public function facebook(Request $request) { $accessTokenUrl = 'https://graph.facebook.com/v2.5/oauth/access_token'; $graphApiUrl = 'https://graph.facebook.com/v2.5/me'; $params = ['code' => $request->input('code'), 'client_id' => $request->input('clientId'), 'redirect_uri' => $request->input('redirectUri'), 'client_secret' => '76cd1014c10586c33f3e13f03929a221']; $client = new \GuzzleHttp\Client(); // Step 1. Exchange authorization code for access token. $accessToken = json_decode($client->get($accessTokenUrl, ['query' => $params])->getBody(), true); // Step 2. Retrieve profile information about the current user. $profile = json_decode($client->get($graphApiUrl, ['query' => $accessToken])->getBody(), true); // Step 3a. If user is already signed in then link accounts. if ($request->header('Authorization')) { $user = User::where('facebook', '=', $profile['id']); if ($user->first()) { return response()->json(['message' => 'There is already a Facebook account that belongs to you'], 409); } $token = explode(' ', $request->header('Authorization'))[1]; $payload = (array) JWT::decode($token, Config::get('jwt.secret'), array('HS256')); $user = User::find($payload['sub']); $user->facebook = $profile['id']; $user->displayName = $user->displayName ?: $profile['name']; $user->save(); return response()->json(['token' => $this->createToken($user)]); } else { $user = User::where('facebook', '=', $profile['id']); if ($user->first()) { return response()->json(['token' => $this->createToken($user->first())]); } $user = new User(); $user->facebook = $profile['id']; $user->displayName = $profile['name']; $user->save(); return response()->json(['token' => $this->createToken($user)]); } }
public function summary(Request $request, $regionId) { $region = Region::find($regionId); $user = false; $token = $request->header('Authorization'); if ($token) { if (isset($token[1])) { $token = explode(' ', $request->header('Authorization'))[1]; $payload = (array) JWT::decode($token, Config::get('app.token_secret'), array('HS256')); $user = User::find($payload['sub']); } } $participants = new Collection(); $past_competitions = new Collection(); $next_competitions = new Collection(); $next_competition = array(); $competitions = array(); if ($regionId == 1) { $competitions = Competition::all(); $videos = DB::table('medias')->where('region_id', '<>', $region->id)->get(); $region->competitions = $competitions; } else { $competitions = $region->competitions; $videos = DB::table('medias')->where('region_id', '=', $region->id)->get(); } $competitions->each(function ($competition) use($past_competitions, $next_competitions, $participants, $user) { $competition->users->each(function ($participant) use($participants, $competition, $user) { if ($user && $user->id == $participant->id) { $competition->already_participating = true; } $participant->medias; $participant->competitions; $participants->push($participant); }); $competition->location; $competition->videos; if (Carbon::now()->gte($competition->event_date)) { $competition->past = true; $past_competitions->push($competition); } else { $competition->past = false; $next_competitions->push($competition); } }); $region->next_competition = $next_competitions->first(); $region->next_competitions = $next_competitions; $region->past_competitions = $past_competitions; $region->videos = $videos; $region->videos_count = count($videos); $region->competitions_count = count($competitions); $region->participants = $participants->unique(); $region->participants_count = count($region->participants); return $region; }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $jwt = $request->header('x-auth-jwt'); $key = 'fad'; //env('JWT_KEY'); $decoded = JWT::decode($jwt, $key, array('HS256')); /* /* NOTE: This will now be an object instead of an associative array. To get an associative array, you will need to cast it as such: */ //$decoded_array = (array) $jwt; /** * You can add a leeway to account for when there is a clock skew times between * the signing and verifying servers. It is recommended that this leeway should * not be bigger than a few minutes. * * Source: http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html#nbfDef */ //JWT::$leeway = 60; // $leeway in seconds //$decoded = JWT::decode($jwt, $key, array('HS256')); return $next($request); //$res = $next($request); //echo "after http request!"; //return $res; }
/** * Check the request headers. * * @param Illuminate\Http\Request $request * @return void */ protected function checkRequest(Request $request) { $this->checkAcceptHeader($request->header('accept')); if (!in_array($request->method(), ['GET', 'OPTIONS'])) { $this->checkContentTypeHeader($request->header('content-type')); } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $access_token = $request->header('access_token'); $refresh_token = $request->header('refresh_token'); if ($access_token == null && $refresh_token == null) { return response('No Token', 400); } else { $verifyAccess = UserTokenModel::find($access_token); $verifyRefresh = UserRefreshTokenModel::find($refresh_token); $current_time = time(); // echo(strtotime($verifyAccess->expires)-$current_time .'<br>'); // echo($current_time); // echo(((strtotime($verifyAccess->expires)-$current_time)<3600)."<br>"); // echo((strtotime($verifyRefresh->expires)-$current_time)); if (count($verifyAccess) > 0) { if (strtotime($verifyAccess->expires) > $current_time) { return $next($request); } else { return response()->json(['message' => 'Token expired'], 403); } } else { return response()->json(['message' => 'Invalid token'], 403); } } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $token = $request->header('access-token'); $token = isset($token) ? $request->header('access-token') : $request->get('api_token'); if (!$token) { return response('Unauthorized.', 403); } $key = getenv('APP_KEY'); $signer = new Sha256(); $data = new ValidationData(); // It will use the current time to validate (iat, nbf and exp) $data->setIssuer($request->server('REMOTE_ADDR')); $data->setAudience($request->server('HTTP_HOST')); try { $token = (new Parser())->parse((string) $token); if (!$token->validate($data)) { return response('Unauthorized data', 401); } if (!$token->verify($signer, $key)) { return response('Unauthorized sign', 401); } putenv("USER=" . $token->getClaim('uid')); return $next($request); } catch (\Exception $e) { return response('Unauthorized: ' . $e->getMessage(), 403); } }
/** * Get OTP Session Token. * * @return string|exception */ protected function getToken() { if (!$this->request->hasHeader('X-OTP-SESSION-TOKEN')) { throw new InvalidTwoFactorSessionToken(); } return $this->request->header('X-OTP-SESSION-TOKEN'); }
public function __construct(Request $request) { if (!$request->header('App-token')) { exit; } $this->user_id = TokenService::tokenDecrypt($request->header('App-token')); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->agent->isRobot() || $request->header('user-agent') == '' || !$request->header('user-agent')) { return redirect($_SERVER['HTTP_REFERER']); } return $next($request); }
public function saveFranchise(Request $request) { /* $validator = Validator::make($request->all(), [ 'jenis' => 'required|integer', 'namausaha' => 'required|unique:franchises', 'telepon' => 'required', 'alamat' => 'required|max:50' ]); if ($validator->fails()) { $message = $validator->errors(); return $this->httpUnprocessableEntity($message); } $jenis = $request->input('jenis'); $namausaha = $request->input('namausaha'); $telepon = $request->input('telepon'); $alamat = $request->input('alamat'); $image = $request->input('logo'); */ $validator = Validator::make($request->all(), ['logo' => 'image|mimes:jpg,jpeg,png|max:2000']); if ($validator->fails()) { $message = $validator->errors(); return $this->httpUnprocessableEntity($message); } $jenis = $request->header('jenis'); $namausaha = $request->header('namausaha'); $telepon = $request->header('telepon'); $alamat = $request->header('alamat'); $image = $request->file('logo'); $cek = Jenis::where('id', $jenis)->first(); if (empty($cek)) { return $this->httpUnprocessableEntity('Id jenis tidak valid'); } $db = new Franchise(); $db->jenis = $jenis; $db->namausaha = $namausaha; $db->franchisor_id = $this->userID($request); $franchisor = new Franchisor(); $franchisor->where('id', $this->userID($request))->update(['alamat' => $alamat, 'telepon' => $telepon]); if ($image) { //$image ='data:image/jpeg;base64,' .base64_encode($image); /*header("Content-type: image/jpeg"); $image = Image::make($image); $image = $image->response('jpg', 70);*/ $salt = hash('sha256', time() . mt_rand()); $link = substr($salt, 0, 40) . ".png"; $resizedImage = $this->resize($image, 500, 500, $link); if (!$resizedImage) { return response()->json(['status' => false, 'msg' => 'gagal'], 204); } $db->logo = $link; $db->logo_url = url('api/logo/' . $link); } $db->logo = "avatar.png"; $db->logo_url = url('api/logo/avatar.png'); if ($db->save()) { return $this->httpCreate(); } return $this->httpServerError(); }
/** * Determine if the session and input CSRF tokens match. * * @param \Illuminate\Http\Request $request * @return bool */ protected function tokensMatch($request) { $token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN'); if (!$token && ($header = $request->header('X-XSRF-TOKEN'))) { $token = $this->encrypter->decrypt($header); } return Str::equals($request->session()->token(), $token); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->user->authenticateApiV1($request->header('Authorization')) !== false) { $this->auth->loginUsingId($this->user->authenticateApiV1($request->header('Authorization'))); } else { return response('Invalid API token.', 401); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!empty($request->header('credential'))) { if (Credential::where('key', $request->header('credential'))->count() != 0) { return $next($request); } } $this->response->error('Not Valid Api Credential', 500); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $cookieLang = Cookie::get('i18next'); if ($cookieLang) { App::setLocale($cookieLang); } elseif ($request->header('Accept-Language')) { App::setLocale($request->header('Accept-Language')); } return $next($request); }
public function validateRequest(Request $request) { if ($request->header('Accept') != JsonApi::MIME_TYPE) { throw new \RuntimeException('Invalid Accept header.'); } if (!empty($request->getContent()) && $request->header('Content-Type') != JsonApi::MIME_TYPE) { throw new \RuntimeException('Invalid Content-Type header.'); } return true; }
/** * Create a new controller instance. * * @return void */ public function create(Request $request) { $message['to'] = $request->input('to'); $message['from'] = $request->input('from'); $message['body'] = $request->input('body'); $message['accountSid'] = $request->header('X-TWILIO-ACCOUNT-SID'); $message['authToken'] = $request->header('X-TWILIO-AUTH-TOKEN'); $client = new \Services_Twilio($message['accountSid'], $message['authToken']); $client->account->messages->create(['To' => $message['to'], 'From' => $message['from'], 'Body' => $message['body']]); exit; }
/** * Render an exception into an HTTP response. * * @param \Illuminate\Http\Request $request * @param \Exception $e * @return \Illuminate\Http\Response */ public function render($request, Exception $e) { if ($e instanceof HttpException) { $response = $e->response(); if ($request->header('Origin')) { Cors::attachHeaders($response); $response->headers->set('Access-Control-Allow-Origin', $request->header('Origin')); } return $response; } return parent::render($request, $e); }
/** * Handles a webhook. * * @param \Illuminate\Http\Request $request * * @return void */ public function handle(Request $request) { $signature = $request->header('X-Hub-Signature'); if ($signature !== ($realSignature = 'sha1=' . hash_hmac('sha1', $request->getContent(), env('WEBHOOK_SECRET')))) { throw new NotFoundHttpException(); } $handler = array_get(static::$handlers, $request->header('X-Github-Event')); if (!$handler) { throw new NotFoundHttpException(); } return app()->call([$this, $handler]); }
public function goToNewUrl(Request $request, $code) { $url = Rule::where('short_url', $code)->first(); if (!$url) { $view = view('errors.404'); return response($view, 404); } $user_agent = parse_user_agent($request->header('user-agent')); $rdr = ['ip_address' => $request->getClientIp(), 'referer' => $request->header('referer'), 'browser' => $user_agent['browser'], 'platform' => $user_agent['platform'], 'country' => $request->header('CF-IPCountry'), 'browser_version' => $user_agent['version']]; Visit::create($rdr); return redirect()->to($url->long_url); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->header('Authorization')) { $token = explode(' ', $request->header('Authorization'))[1]; $payload = (array) JWT::decode($token, Config::get('app.token_secret'), array('HS256')); if ($payload['exp'] < time()) { return response()->json(['message' => 'Token has expired']); } $request['user'] = $payload; return $next($request); } else { return response()->json(['message' => 'Please make sure your request has an Authorization header'], 401); } }
/** * Determine if the session and input CSRF tokens match. * * @param \Illuminate\Http\Request $request * @return bool */ protected function tokensMatch($request) { // Get tokens from session and the request $sessionToken = $request->session()->token(); $token = $request->input('_token') ?: $request->header('X-CSRF-TOKEN'); if (!$token && ($header = $request->header('X-XSRF-TOKEN'))) { $token = $this->encrypter->decrypt($header); } if (!is_string($sessionToken) || !is_string($token)) { return false; } // Validate them return hash_equals((string) $request->session()->token(), (string) $token); }
/** * * @param Request $request * @return mixed */ public function getFilterReport(Request $request) { $timeEntryObj = new TimeEntry(); $timeEntryQuery = $timeEntryObj->getTimerTrackerReport(); $totalTime = 0; $totalCount = 0; //used select field here as we are using same query to get count and time sum //set select fields for listing $select = ['te.created_at as created_at', 'te.desc as description', 'te.time as time', 'u.name as username', 'p.name as projectName', 'c.name as clientName', DB::raw("GROUP_CONCAT(t.name) as tags"), DB::raw("DATE(te.created_at) as createdDate")]; //set filters on query $filters = $request->input('filters'); if ($request->has('xls')) { $filters = (array) json_decode($filters); } if (isset($filters['desc']) && $filters['desc'] != "") { $timeEntryQuery->where('te.desc', $filters['desc']); } if (isset($filters['users']) && !empty($filters['users'])) { $timeEntryQuery->whereIn('u.id', $filters['users']); } if (isset($filters['clients']) && !empty($filters['clients'])) { $timeEntryQuery->whereIn('c.id', $filters['clients']); } if (isset($filters['projects']) && !empty($filters['projects'])) { $timeEntryQuery->whereIn('p.id', $filters['projects']); } if (isset($filters['startDate']) && $filters['startDate'] != "") { $timeEntryQuery->whereDate('te.created_at', '>=', date('Y-m-d', strtotime($filters['startDate']))); } if (isset($filters['endDate']) && $filters['endDate'] != "") { $timeEntryQuery->whereDate('te.created_at', '<=', date('Y-m-d', strtotime($filters['endDate']))); } if ($request->input('xls')) { $timeEntryQuery->select($select); $this->getFilteredReport($timeEntryQuery->get()); } //get total count and time sum $aggregateResult = \DB::table(\DB::raw(' ( ' . $timeEntryQuery->select('time')->toSql() . ' ) AS counted '))->selectRaw('count(*) AS totalCount, sum(time) as totalTime')->mergeBindings($timeEntryQuery)->first(); if ($aggregateResult) { $totalCount = $aggregateResult->totalCount; $totalTime = $aggregateResult->totalTime; } $timeEntryQuery->select($select); //pagination limit $range = explode('-', $request->header('range')); $timeEntryQuery->skip($range[0]); $limit = 0 == $range[0] ? $range[1] : $range[1] - $range[0]; $timeEntryQuery->limit($limit); return response(['data' => $timeEntryQuery->get(), 'totalTime' => $totalTime])->header('Content-Range', "{$request->header('range')}/{$totalCount}"); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { /* * Cookie::get('i18next'); - don't work because EncryptCookies executes * later and it's no seems a way to change a middleware order */ if (array_key_exists('i18next', $_COOKIE)) { $lang = substr($_COOKIE['i18next'], 0, 2); App::setLocale($lang); } elseif ($request->header('Accept-Language')) { App::setLocale($request->header('Accept-Language')); } return $next($request); }
/** * Get the request formatted as meta data. * * @return array */ public function getMetaData() { $data = []; $data['url'] = $this->request->fullUrl(); $data['httpMethod'] = $this->request->getMethod(); $data['params'] = $this->request->input(); $data['clientIp'] = $this->request->getClientIp(); if ($agent = $this->request->header('User-Agent')) { $data['userAgent'] = $agent; } if ($headers = $this->request->headers->all()) { $data['headers'] = $headers; } return ['request' => $data]; }
/** * UserAgent constructor. * * @author Morten Rugaard <*****@*****.**> * * @param \Illuminate\Http\Request $request */ public function __construct(Request $request) { if ($request->method() == 'OPTIONS') { return; } // Retrieve user agent from request header // X-User-Agent is supported since some browsers / platforms override User-Agent header $this->userAgent = $userAgent = $request->header('X-User-Agent') ?: $request->header('User-Agent'); // Set nodes meta if ($request->header(self::NODES_META_HEADER)) { $this->meta = new NodesMeta($request->header(self::NODES_META_HEADER)); } // Parse received user agent $this->parse($userAgent); }
/** * Determine if the session and input CSRF tokens match. * * @param \Illuminate\Http\Request $request * @return bool */ protected function tokensMatch($request) { // If request is an ajax request, then check to see if token matches token provider in // the header. This way, we can use CSRF protection in ajax requests also. $token = $request->ajax() ? $request->header('X-CSRF-Token') : $request->input('_token'); return $request->session()->token() == $token; }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next <<<<<<< HEAD * @param string $type ======= >>>>>>> e5c137f82b44a4fbd2d63c36abbfe0cec29ead52 * * @return mixed */ public function handle($request, Closure $next) { if ($tz = $request->header('Time-Zone')) { app('config')->set('cachet.timezone', $tz); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->header('x-requested-with') !== 'my.com.derp.whatscarrier') { throw new Exception("Error Processing Request", 404); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->header('origin') !== 'https://sandbox.pagseguro.uol.com.br' && $request->getMethod() !== 'POST') { return response('Unauthorized.', 401); } return $next($request)->header('Access-Control-Allow-Origin', 'https://sandbox.pagseguro.uol.com.br')->header('Access-Control-Allow-Methods', 'POST'); }
/** * Handles a standard form submit * * @return Response */ public function submit(Request $request) { // get referer $referer = $request->header('referer'); // get the site $siteId = $request->input('siteid'); $url = $referer; $formId = $request->input('formid'); $timestamp = gmdate('D M d Y H:i:s O', time()); // get all fields $all_fields = $request->all(); $fields = array(); // walk through form fields foreach ($all_fields as $key => $value) { if ($key != 'siteid' && $key != 'url' && $key != 'formid') { // push field array_push($fields, array('id' => $key, 'value' => $value)); } } // get name of $name = 'New Submission'; if (sizeof($fields) > 0) { $name = $fields[0]['value']; } $arr = array('id' => Utilities::getGUID(), 'name' => $name, 'url' => $url, 'formId' => $formId, 'date' => $timestamp, 'fields' => $fields); // create a submission from the json file $submission = new Submission($arr); // save the submission $submission->save($siteId); return redirect($referer . '#success'); }