Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Route::group(['prefix' => 'billing', 'namespace' => 'Billing', 'middleware' => ['AppHttpMiddlewareHasAccessToBilling']], function()
- {
- Route::any('/', ['as' => 'billing', 'uses' => 'DashboardController@index']);
- Route::get('profile', ['as' => 'billing.profile', 'uses' => 'ProfileController@index']);
- });
- <?php namespace AppHttpMiddleware;
- use AppLibraryAuth;
- use Closure;
- use IlluminateHttpRequest;
- class HasAccessToBilling
- {
- /**
- * Handle an incoming request.
- *
- * @param IlluminateHttpRequest $request
- * @param Closure $next
- * @return mixed
- */
- public function handle(Request $request, Closure $next)
- {
- if (Auth::hasAccessTo('billing', $request)) {
- return $next($request);
- }
- return redirect()->route('auth');
- }
- }
- <?php namespace AppLibrary;
- use AppModelsUser; // I keep Models in app/Models folder and define namespace AppModels;
- use IlluminateHttpRequest;
- use Crypt;
- class Auth
- {
- const REALMS = 'api,billing';
- public static function attempt($realm, Request $request)
- {
- $username = $request->input('username');
- $password = $request->input('password');
- $remember = $request->input('remember', false);
- $User = (filter_var($username, FILTER_VALIDATE_EMAIL)) ?
- User::whereEmail($username)->first()
- : User::whereUsername($username)->first();
- if (!$User) {
- return false;
- }
- if (!$User->checkPassword($password)) {
- return false;
- }
- $realms = (is_array($realm) AND !empty($realm)) ? $realm : [$realm];
- $auth = [
- 'timestamp' => time(),
- 'user_id' => $User->id,
- 'access_to' => [],
- 'roles' => [],
- 'permissions' => []
- ];
- $auth = $request->session()->get('auth', $auth);
- foreach ($realms AS $realm) {
- if (!in_array($realm, $auth['access_to'])) {
- $auth['access_to'][] = $realm;
- }
- }
- if($remember) {
- $rememberToken = Crypt::encrypt(json_encode($auth));
- $auth['remember-token'] = $rememberToken;
- }
- $request->session()->put('auth', $auth);
- return $auth;
- }
- public static function destroy(Request $request, $realm = null)
- {
- if (is_null($realm)) {
- $request->session()->forget('auth');
- return true;
- }
- $auth = $request->session()->get('auth');
- if (isset($auth['access_to'])) {
- $realms = (is_array($realm) AND !empty($realm)) ? $realm : [$realm];
- foreach ($realms AS $realm) {
- $key = array_search($realm, $auth['access_to']);
- unset($auth['access_to'][$key]);
- }
- $auth['access_to'] = array_values($auth['access_to']);
- if(sizeof($auth['access_to']) > 0) {
- $request->session()->put('auth', $auth);
- }
- else {
- $request->session()->forget('auth');
- }
- return true;
- }
- return false;
- }
- public static function recoverSession(Request $request)
- {
- $rememberToken = $request->cookie('remember-token', null);
- if(is_null($rememberToken)) {
- return null;
- }
- try{
- $rememberToken = Crypt::decrypt($rememberToken);
- $auth = json_decode($rememberToken, true);
- $request->session()->set('auth', $auth);
- }
- catch(Exception $ex) {}
- return $request->session()->get('auth');
- }
- public static function hasAccessTo($realm, Request $request)
- {
- $auth = $request->session()->get('auth', null);
- if (is_null($auth)) {
- $auth = self::recoverSession($request);
- }
- return (isset($auth['access_to']))?
- in_array($realm, $auth['access_to'])
- : false;
- }
- }
- <?php namespace AppModels;
- use IlluminateDatabaseEloquentModel;
- use Hash;
- use Closure;
- class User extends Model
- {
- const USERNAME_MAXLEN = 2;
- const PASSWORD_MAXLEN = 5;
- protected $table = 'users';
- protected $fillable = ['username', 'email', 'password', 'active', 'deleted'];
- public function checkPassword($password)
- {
- return Hash::check($password, $this->password);
- }
- public function updateAndCall($attributes = [], Closure $closure) {
- if(isset($attributes['password'])) {
- $attributes['password'] = Hash::make($attributes['password']);
- }
- $this->update($attributes);
- return $closure($this);
- }
- public static function createAndCall($attributes = [], Closure $closure) {
- if(isset($attributes['password'])) {
- $attributes['password'] = Hash::make($attributes['password']);
- }
- $Record = self::create($attributes);
- return $closure($Record);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement