|-------------------------------------------------------------------------- | | Below you will find the "before" and "after" events for the application | which may be used to do any work before or after a request into your | application. Here you may also register your custom route filters. | */ App::before(function ($request) { Session::set('salt', md5(uniqid(rand(), true))); if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { $headers = array('Access-Control-Allow-Origin' => Config::get('app.cors_url'), 'Access-Control-Allow-Methods' => 'POST, GET, OPTIONS, PUT, DELETE', 'Access-Control-Allow-Headers' => 'X-Requested-With, content-type'); return Response::make('', 200, $headers); } // check session on non-whitelisted routes // if (!FiltersHelper::whitelisted()) { if (Session::has('timestamp') && time() - intval(Session::get('timestamp')) > 60 * Config::get('session.timeout')) { Session::flush(); return Response::make('SESSION_INVALID', 401); } else { if (Session::has('timestamp')) { Session::set('timestamp', time()); } else { return Response::make('SESSION_INVALID', 401); } } } // sanitize input // $impure = false; $input = Input::all();
|-------------------------------------------------------------------------- | Application & Route Filters |-------------------------------------------------------------------------- | | Below you will find the "before" and "after" events for the application | which may be used to do any work before or after a request into your | application. Here you may also register your custom route filters. | */ App::before(function ($request) { Session::set('salt', md5(uniqid(rand(), true))); if (FiltersHelper::method() == 'options') { $headers = array('Access-Control-Allow-Origin' => Config::get('app.cors_url'), 'Access-Control-Allow-Methods' => 'POST, GET, OPTIONS, PUT, DELETE', 'Access-Control-Allow-Headers' => 'X-Requested-With, content-type'); return Response::make('', 200, $headers); } if (!FiltersHelper::whitelisted() && $request->segment(2) != 'current') { if (Session::has('timestamp') && time() - intval(Session::get('timestamp')) > 60 * Config::get('session.timeout')) { Session::flush(); return Response::make('SESSION_INVALID', 401); } else { if (Session::has('timestamp')) { Session::set('timestamp', time()); } else { return Response::make('SESSION_INVALID', 401); } } } // sanitize input // $impure = false; $input = Input::all();