Пример #1
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure $next
  * @return mixed
  */
 public function handle($request, Closure $next)
 {
     $apiKey = Request::input('api_key');
     if (!$apiKey) {
         $apiKey = $request->headers->get(Config::get('apiguard.keyName'));
     }
     if ($apiKey) {
         if ($user = $this->userService->getUserByApiKey($apiKey)) {
             if (empty($user->allowed_ip_range) || IpRangeChecker\Checker::isIpInRange(Request::getClientIp(), $user->allowed_ip_range)) {
                 $this->auth->setUser($user);
             }
         }
     }
     if ($this->auth->guest()) {
         if ($request->ajax()) {
             return response('Unauthorized.', 401);
         } else {
             return redirect()->guest('auth/login');
         }
     }
     return $next($request);
 }
Пример #2
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure $next
  * @return mixed
  * @throws \App\Exceptions\InvalidCredentialsException
  * @throws \App\Exceptions\NoAuthenticationException
  */
 public function handle($request, Closure $next)
 {
     if (empty($request->header('Authorization'))) {
         throw new \App\Exceptions\NoAuthenticationException();
     }
     $header = $request->headers->get('Authorization');
     if (starts_with(strtolower($header), 'bearer')) {
         //If token is passed (to refresh)
         /** @var User $user */
         $user = \JWTAuth::setRequest($request)->parseToken()->authenticate();
         \JWTAuth::invalidate();
         //invalidate the old token
         $this->auth->setUser($user);
     } else {
         //if credentials are passed
         $credentials = ['email' => $request->getUser(), 'password' => $request->getPassword()];
         $this->auth->once($credentials);
     }
     $isAuthenticated = $this->auth->check();
     if (!$isAuthenticated) {
         throw new \App\Exceptions\InvalidCredentialsException();
     }
     return $next($request);
 }
Пример #3
0
 /**
  * Handle an incoming request.
  *
  * @param  \Illuminate\Http\Request $request
  * @param  \Closure $next
  * @return mixed
  * @throws \App\Exceptions\InvalidCredentialsException
  * @throws \App\Exceptions\NoAuthenticationException
  */
 public function handle($request, Closure $next)
 {
     $user = \JWTAuth::setRequest($request)->parseToken()->authenticate();
     $this->auth->setUser($user);
     return $next($request);
 }