protected function makeResponse(Request $request) { $message = $this->translator->get('c::auth.login-required'); if ($request->ajax() || $request->isJson() || $request->wantsJson()) { return Response::json(['error' => $message], 403); } else { $url = $this->url->action('anlutro\\Core\\Web\\AuthController@login'); $intended = $request->getMethod() == 'GET' ? $request->fullUrl() : ($request->header('referer') ?: '/'); $this->session->put('url.intended', $intended); return $this->redirect->to($url)->with('error', $message); } }
protected function checkRequestMethod() { if (!isset($this->config['methods'])) { return true; } return in_array($this->request->getMethod(), $this->config['methods']); }
/** * @param \Illuminate\Http\Request $request * * @return static */ public static function createFromRequest(Request $request) { $instance = new static(); if (in_array($request->getMethod(), ['POST', 'PATCH', 'PUT'])) { $instance->input = $request->json(); } else { $instance->input = $request->query; } if ($request->query->has('per_page')) { $instance->perPage = intval($request->query->get('per_page')); } if ($request->query->has('page')) { $instance->page = intval($request->query->get('page')); } $instance->query = $request->query; $instance->apiClass = explode('@', $request->route()[1]['uses'])[0]; $instance->method = $request->getMethod(); $instance->headers = $request->headers; $instance->token = static::getToken($request); $instance->callback = $request->query->get('callback'); $params = $request->route()[2]; if (isset($params['id'])) { $id = intval($params['id']); $instance->resourceId = $id > 0 ? $id : null; } return $instance; }
/** * Handle an incoming request. * * @param LaravelRequest $request * @param Closure $next * * @return mixed */ public function handle(LaravelRequest $request, Closure $next) { $message = new Request($request->getMethod(), new Uri($request->getUri()), $request->headers->all(), $request->getContent()); $result = $this->extractor->getRequest($message); $event = $this->logger->begin($result['request'], $request->getUri(), $request->getMethod(), ''); $response = null; try { /** @var LaravelResponse $response */ $response = $next($request); } catch (Exception $e) { $response = LaravelResponse::create($e->getMessage(), 500); } finally { $this->logResponse($response, $event); } return $response; }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ public function handle($request, Closure $next) { if (in_array($request->getMethod(), self::PARSED_METHODS)) { $request->merge(json_decode($request->getContent())); } return $next($request); }
/** * @param Request $request */ public function run(Request $request) { $isPost = $request->getMethod() === 'POST'; $src = $request->all(); $cmd = isset($src['cmd']) ? $src['cmd'] : ''; $args = []; if (!function_exists('json_encode')) { $error = $this->elFinder->error(elFinder::ERROR_CONF, elFinder::ERROR_CONF_NO_JSON); $this->output(['error' => '{"error":["' . implode('","', $error) . '"]}', 'raw' => TRUE]); } if (!$this->elFinder->loaded()) { $this->output(['error' => $this->elFinder->error(elFinder::ERROR_CONF, elFinder::ERROR_CONF_NO_VOL), 'debug' => $this->elFinder->mountErrors]); } // telepat_mode: on if (!$cmd && $isPost) { $this->output(['error' => $this->elFinder->error(elFinder::ERROR_UPLOAD, elFinder::ERROR_UPLOAD_TOTAL_SIZE), 'header' => 'Content-Type: text/html']); } // telepat_mode: off if (!$this->elFinder->commandExists($cmd)) { $this->output(['error' => $this->elFinder->error(elFinder::ERROR_UNKNOWN_CMD)]); } // collect required arguments to exec command foreach ($this->elFinder->commandArgsList($cmd) as $name => $req) { $arg = $name == 'FILES' ? $_FILES : (isset($src[$name]) ? $src[$name] : ''); if (!is_array($arg)) { $arg = trim($arg); } if ($req && (!isset($arg) || $arg === '')) { $this->output(['error' => $this->elFinder->error(elFinder::ERROR_INV_PARAMS, $cmd)]); } $args[$name] = $arg; } $args['debug'] = isset($src['debug']) ? !!$src['debug'] : FALSE; $this->output($this->elFinder->exec($cmd, $this->input_filter($args))); }
/** * Create the validator instance. * * @param Illuminate\Http\Request $request * @param Illuminate\Validation\Factory $validation */ public function __construct(Request $request, ValidationFactory $validation) { $this->request = $request; $this->validation = $validation; $this->setUpdating(in_array(strtolower($request->getMethod()), array('put', 'patch'))); $this->defineInput(); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->header('origin') !== 'https://sandbox.pagseguro.uol.com.br' && $request->getMethod() !== 'POST') { return response('Unauthorized.', 401); } return $next($request)->header('Access-Control-Allow-Origin', 'https://sandbox.pagseguro.uol.com.br')->header('Access-Control-Allow-Methods', 'POST'); }
public function saveAction(Request $request) { $params = $request->all(); unset($params['_token'], $params['q']); if (strlen($params['password'])) { $params['password'] = Crypt::encrypt($params['password']); } if ($request->getMethod() == 'POST') { // saving data! $isValid = $this->repository->validateRequest($request); if (!is_bool($isValid)) { $request->session()->flash('message', "Invalid data, please check the following errors: "); $request->session()->flash('validationErrros', $isValid); return redirect()->route('configuration')->withInput(); } $configuration = $this->repository->findById($params['id']); if (!$configuration) { $request->session()->flash('message', "Configuration not found"); return redirect('configuration'); } $this->repository->update($params, $params['id']); $request->session()->flash('message', "Configuration updated successfully!"); $request->session()->flash('success', true); return redirect('configuration'); } $request->session()->flash('message', "Method not allowed"); return redirect('configuration'); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ public function handle($request, Closure $next) { if ($request->getMethod() != 'GET' && $this->isReadOnlyModeEnabled()) { throw new HttpException(503); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->getMethod() == "OPTIONS") { $headers = array('Access-Control-Allow-Methods' => 'POST, GET, OPTIONS, PUT, DELETE', 'Access-Control-Allow-Headers' => 'X-Requested-With, content-type'); return Response::make('', 200, $headers); } return $next($request); }
/** * Convert Request and Exception to array * @param Request $request * @param $e */ public function convert(Request $request, $e) { $this->_data['stacktrace'] = ['line' => $e->getLine(), 'file' => $e->getFile(), 'message' => $e->getMessage(), 'code' => $this->getCode($e->getFile(), $e->getLine(), 10)]; $this->_data['headers'] = $request->headers->all(); $this->_data['cookies'] = $request->cookies->all(); $this->_data['method'] = $request->getMethod(); $this->_data['uri'] = $request->getRequestUri(); $this->_data['params'] = $request->all(); }
/** * @param HttpRequest $request * * @return array */ public function rules(HttpRequest $request) : array { if ($request->getMethod() === HttpRequest::METHOD_POST) { return self::RULES; } $rules = self::RULES; $rules['colour'][2] .= ",{$request->get('id')}"; return $rules; }
/** * Log all api requests * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ public function handle(Request $request, \Closure $next) { try { $this->debug($request->getMethod() . ' ' . $request->getPathInfo()); } catch (\Exception $_ex) { // Ignored. } return parent::handle($request, $next); }
public function handle(Request $request, \Closure $next) { if ($request->getMethod() === "POST") { if ($this->validSignature($request) || $this->validShopId($request)) { return $next($request); } } $this->logger->hooksError($request->getContent(), $request); return new Response("", Response::HTTP_FORBIDDEN); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { // TODO: don't automatically log the user out some time after // issue #29 is fixed or when disabled_at starts being used for // something other than merged accounts. if ($this->auth->check() && $this->auth->user()->disabled_at !== null && !($request->getMethod() === 'POST' && $request->getRequestUri() == '/auth/logout')) { $this->auth->logout(); // return Response::view('home.account-disabled', ['username' => $this->auth->user()->username], 403); } return $next($request); }
/** * Handle a Braintree webook request. * * @param Request $request * @return void */ public function handle(Request $request) { if ($request->getMethod() === 'GET') { $this->verify($request); } $response = $this->parse($request); if (Config::get('banker.webhooks.debug')) { Log::info($response); } $this->handleEvent($response); }
public function __construct(Request $request) { $this->resource = $this->model(); if (!Route::current()) { return; } // enable artisan route:list $userId = $this->getUserIdFromParams($request->getMethod(), $request->all()); $this->middleware("canRead:{$userId}", ['only' => ['index', 'show']]); $this->middleware("canWrite:{$userId}", ['only' => ['store', 'update', 'destroy']]); }
/** * Shall be throttle limit enabled for given request? * * @param \Illuminate\Http\Request $request * * @return bool */ protected function isEnabledFor($request) { // Limit only POST requests if ($request->getMethod() != 'POST') { return false; } // Disable throttle limit for voting if (starts_with($request->getPathInfo(), '/ajax/vote/')) { return false; } return true; }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $headers = ['Access-Control-Allow-Origin' => ' *', 'Access-Control-Allow-Methods' => ' POST, GET, OPTIONS, PUT, DELETE', 'Access-Control-Allow-Headers' => ' Content-Type, Accept, Authorization, X-Requested-With']; if ($request->getMethod() == "OPTIONS") { return \Response::make('OK', 200, $headers); } $response = $next($request); foreach ($headers as $key => $value) { $response->header($key, $value); } return $response; }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->getMethod() == "OPTIONS") { $headers = array('Access-Control-Allow-Origin' => '*', 'Access-Control-Allow-Methods' => 'GET, POST, PUT, DELETE', 'Access-Control-Max-Age' => '1000', 'Access-Control-Allow-Headers' => 'Content-Type, Authorization, X-Requested-With'); return new JsonResponse('', 200, $headers); } header("Access-Control-Allow-Origin: *"); header("Access-Control-Allow-Methods: 'GET, POST, PUT, DELETE, OPTIONS'"); header("Access-Control-Max-Age': '1000'"); header("Access-Control-Allow-Headers': 'Content-Type, Authorization, X-Requested-With'"); return $next($request); }
/** * @param Request $request * @return bool * @throws \InvalidArgumentException */ public static function isAuthorised(Request $request) { /** @var Route $route */ $route = $request->route(); $routeInfo = $route->getAction(); if (!empty($routeInfo[self::HTTP_METHOD_OVERRIDE_KEY])) { $httpMethod = $routeInfo[self::HTTP_METHOD_OVERRIDE_KEY]; } else { $httpMethod = $request->getMethod(); } return static::isRoleHasAccessToRoute(static::getUserRole(), $route, $httpMethod); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed * @throws \App\Exceptions\Unauthorized */ public function handle($request, Closure $next) { if ($request->is('api/user/login') || $request->is('/') || $request->is('api/user') && $request->getMethod() == "POST") { return $next($request); } $token = $request->header('X-Auth-Token'); if (!(User::$logged = User::where('api_token', $token)->first())) { throw new \App\Exceptions\Unauthorized(); } User::$edited = User::find($request->get('user_id')); return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { header('Access-Control-Allow-Origin: *'); $headers = ['Access-Control-Allow-Methods' => 'POST, GET, OPTIONS, PUT, DELETE', 'Access-Control-Allow-Headers' => 'Content-Type, X-Token, Origin, Authorization']; if ($request->getMethod() == "OPTIONS") { return response('OK')->withHeaders($headers); } $response = $next($request); foreach ($headers as $key => $value) { $response->header($key, $value); } return $response; }
/** * Render an exception into an HTTP response. * * @param \Illuminate\Http\Request $request * @param \Exception $e * @return \Illuminate\Http\Response */ public function render($request, Exception $e) { if ($e instanceof TokenMismatchException) { flash()->error('CSRF verification failed, try logging in again.')->important(); Auth::logout(); return redirect()->route('login'); } if ($e instanceof MethodNotAllowedHttpException && $request->getMethod() == 'GET') { flash()->error('That URL is for POST requests only.'); return redirect()->route('account'); } return parent::render($request, $e); }
public function __construct($apiName = null, Request $request) { if ($apiName == null || !class_exists(__NAMESPACE__ . '\\' . ucfirst($apiName) . 'API')) { throw new Exception(self::getErrorMsg(ApiControllerFactory::API_NOT_FOUND), ApiControllerFactory::API_NOT_FOUND); } $className = __NAMESPACE__ . '\\' . ucfirst($apiName) . 'API'; $this->apiClassObject = new $className(); if (get_class($this->apiClassObject) == 'BaseAPI' || $this->apiClassObject->isPublic == false) { throw new Exception(self::getErrorMsg(ApiControllerFactory::API_NOT_FOUND), ApiControllerFactory::API_NOT_FOUND); } $this->apiClassObject->setData($request->all()); $this->httpMethod = $request->getMethod(); }
/** * @param Request $request * @return bool */ public static function isAuthorised(Request $request) { /** @var Route $route */ $route = $request->route(); /** @var BaseAccessManager $instance */ $instance = call_user_func([get_called_class(), 'getInstance']); $routeInfo = $route->getAction(); if (!empty($routeInfo[self::HTTP_METHOD_OVERRIDE_KEY])) { $httpMethod = $routeInfo[self::HTTP_METHOD_OVERRIDE_KEY]; } else { $httpMethod = $request->getMethod(); } return $instance->_hasAccessToRoute($route, $httpMethod); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return \Illuminate\Http\Response */ public function handle($request, \Closure $next) { if ($request->getMethod() == 'OPTIONS') { $headers = array_merge(static::$corsHeaders, ['Access-Control-Allow-Origin' => $request->header('Origin', '*')]); return response('', Response::HTTP_NO_CONTENT, $headers); } /** @var \Illuminate\Http\Response $response */ $response = $next($request); if ($response->getStatusCode() >= 400) { $response->header('Access-Control-Expose-Headers', static::$corsHeaders['Access-Control-Expose-Headers']); } $response->header('Access-Control-Allow-Origin', $request->header('Origin', '*')); return $response; }
/** * Checks to see if it is an admin user login call. * * @param \Illuminate\Http\Request $request * * @return bool * @throws \DreamFactory\Core\Exceptions\NotImplementedException */ protected static function isException($request) { /** @var Router $router */ $router = app('router'); $service = strtolower($router->input('service')); $resource = strtolower($router->input('resource')); $action = VerbsMask::toNumeric($request->getMethod()); foreach (static::$exceptions as $exception) { if ($action & ArrayUtils::get($exception, 'verb_mask') && $service === ArrayUtils::get($exception, 'service') && $resource === ArrayUtils::get($exception, 'resource')) { return true; } } return false; }
/** * Determine if any routes match on another HTTP verb. * * @param \Illuminate\Http\Request $request * * @return array */ protected function checkForAlternateVerbs($request) { $methods = array_diff(Router::$verbs, array($request->getMethod())); // Here we will spin through all verbs except for the current request verb and // check to see if any routes respond to them. If they do, we will return a // proper error response with the correct headers on the response string. $others = array(); foreach ($methods as $method) { if (!is_null($this->check($this->get($method), $request, false))) { $others[] = $method; } } return $others; }