webinno/filesharing
1
0
Fork 0
mirror of https://github.com/axeloz/filesharing.git synced 2025-05-06 01:53:55 +02:00
Code Issues Projects Releases Wiki Activity

Improve authentication check

Browse source
This commit is contained in:
Axel 2023-05-18 10:50:58 +02:00
parent 1e058ab2b0
commit 5a003c316a
Signed by: axel
GPG key ID: 73C0A5961B6BC740
1 changed files with 18 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
app/Http/Middleware/UploadAccess.php
View file

@ -6,6 +6,7 @@ use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
use App\Helpers\Upload;
use Illuminate\Support\Facades\Storage;
class UploadAccess
{
@ -18,16 +19,25 @@ class UploadAccess
*/
public function handle(Request $request, Closure $next): Response
{
if ($request->session()->missing('authenticated') && Upload::canUpload($request->ip()) !== true) {
//return redirect('login');
if ($request->ajax()) {
abort(401);
}
else {
return response()->view('login');
// Checking IP based access
if (Upload::canUpload($request->ip()) === true) {
return $next($request);
}
// Checking credentials auth
if ($request->session()->get('authenticated', false) === true && $request->session()->has('login')) {
// If user still exists
if (Storage::disk('users')->exists($request->session()->get('login').'.json')) {
return $next($request);
}
}
return $next($request);
// Fallback, authentication required
if ($request->ajax()) {
abort(401);
}
else {
return response()->view('login');
}
}
}