webinno/filesharing
1
0
Fork 0
mirror of https://github.com/axeloz/filesharing.git synced 2025-05-06 10:03:55 +02:00
Code Issues Projects Releases Wiki Activity

Improve authentication check

Browse source
This commit is contained in:
Axel 2023-05-18 10:50:58 +02:00
parent 1e058ab2b0
commit 5a003c316a
Signed by: axel
GPG key ID: 73C0A5961B6BC740
1 changed files with 18 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
app/Http/Middleware/UploadAccess.php
View file

@ -6,6 +6,7 @@ use Closure;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Response;
use App\Helpers\Upload; use App\Helpers\Upload;
use Illuminate\Support\Facades\Storage;
class UploadAccess class UploadAccess
{ {
@ -18,16 +19,25 @@ class UploadAccess
*/ */
public function handle(Request $request, Closure $next): Response public function handle(Request $request, Closure $next): Response
{ {
if ($request->session()->missing('authenticated') && Upload::canUpload($request->ip()) !== true) { // Checking IP based access
//return redirect('login'); if (Upload::canUpload($request->ip()) === true) {
if ($request->ajax()) { return $next($request);
abort(401); }
}
else { // Checking credentials auth
return response()->view('login'); if ($request->session()->get('authenticated', false) === true && $request->session()->has('login')) {
// If user still exists
if (Storage::disk('users')->exists($request->session()->get('login').'.json')) {
return $next($request);
} }
} }
return $next($request); // Fallback, authentication required
if ($request->ajax()) {
abort(401);
}
else {
return response()->view('login');
}
} }
} }