Skip to content

S
syncEnrollments
Commit 34ee58ac authored by Taylor Otwell's avatar Taylor Otwell
Browse files
Options

Do some more injection on filters.

parent 4e5a1517
Show whitespace changes
Inline Side-by-side
Showing with 104 additions and 51 deletions
app/Http/Filters/AuthFilter.php
View file @ 34ee58ac
...@@ -2,10 +2,39 @@ ...@@ -2,10 +2,39 @@
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Routing\Route; use Illuminate\Routing\Route;
use Auth, Redirect, Response; use Illuminate\Contracts\Auth\Authenticator;
use Illuminate\Contracts\Routing\ResponseFactory;
class AuthFilter { class AuthFilter {
/**
* The authenticator implementation.
*
* @var Authenticator
*/
protected $auth;
/**
* The response factory implementation.
*
* @var ResponseFactory
*/
protected $response;
/**
* Create a new filter instance.
*
* @param Authenticator $auth
* @param ResponseFactory $response
* @return void
*/
public function __construct(Authenticator $auth,
ResponseFactory $response)
{
$this->auth = $auth;
$this->response = $response;
}
/** /**
* Run the request filter. * Run the request filter.
* *
...@@ -15,15 +44,15 @@ class AuthFilter { ...@@ -15,15 +44,15 @@ class AuthFilter {
*/ */
public function filter(Route $route, Request $request) public function filter(Route $route, Request $request)
{ {
if (Auth::guest()) if ($this->auth->guest())
{ {
if ($request->ajax()) if ($request->ajax())
{ {
return Response::make('Unauthorized', 401); return $this->response->make('Unauthorized', 401);
} }
else else
{ {
return Redirect::guest('auth/login'); return $this->response->redirectGuest('auth/login');
} }
} }
} }
......
app/Http/Filters/BasicAuthFilter.php
View file @ 34ee58ac
<?php namespace App\Http\Filters; <?php namespace App\Http\Filters;
use Auth; use Illuminate\Contracts\Auth\Authenticator;
class BasicAuthFilter { class BasicAuthFilter {
/**
* The authenticator implementation.
*
* @var Authenticator
*/
protected $auth;
/**
* Create a new filter instance.
*
* @param Authenticator $auth
* @return void
*/
public function __construct(Authenticator $auth)
{
$this->auth = $auth;
}
/** /**
* Run the request filter. * Run the request filter.
* *
...@@ -11,7 +29,7 @@ class BasicAuthFilter { ...@@ -11,7 +29,7 @@ class BasicAuthFilter {
*/ */
public function filter() public function filter()
{ {
return Auth::basic(); return $this->auth->basic();
} }
} }
app/Http/Filters/CsrfFilter.php
View file @ 34ee58ac
<?php namespace App\Http\Filters; <?php namespace App\Http\Filters;
use Session;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Routing\Route; use Illuminate\Routing\Route;
use Illuminate\Session\TokenMismatchException; use Illuminate\Session\TokenMismatchException;
...@@ -18,7 +17,7 @@ class CsrfFilter { ...@@ -18,7 +17,7 @@ class CsrfFilter {
*/ */
public function filter(Route $route, Request $request) public function filter(Route $route, Request $request)
{ {
if (Session::token() != $request->input('_token')) if ($request->getSession()->token() != $request->input('_token'))
{ {
throw new TokenMismatchException; throw new TokenMismatchException;
} }
......
app/Http/Filters/GuestFilter.php deleted 100644 → 0
View file @ 4e5a1517
<?php namespace App\Http\Filters;
use Auth, Redirect;
class GuestFilter {
/**
* Run the request filter.
*
* @return mixed
*/
public function filter()
{
if (Auth::check())
{
return Redirect::to('/');
}
}
}
\ No newline at end of file
app/Http/Filters/MaintenanceFilter.php
View file @ 34ee58ac
<?php namespace App\Http\Filters; <?php namespace App\Http\Filters;
use App, Response; use Illuminate\Contracts\Foundation\Application;
use Illuminate\Contracts\Routing\ResponseFactory;
class MaintenanceFilter { class MaintenanceFilter {
/**
* The application implementation.
*
* @var Application
*/
protected $app;
/**
* The response factory implementation.
*
* @var ResponseFactory
*/
protected $response;
/**
* Create a new filter instance.
*
* @param Application $app
* @return void
*/
public function __construct(Application $app, ResponseFactory $response)
{
$this->app = $app;
$this->response = $response;
}
/** /**
* Run the request filter. * Run the request filter.
* *
...@@ -11,9 +38,9 @@ class MaintenanceFilter { ...@@ -11,9 +38,9 @@ class MaintenanceFilter {
*/ */
public function filter() public function filter()
{ {
if (App::isDownForMaintenance()) if ($this->app->isDownForMaintenance())
{ {
return Response::make('Be right back!'); return $this->response->make('Be right back!', 503);
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment