| */ Route::filter('auth', function () { if (Auth::guest()) { if (Request::ajax()) { return Response::make('Unauthorized', 401); } else { return Redirect::guest('login'); } } }); Route::filter('auth.basic', function () { return Auth::basic(); }); Route::filter('userAuth', function () { $res = AccessToken::where('user_id', '=', Request::header('id'))->where('token', '=', Request::header('accessToken'))->first(); if (!$res) { return Response::json(['msg' => 'unauthorized']); } }); /* |-------------------------------------------------------------------------- | Guest Filter |-------------------------------------------------------------------------- | | The "guest" filter is the counterpart of the authentication filters as | it simply checks that the current user is not logged in. A redirect | response will be issued if they are, which you may freely change. | */ Route::filter('guest', function () {
/** * Revokes all access tokens for a give refresh token * @param $value refresh token value * @param bool $is_hashed * @return bool|void */ public function clearAccessTokensForRefreshToken($value, $is_hashed = false) { $hashed_value = !$is_hashed ? Hash::compute('sha256', $value) : $value; $res = false; $cache_service = $this->cache_service; $this->tx_service->transaction(function () use($hashed_value, &$res, &$cache_service) { $refresh_token_db = DBRefreshToken::where('value', '=', $hashed_value)->first(); if (!is_null($refresh_token_db)) { $access_tokens_db = DBAccessToken::where('refresh_token_id', '=', $refresh_token_db->id)->get(); if (!count($access_tokens_db)) { $res = true; } foreach ($access_tokens_db as $access_token_db) { $res = $cache_service->delete($access_token_db->value); $client = $access_token_db->client()->first(); $res = $cache_service->deleteMemberSet($client->client_id . TokenService::ClientAccessTokenPrefixList, $access_token_db->value); $access_token_db->delete(); } } }); return $res; }
<?php Route::filter('token', function () { $token = AccessToken::where('token', Input::get('token'))->first(); if (!$token) { return Response::json(array('status' => 'Unauthorized')); } }); Route::filter('auth', function () { if (Auth::onceBasic()) { return Response::json(['error' => ['message' => 'Invalid credentials', 'status_code' => 401]], 401); } }); Route::filter('bearer', function () { $header = Request::header('Authorization'); if (!$header) { return Response::json(['error' => ['message' => 'Unauthorized', 'status_code' => 401]], 401); } $token = explode(' ', $header)[1]; if ($token) { $device = Device::where('auth_token', $token)->orderBy('id', 'desc')->first(); if (!is_null($device)) { try { Auth::onceUsingId($device->user_id); } catch (Exception $e) { return Response::json(['error' => ['message' => $e->getMessage(), 'status_code' => 500]], 500); } } else { return Response::json(['error' => ['message' => 'Invalid token', 'status_code' => 401]], 401); } } else {