/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$request->is('install') && !$request->is('install/*') && !Storage::exists('public/install.lock')) { return redirect('/install'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $loggingIn = $request->is('api/v1/login') || $request->is('api/v1/register') || $request->is('api/v1/oauth_login'); $headers = Utils::getApiHeaders(); $hasApiSecret = false; if ($secret = env(API_SECRET)) { $requestSecret = Request::header('X-Ninja-Secret') ?: ($request->api_secret ?: ''); $hasApiSecret = hash_equals($requestSecret, $secret); } if ($loggingIn) { // check API secret if (!$hasApiSecret) { sleep(ERROR_DELAY); return Response::json('Invalid value for API_SECRET', 403, $headers); } } else { // check for a valid token $token = AccountToken::where('token', '=', Request::header('X-Ninja-Token'))->first(['id', 'user_id']); // check if user is archived if ($token && $token->user) { Auth::onceUsingId($token->user_id); Session::set('token_id', $token->id); } else { sleep(ERROR_DELAY); return Response::json('Invalid token', 403, $headers); } } if (!Utils::isNinja() && !$loggingIn) { return $next($request); } if (!Utils::hasFeature(FEATURE_API) && !$hasApiSecret) { return Response::json('API requires pro plan', 403, $headers); } else { $key = Auth::check() ? Auth::user()->account->id : $request->getClientIp(); // http://stackoverflow.com/questions/1375501/how-do-i-throttle-my-sites-api-users $hour = 60 * 60; $hour_limit = 100; # users are limited to 100 requests/hour $hour_throttle = Cache::get("hour_throttle:{$key}", null); $last_api_request = Cache::get("last_api_request:{$key}", 0); $last_api_diff = time() - $last_api_request; if (is_null($hour_throttle)) { $new_hour_throttle = 0; } else { $new_hour_throttle = $hour_throttle - $last_api_diff; $new_hour_throttle = $new_hour_throttle < 0 ? 0 : $new_hour_throttle; $new_hour_throttle += $hour / $hour_limit; $hour_hits_remaining = floor(($hour - $new_hour_throttle) * $hour_limit / $hour); $hour_hits_remaining = $hour_hits_remaining >= 0 ? $hour_hits_remaining : 0; } if ($new_hour_throttle > $hour) { $wait = ceil($new_hour_throttle - $hour); sleep(1); return Response::json("Please wait {$wait} second(s)", 403, $headers); } Cache::put("hour_throttle:{$key}", $new_hour_throttle, 10); Cache::put("last_api_request:{$key}", time(), 10); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ public function handle($request, Closure $next) { if ($request->isMethod('get') && !$request->has('PageSpeed') && !$request->is(config('site.admin_path') . '*') && !$request->is('avatar/*') && !$request->is('my/*') && !$request->is('*/login') && !$request->is('*/authorize') && !in_array($request->path(), ['sitemap.xml', 'logout', 'login'])) { $aSiteMap = Cache::get('sitemap', []); $changefreq = 'always'; if (!empty($aSiteMap[$request->fullUrl()]['added'])) { $aDateDiff = Carbon::createFromTimestamp($aSiteMap[$request->fullUrl()]['added'])->diff(Carbon::now()); if ($aDateDiff->y > 0) { $changefreq = 'yearly'; } else { if ($aDateDiff->m > 0) { $changefreq = 'monthly'; } else { if ($aDateDiff->d > 6) { $changefreq = 'weekly'; } else { if ($aDateDiff->d > 0 && $aDateDiff->d < 7) { $changefreq = 'daily'; } else { if ($aDateDiff->h > 0) { $changefreq = 'hourly'; } else { $changefreq = 'always'; } } } } } } $aSiteMap[$request->fullUrl()] = ['added' => time(), 'lastmod' => Carbon::now()->format('Y-m-d\\TH:i:sP'), 'priority' => 1 - substr_count($request->getPathInfo(), '/') / 10, 'changefreq' => $changefreq]; Cache::forever('sitemap', $aSiteMap); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { $rota = Request::segment(1); if ($rota == 'auth' && Auth::guest()) { return redirect('/auth/login'); } print time(); dd('rrr'); //dd($rota); if ($request->is('auth')) { dd('ddd'); return redirect('/auth/login'); } if (!$request->is('/auth/login') && Auth::guest()) { // dd('oi'); return redirect('/auth/login'); } print $rota; if (($rota == null || $rota == 'auth' || $rota == 'home' || $request->is('permissao/negada')) && Auth::guest()) { return $next($request); } //dd( $request->is('Auth/logout') ); $url = Request::url(); print_r($url); //dd(); if (!Infra_Permissao::tem_permissao()) { //die( 'NÂO tem permssao - redirecionar para uma view sem permissao'); print time(); //dd(); return redirect('permissao/negada'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { /** * check for ban by ip */ $remote_ip = $request->ip(); $cache_key = '_ban_ip_' . $remote_ip; $ban_info = Cache::rememberForever($cache_key, function () use($remote_ip) { return AdBanIp::where('ban_ip', $remote_ip)->first(); }); if (!empty($ban_info) && !$request->is('ban')) { return redirect('ban'); } /** * check if user is banned my email */ if (Auth()->check()) { $user_mail = Auth()->user()->email; $cache_key = '_ban_email_' . $user_mail; $ban_info = Cache::rememberForever($cache_key, function () use($user_mail) { return AdBanEmail::where('ban_email', $user_mail)->first(); }); if (!empty($ban_info) && !$request->is('ban')) { return redirect('ban'); } } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->is('administrator/*') || $request->is('administrator')) { config()->set('auth.defaults.guard', 'administrator'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$request->is('auth/*') && !$request->is('api/*') && $this->auth->guest()) { return redirect()->guest('auth/login'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->guest()) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { // return redirect()->guest('auth/login'); return redirect()->guest('dangnhap'); } } if ($request->is('giangvien/*')) { if (\Auth::user()->quyen != 'gv') { return redirect()->guest('dangnhap'); } } if ($request->is('quantri/*')) { if (\Auth::user()->quyen != 'qt') { return redirect()->guest('dangnhap'); } } if ($request->is('sinhvien/*')) { if (\Auth::user()->quyen != 'sv') { return redirect()->guest('dangnhap'); } } /* $action = $request->route()->getActionName(); echo $action; */ return $next($request); }
public function Response(Request $request, $id) { $uri = $request->path(); $method = $request->method(); if ($request->is('countries')) { if ($request->has('filter')) { $zones = CountryAdapter::zoneByName($request->filter); } else { $zones = CountryAdapter::zones(); } return $this->apiOutput(function () use($zones) { $data = array(); foreach ($zones as $i => $zone) { $tmp_data[$i] = ['zone' => $zone->name, 'countries' => CountryAdapter::getByZone($zone)]; array_push($data, $tmp_data[$i]); } return $data; }); } elseif ($request->is('countries/*')) { $country = CountryAdapter::getById($id); return $this->apiOutput(function () use($country) { $zone = CountryAdapter::zoneById($country->zone_id); $country_data = ['id' => intval($country->numeric_code), 'name' => $country->name, 'zone' => $zone->name, 'alpha2' => $country->alpha2, 'alpha3' => $country->alpha3]; return $country_data; }); } else { dd('error'); } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!Auth::check()) { if (!($request->is('auth/login') or $request->is('auth/register'))) { return redirect('/auth/login'); } } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$request->session()->has('user') && (!$request->is('user/*') || $request->is('user/logout'))) { return redirect('user/login'); } elseif ($request->session()->has('user') && ($request->is('user/*') && !$request->is('user/logout'))) { return redirect('/'); } return $next($request); }
/** * compose. * * @param View $view 视图对象 */ public function compose(View $view) { $menus = $this->request->is('admin/account*') ? config('menu.account') : config('menu.func'); $global = new Fluent(); $global->user = Auth::user(); $global->menus = $menus; $global->current_account = app('viease.current_account'); $global->accounts = $this->accountRepository->lists(99); $view->with('global', $global); }
/** * This middleware forces power users to use TFA before they can do anything else. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (App::environment('production') && Auth::check() && Auth::user()->hasRole(config('proto.tfaroles')) && (!Auth::user()->tfa_totp_key && !Auth::user()->tfa_yubikey_identity)) { if (!$request->is('user/dashboard') && !$request->is('auth/logout') && !$request->is('user/quit_impersonating') && !$request->is('user/*/2fa/*')) { $request->session()->flash('flash_message', 'Since you are able to access a lot of sensitive information, you are required to enable Two Factor Authentication on your account. Please do so now! :)'); return Redirect::route('user::dashboard'); } } return $next($request); }
public function handle(Request $request, Closure $next) { if (!$request->is('account/verify') && !$request->is('account/reissue-code') && !$request->is('users/logout') && $this->requiresVerification($request)) { $verification = new UserVerification($this->auth->user(), $request); if (!$verification->isDone()) { return $verification->initiate(); } } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @param string|null $context * * @return mixed */ public function handle($request, Closure $next, $context = null) { if (is_null($context)) { $context = ($request->is(backend_url_segment()) or $request->is(backend_url_segment() . '/*')) ? \KodiCMS\CMS\CMS::CONTEXT_BACKEND : \KodiCMS\CMS\CMS::CONTEXT_FRONTEND; } $contexts = explode('|', $context); foreach ($contexts as $context) { CMS::setContext($context); } return $next($request); }
/** * Filter and return the displayers. * * @param \GrahamCampbell\Exceptions\Displayers\DisplayerInterface[] $displayers * @param \Exception $original * @param \Exception $transformed * @param int $code * * @return \GrahamCampbell\Exceptions\Displayers\DisplayerInterface[] */ public function filter(array $displayers, Exception $original, Exception $transformed, $code) { if ($this->request->is('api*')) { foreach ($displayers as $index => $displayer) { if (!str_contains($displayer->contentType(), 'application/')) { unset($displayers[$index]); } } } return array_values($displayers); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->is('admin') or $request->is('admin/*')) { if (\Auth::guest()) { return redirect('/')->with('flash_info', 'У вас нет прав доступа.'); } if (!is_admin_role(\Auth::user())) { return redirect('/')->with('flash_info', 'У вас нет прав доступа.'); } } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->is('dashboard') or $request->is('dashboard/*')) { if (auth()->check() && auth()->user()->name == 'root') { return $next($request); } else { return redirect('/')->with('flash_info', \App\Lib\Message::HTTP_403); } } else { return $next($request); } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed * @throws \App\Exceptions\Unauthorized */ public function handle($request, Closure $next) { if ($request->is('api/user/login') || $request->is('/') || $request->is('api/user') && $request->getMethod() == "POST") { return $next($request); } $token = $request->header('X-Auth-Token'); if (!(User::$logged = User::where('api_token', $token)->first())) { throw new \App\Exceptions\Unauthorized(); } User::$edited = User::find($request->get('user_id')); return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$request->is('login') && !$request->is('register')) { if ($this->auth->guest()) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { return redirect()->route('host.login'); } } } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param string $themeName * @return mixed */ public function handle($request, Closure $next) { if ($request->is('admin') || $request->is('admin/*')) { $theme_locale = 'backend/'; } else { $theme_locale = 'frontend/'; } $themeName = Session::get('themeName') != '' ? $theme_locale . Session::get('themeName') : \Theme::get(); //if(Theme::exists($themeName)){ \Theme::set($themeName); //} return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ public function handle($request, Closure $next) { if ($this->auth->check()) { if ($request->is('login')) { return redirect('/me'); } } else { if ($request->is('logout')) { return redirect('/signup'); } } return $next($request); }
public function postCreate(Request $request) { $email = $request->input('email'); $password = $request->input('password'); $password_again = $request->input('password_again'); $inputs = ['email' => $email, 'password' => $password, 'password_again' => $password_again]; $validator = validator::make($request->all(), ['email' => 'required|unique:users|email', 'password' => 'required|max:16|min:6', 'password_again' => 'required|same:password']); if ($validator->fails()) { return ApiResponseClass::errorResponse('You Have Some Input Errors', $inputs, $validator->errors()); } $isUrlUser = $request->is('user/*'); $isUrlAdmin = $request->is('admin/*'); $isUrlTeacher = $request->is('teacher/*'); $group_id = null; if ($isUrlUser) { $group_id = Groups::Student_Group_Id; } elseif ($isUrlAdmin) { $group_id = Groups::Administrator_Group_ID; } elseif ($isUrlTeacher) { $group_id = Groups::Teacher_Group_Id_Group_ID; } DB::beginTransaction(); try { Groups::findorFail($group_id); $user = new User(); $user->email = $email; $user->password = Hash::make('password'); $user->activated = 0; $user->email_updated_at = date("Y-m-d h:i:s"); $user->password_updated_at = date("Y-m-d h:i:s"); $user->activation_code = str_random(64); if (!$user->save()) { throw new \ErrorException(); } $user_group = new UsersGroups(); $user_group->user_id = $user->id; $user_group->groups_id = $group_id; if (!$user_group->save()) { throw new \ErrorException(); } DB::commit(); } catch (ModelNotFoundException $e) { DB::rollback(); return ApiResponseClass::errorResponse('ModelNotFoundException', $inputs); } catch (\ErrorException $e) { DB::rollback(); return ApiResponseClass::errorResponse('ModelNotSavedException', $inputs); } // Send mail to the user if not the test Shop Id. return ApiResponseClass::successResponse($user, $inputs); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (Auth::check()) { if ($request->is('login') || $request->is('register') || $request->is('/')) { return redirect('/list'); } return $next($request); } else { if ($request->is('auth/*') || $request->is('login') || $request->is('register') || $request->is('/')) { return $next($request); } return redirect('/'); } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (\Auth::guest()) { if ($request->ajax()) { return response('Unauthorized.', 401); } else { flash()->error("PLEASE_LOGIN"); return redirect()->guest('auth/login'); } } if (!$request->is('dashboard') && !$request->is('/')) { $page = $request->path(); $myCredentials = session('myCredentials'); $flag = true; foreach ($myCredentials as $credential_group) { foreach ($credential_group as $credential) { $credential_path = $credential['path']; if (strpos($page, $credential_path) == 0) { $reg_edit = "~^(?:{$credential_path}/(\\d+)/edit)\$~x"; $reg_create = "~^(?:{$credential_path}/create)\$~x"; $myPermissions = session('myPermissions'); if (preg_match($reg_edit, $page) || preg_match($reg_create, $page)) { if ($myPermissions[$credential_path]['write'] == 1) { $flag = false; break 2; } } else { $flag = false; break 2; } if ($request->isMethod('post')) { if ($myPermissions[$credential_path]['write'] == 1) { $flag = false; break 2; } } } } } if ($flag) { //Lang::get('general.NO_PERMISSION', ['page' => $page]); flash()->error("You do not have permission to access {$page}."); return redirect()->intended('dashboard'); } } //\Session::regenerateToken(); return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->is('laralytics')) { return $next($request); } return Laralytics::url($request, $next($request)); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param string|null $guard * @return mixed */ public function handle($request, Closure $next, $guard = null) { if (Auth::guard($guard)->check() && !$request->is("register")) { return redirect('/'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (!$request->is('auth/login') && \Auth::guest()) { return redirect('/auth/login'); } return $next($request); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if ($request->is('articles/create') && $request->has('foo')) { return redirect('articles'); } return $next($request); }
/** * Render an exception into an HTTP response. * * @param \Illuminate\Http\Request $request * @param \Exception $e * @return \Illuminate\Http\Response */ public function render($request, Exception $e) { if ($request->is('webhook/*')) { return $this->getJsonResponseForException($request, $e); } return parent::render($request, $e); }