blessing-skin-server/app/Http/Middleware/CheckAuthenticated.php

<?php

namespace App\Http\Middleware;

use App\Models\User;
use App\Models\UserModel;
use App\Exceptions\E;
use View;
use Http;
use Session;

class CheckAuthenticated
{
    public function handle($request, \Closure $next, $return_user = false)
    {
        if (isset($_COOKIE['uid']) && isset($_COOKIE['token'])) {
            Session::put('uid'  , $_COOKIE['uid']);
            Session::put('token', $_COOKIE['token']);
        }

        if (Session::has('uid')) {
            $user = new User(session('uid'));

            if (session('token') != $user->getToken())
                Http::redirect('../auth/login', '无效的 token，请重新登录~');

            if ($user->getPermission() == "-1") {
                // delete cookies
                setcookie('uid',   '', time() - 3600, '/');
                setcookie('token', '', time() - 3600, '/');
                Session::flush();
                Session::save();

                throw new E('你已经被本站封禁啦，请联系管理员解决', 5, true);
            }

            // ask for filling email
            if ($user->email == "") {
                if (isset($_POST['email'])) {
                    if (\Validate::email($_POST['email'])) {
                        if (UserModel::where('email', $_POST['email'])->get()->isEmpty()) {
                            $user->setEmail($_POST['email']);
                            // refresh token
                            Session::put('token', $user->getToken(true));
                            setcookie('token', session('token'), time() + 3600, '/');
                            return $user;
                        } else {
                            return View::make('auth.bind')->with('msg', '该邮箱已被占用');
                        }
                    } else {
                        return View::make('auth.bind')->with('msg', '邮箱格式错误');
                    }
                    exit;
                }
                return view('auth.bind');
                exit;
            }

            if ($return_user)
                return $user;

            return $next($request);
        } else {
            Http::redirect('../auth/login', '非法访问，请先登录');
        }

        return $next($request);
    }
}
-												first commit of v3

											
										
										
											2016-07-21 22:01:57 +08:00
+								<?php
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
+								namespace App\Http\Middleware;
-												first commit of v3

											
										
										
											2016-07-21 22:01:57 +08:00
 								use App\Models\User;
-												add migration for v2 users

											
										
										
											2016-08-19 23:09:32 +08:00
+								use App\Models\UserModel;
-												exit if user is banned

											
										
										
											2016-07-23 14:23:11 +08:00
+								use App\Exceptions\E;
-												add migration for v2 users

											
										
										
											2016-08-19 23:09:32 +08:00
+								use View;
 								use Http;
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
+								use Session;
-												first commit of v3

											
										
										
											2016-07-21 22:01:57 +08:00
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
+								class CheckAuthenticated
-												first commit of v3

											
										
										
											2016-07-21 22:01:57 +08:00
+								{
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
+								    public function handle($request, \Closure $next, $return_user = false)
-												first commit of v3

											
										
										
											2016-07-21 22:01:57 +08:00
+								    {
-												add logging in with your owned player names

											
										
										
											2016-08-16 22:52:00 +08:00
+								        if (isset($_COOKIE['uid']) && isset($_COOKIE['token'])) {
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
+								            Session::put('uid'  , $_COOKIE['uid']);
 								            Session::put('token', $_COOKIE['token']);
-												first commit of v3

											
										
										
											2016-07-21 22:01:57 +08:00
+								        }
-												use Storage facade to manage files

											
										
										
											2016-08-28 20:33:35 +08:00
+								        if (Session::has('uid')) {
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
+								            $user = new User(session('uid'));
-												exit if user is banned

											
										
										
											2016-07-23 14:23:11 +08:00
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
+								            if (session('token') != $user->getToken())
-												add migration for v2 users

											
										
										
											2016-08-19 23:09:32 +08:00
+								                Http::redirect('../auth/login', '无效的 token，请重新登录~');
-												working on admin panel

											
										
										
											2016-07-22 19:36:24 +08:00
-												exit if user is banned

											
										
										
											2016-07-23 14:23:11 +08:00
+								            if ($user->getPermission() == "-1") {
 								                // delete cookies
-												add migration for v2 users

											
										
										
											2016-08-19 23:09:32 +08:00
+								                setcookie('uid',   '', time() - 3600, '/');
 								                setcookie('token', '', time() - 3600, '/');
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
+								                Session::flush();
 								                Session::save();
-												exit if user is banned

											
										
										
											2016-07-23 14:23:11 +08:00
-												add logging in with your owned player names

											
										
										
											2016-08-16 22:52:00 +08:00
+								                throw new E('你已经被本站封禁啦，请联系管理员解决', 5, true);
-												exit if user is banned

											
										
										
											2016-07-23 14:23:11 +08:00
+								            }
-												add migration for v2 users

											
										
										
											2016-08-19 23:09:32 +08:00
+								            // ask for filling email
 								            if ($user->email == "") {
 								                if (isset($_POST['email'])) {
 								                    if (\Validate::email($_POST['email'])) {
 								                        if (UserModel::where('email', $_POST['email'])->get()->isEmpty()) {
 								                            $user->setEmail($_POST['email']);
 								                            // refresh token
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
+								                            Session::put('token', $user->getToken(true));
 								                            setcookie('token', session('token'), time() + 3600, '/');
-												add migration for v2 users

											
										
										
											2016-08-19 23:09:32 +08:00
+								                            return $user;
 								                        } else {
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
+								                            return View::make('auth.bind')->with('msg', '该邮箱已被占用');
-												add migration for v2 users

											
										
										
											2016-08-19 23:09:32 +08:00
+								                        }
 								                    } else {
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
+								                        return View::make('auth.bind')->with('msg', '邮箱格式错误');
-												add migration for v2 users

											
										
										
											2016-08-19 23:09:32 +08:00
+								                    }
 								                    exit;
 								                }
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
+								                return view('auth.bind');
-												add migration for v2 users

											
										
										
											2016-08-19 23:09:32 +08:00
+								                exit;
 								            }
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
+								            if ($return_user)
 								                return $user;
 								            return $next($request);
-												first commit of v3

											
										
										
											2016-07-21 22:01:57 +08:00
+								        } else {
-												add migration for v2 users

											
										
										
											2016-08-19 23:09:32 +08:00
+								            Http::redirect('../auth/login', '非法访问，请先登录');
-												first commit of v3

											
										
										
											2016-07-21 22:01:57 +08:00
+								        }
-												initialize for laravel

											
										
										
											2016-08-28 10:05:21 +08:00
 								        return $next($request);
-												first commit of v3

											
										
										
											2016-07-21 22:01:57 +08:00
+								    }
 								}