth->check()) { header('HTTP/1.1 403 Not Found'); $render->assign('title', 'There was an error'); $render->assign('reason', 'You need to login to perform this operation.'); $render->display('auth_fail.tpl'); return; } if (empty($_REQUEST['op'])) { $op = 'main'; } else { $op = $_REQUEST['op']; } if (method_exists($this, $op)) { $this->{$op}($render); } else { header('HTTP/1.1 404 Not Found'); $render->assign('title', 'There was an error'); $render->assign('reason', 'The page you are looking for does not seem to exist.'); $render->display('auth_fail.tpl'); return; } }
public function login() { $rules = ['email' => 'required|exists:users', 'password' => 'required']; $input = Input::only('email', 'password'); $validator = Validator::make($input, $rules); if ($validator->fails()) { //dd($input); return Redirect::back()->withInput()->with($validator); } $credentials = ['email' => Input::get('email'), 'password' => Input::get('password')]; // check if user is authentic $valid = Auth::validate($credentials); if (!$valid) { //dd($input); return Redirect::back()->withInput()->with(['message' => 'We were unable to sign you in. Incorrect email/password combination!']); } // user is valid, lets check a few things $user = User::where('email', '=', Input::get('email'))->first(); $user_id = $user->id; $get_user_id = Userconfirmation::where('user_id', '=', $user_id)->first(); $user_confirm = $get_user_id->confirmed; // check if user has confirmed their account if ($user_confirm != 1) { return Redirect::back()->withInput()->with(['message' => 'You must confirm your account before you can use your dashboard.']); } // Store your session variables Session::put('pb_user_name', $user->name); Session::put('pb_user_email', Input::get('email')); // incase you decide to use 'Remember me?' checkbox on login $remember = Input::get('remember'); // login the user Auth::login($user, $remember); // redirect to the page they were trying to view, or redirect to index return Redirect::intended('dashboard'); // Use this if you want to redirect to a named route instead // return Redirect::intended(route('home')); }
public function login() { // Getting all post data $data = Input::all(); // Applying validation rules. $rules = array('email' => 'required|email', 'password' => 'required|min:6'); $validator = Validator::make($data, $rules); if ($validator->fails()) { // If validation falis redirect back to login. return Redirect::to('login')->withInput(Input::except('password'))->withErrors($validator); } else { $userdata = array('email' => Input::get('email'), 'password' => Input::get('password')); // doing login. if (Auth::validate($userdata)) { if (Auth::attempt($userdata)) { return Redirect::intended('/'); } } else { // if any error send back with message. Session::flash('error', 'Something went wrong'); return Redirect::to('login'); } } }
<?php return ['database' => 'default', 'grant_types' => ['password' => ['class' => '\\League\\OAuth2\\Server\\Grant\\PasswordGrant', 'callback' => function ($username, $password) { if (Auth::validate(['email' => $username, 'password' => $password])) { $user = \Caravel\User::where('email', $username)->first(); return $user->id; } else { return false; } }, 'access_token_ttl' => 3600]], 'token_type' => 'League\\OAuth2\\Server\\TokenType\\Bearer', 'state_param' => false, 'scope_param' => false, 'scope_delimiter' => ',', 'default_scope' => null, 'access_token_ttl' => 3600, 'limit_clients_to_grants' => false, 'limit_clients_to_scopes' => false, 'limit_scopes_to_grants' => false, 'http_headers_only' => false];
function admin_login() { // Getting all post data $data = Input::all(); Auth::logout(); // Applying validation rules. $rules = array('username' => 'required', 'password' => 'required|min:5'); $validator = Validator::make($data, $rules); if ($validator->fails()) { // If validation falis redirect back to login. return Redirect::to('/admin_login')->withInput(Input::except('password'))->withErrors($validator); } else { $userdata = array('username' => Input::get('username'), 'password' => Input::get('password'), 'role' => '0'); // doing login. if (Auth::validate($userdata)) { if (Auth::attempt($userdata)) { $username = Auth::user()->username; Session::put('username', $username); Session::put('user', Auth::user()->name); return Redirect::intended('/get_search'); } } else { // if any error send back with message. Session::flash('error', 'Wrong Username/Password '); return Redirect::to('admin_login'); } } }
public function postAuthMobile() { if (Auth::validate(Input::all())) { return ['status' => true, 'user' => User::where('email', Input::get('email'))->first()]; } else { return ['status' => false, 'message' => 'Wrong credentials']; } }
public function postPassword() { $input = Input::all(); $user = array('username' => Auth::user()->username, 'password' => $input['old_password']); /** * Validate the user details to check old password */ if (!Auth::validate($user)) { return Redirect::to('/password')->with('message', "Incorrect Password"); } //Validation Rules $password_rules = array('password' => 'required|between:7,50|confirmed|case_diff|numbers|letters', 'password_confirmation' => 'required|between:7,50'); $validator = Validator::make($input, $password_rules); if ($validator->fails()) { return Redirect::to('/password')->with('message', implode("<br/>", $validator->messages()->get('password'))); } //Everything Good. Change the password $password = array('password' => Hash::make($input['password'])); $result = Auth::user()->update($password); return Redirect::to('/password')->with('message', "Password Changed Successfully"); }
public function passwordChange() { $oldPassword = Input::get('old_password'); $newPassword = Input::get('new_password'); if (!empty($oldPassword) && !empty($newPassword)) { $userId = Authorizer::getResourceOwnerId(); $user = User::find($userId); if (!empty($user)) { if (\Auth::validate(['email' => $user->email, 'password' => $oldPassword])) { $user->password = \Hash::make($newPassword); $user->save(); return Response::json("OK", 200); } } } return Response::json("Error", 400); }
$data = $_POST['data']; $fileName = $_POST['fileName']; $serverFile = time() . $fileName; $fp = fopen('/uploads/' . $serverFile, 'w'); //Prepends timestamp to prevent overwriting fwrite($fp, $data); fclose($fp); $returnData = array("serverFile" => $serverFile); return View::make('admin'); })->before('auth'); Route::post('/changePw', function () { $oldPW = Input::get("oldPW"); $newPW1 = Input::get("newPW1"); $newPW2 = Input::get("newPW2"); $name = Auth::user()->username; if (Auth::validate(array('username' => $name, 'password' => $oldPW))) { if (strlen($newPW1) < 4) { return Redirect::intended('profile')->with('status', 'error')->with('message', 'Das Passwort muss mindestens 4 Zeichen lang sein'); } if (strcmp($newPW1, $newPW2) == 0) { $user = User::find(Auth::user()->id); $user->password = Hash::make($newPW1); $user->save(); return Redirect::intended('profile')->with('status', 'success')->with('message', 'Das Passwort wurde erfolgreich geändert'); } else { return Redirect::intended('profile')->with('status', 'error')->with('message', 'Die eingegebenen Passwörter stimmen nicht überein'); } } else { return Redirect::intended('profile')->with('status', 'error')->with('message', 'Das eingegebene Passwort stimmt nicht'); } })->before('auth');
public function getFetchUserKey($username, $password, $hmac) { // all bancho input should be HMAC'd to be sure it's coming from bancho $check = hash_hmac('sha512', $username . $password, Config::get('osu.bancho.hmac')); if ($check !== $hmac) { // log HMAC failures sentry_log('HMAC failure for fetch-user-key', 403, Raven_Client::FATAL); return Response::json(['error' => 400]); } if (Auth::check() and Auth::user()->user_id === User::SYSTEM) { $user = User::where('username', '=', $username)->get(); if ($user) { if ($key = $user->getBanchoKey()) { if (Auth::validate(['username' => $username, 'password' => $password])) { return Response::json(['success' => $key]); } else { return Response::json(['error' => 403]); } } else { // If a user doesn;t have a key, they're banned return Response::json(['error' => 401]); } } else { // use status codes. they're easier for bancho // to understand and easier to deserialize return Response::json(['error' => 404]); } } else { // log bancho auth failures sentry_log('auth failure for fetch-user-key', 403, Raven_Client::FATAL); } }