API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 22nd, 2016
731
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.86 KB | None | 0 0
raw download clone embed print report
  1. Route::group(['prefix' => 'billing', 'namespace' => 'Billing', 'middleware' => ['AppHttpMiddlewareHasAccessToBilling']], function()
  2. {
  3. Route::any('/', ['as' => 'billing', 'uses' => 'DashboardController@index']);
  4.  
  5. Route::get('profile', ['as' => 'billing.profile', 'uses' => 'ProfileController@index']);
  6.  
  7. });
  8.  
  9. <?php namespace AppHttpMiddleware;
  10.  
  11. use AppLibraryAuth;
  12. use Closure;
  13. use IlluminateHttpRequest;
  14.  
  15. class HasAccessToBilling
  16. {
  17.  
  18. /**
  19. * Handle an incoming request.
  20. *
  21. * @param IlluminateHttpRequest $request
  22. * @param Closure $next
  23. * @return mixed
  24. */
  25. public function handle(Request $request, Closure $next)
  26. {
  27. if (Auth::hasAccessTo('billing', $request)) {
  28. return $next($request);
  29. }
  30. return redirect()->route('auth');
  31. }
  32. }
  33.  
  34. <?php namespace AppLibrary;
  35.  
  36. use AppModelsUser; // I keep Models in app/Models folder and define namespace AppModels;
  37. use IlluminateHttpRequest;
  38. use Crypt;
  39.  
  40. class Auth
  41. {
  42. const REALMS = 'api,billing';
  43.  
  44. public static function attempt($realm, Request $request)
  45. {
  46. $username = $request->input('username');
  47. $password = $request->input('password');
  48. $remember = $request->input('remember', false);
  49.  
  50. $User = (filter_var($username, FILTER_VALIDATE_EMAIL)) ?
  51. User::whereEmail($username)->first()
  52. : User::whereUsername($username)->first();
  53. if (!$User) {
  54. return false;
  55. }
  56.  
  57. if (!$User->checkPassword($password)) {
  58. return false;
  59. }
  60.  
  61. $realms = (is_array($realm) AND !empty($realm)) ? $realm : [$realm];
  62. $auth = [
  63. 'timestamp' => time(),
  64. 'user_id' => $User->id,
  65. 'access_to' => [],
  66. 'roles' => [],
  67. 'permissions' => []
  68. ];
  69. $auth = $request->session()->get('auth', $auth);
  70. foreach ($realms AS $realm) {
  71. if (!in_array($realm, $auth['access_to'])) {
  72. $auth['access_to'][] = $realm;
  73. }
  74. }
  75.  
  76. if($remember) {
  77. $rememberToken = Crypt::encrypt(json_encode($auth));
  78. $auth['remember-token'] = $rememberToken;
  79. }
  80. $request->session()->put('auth', $auth);
  81.  
  82. return $auth;
  83. }
  84.  
  85. public static function destroy(Request $request, $realm = null)
  86. {
  87. if (is_null($realm)) {
  88. $request->session()->forget('auth');
  89. return true;
  90. }
  91.  
  92. $auth = $request->session()->get('auth');
  93. if (isset($auth['access_to'])) {
  94. $realms = (is_array($realm) AND !empty($realm)) ? $realm : [$realm];
  95. foreach ($realms AS $realm) {
  96. $key = array_search($realm, $auth['access_to']);
  97. unset($auth['access_to'][$key]);
  98. }
  99. $auth['access_to'] = array_values($auth['access_to']);
  100. if(sizeof($auth['access_to']) > 0) {
  101. $request->session()->put('auth', $auth);
  102. }
  103. else {
  104. $request->session()->forget('auth');
  105. }
  106. return true;
  107. }
  108. return false;
  109. }
  110.  
  111. public static function recoverSession(Request $request)
  112. {
  113. $rememberToken = $request->cookie('remember-token', null);
  114. if(is_null($rememberToken)) {
  115. return null;
  116. }
  117.  
  118. try{
  119. $rememberToken = Crypt::decrypt($rememberToken);
  120. $auth = json_decode($rememberToken, true);
  121. $request->session()->set('auth', $auth);
  122. }
  123. catch(Exception $ex) {}
  124.  
  125. return $request->session()->get('auth');
  126. }
  127.  
  128. public static function hasAccessTo($realm, Request $request)
  129. {
  130. $auth = $request->session()->get('auth', null);
  131. if (is_null($auth)) {
  132. $auth = self::recoverSession($request);
  133. }
  134.  
  135. return (isset($auth['access_to']))?
  136. in_array($realm, $auth['access_to'])
  137. : false;
  138. }
  139. }
  140.  
  141. <?php namespace AppModels;
  142.  
  143. use IlluminateDatabaseEloquentModel;
  144. use Hash;
  145. use Closure;
  146.  
  147. class User extends Model
  148. {
  149. const USERNAME_MAXLEN = 2;
  150. const PASSWORD_MAXLEN = 5;
  151. protected $table = 'users';
  152. protected $fillable = ['username', 'email', 'password', 'active', 'deleted'];
  153.  
  154. public function checkPassword($password)
  155. {
  156. return Hash::check($password, $this->password);
  157. }
  158.  
  159. public function updateAndCall($attributes = [], Closure $closure) {
  160. if(isset($attributes['password'])) {
  161. $attributes['password'] = Hash::make($attributes['password']);
  162. }
  163. $this->update($attributes);
  164. return $closure($this);
  165. }
  166.  
  167. public static function createAndCall($attributes = [], Closure $closure) {
  168. if(isset($attributes['password'])) {
  169. $attributes['password'] = Hash::make($attributes['password']);
  170. }
  171. $Record = self::create($attributes);
  172. return $closure($Record);
  173. }
  174. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!