|
2 | 2 |
|
3 | 3 | namespace Backpack\CRUD\app\Http\Middleware; |
4 | 4 |
|
5 | | -use Closure; |
6 | | -use Illuminate\Auth\AuthenticationException; |
7 | | -use Illuminate\Contracts\Auth\Factory as AuthFactory; |
8 | | -use Illuminate\Contracts\Session\Middleware\AuthenticatesSessions; |
9 | | - |
10 | | -class AuthenticateSession implements AuthenticatesSessions |
11 | | -{ |
12 | | - /** |
13 | | - * The authentication factory implementation. |
14 | | - * |
15 | | - * @var \Illuminate\Contracts\Auth\Factory |
16 | | - */ |
17 | | - protected $auth; |
18 | | - protected $user; |
19 | | - |
20 | | - /** |
21 | | - * Create a new middleware instance. |
22 | | - * |
23 | | - * @param \Illuminate\Contracts\Auth\Factory $auth |
24 | | - * @return void |
25 | | - */ |
26 | | - public function __construct(AuthFactory $auth) |
27 | | - { |
28 | | - $this->auth = $auth; |
29 | | - $this->user = backpack_user(); |
30 | | - } |
31 | | - |
32 | | - /** |
33 | | - * Handle an incoming request. |
34 | | - * |
35 | | - * @param \Illuminate\Http\Request $request |
36 | | - * @param \Closure $next |
37 | | - * @return mixed |
38 | | - */ |
39 | | - public function handle($request, Closure $next) |
40 | | - { |
41 | | - if (! $request->hasSession() || ! $this->user) { |
42 | | - return $next($request); |
43 | | - } |
44 | | - |
45 | | - if ($this->guard()->viaRemember()) { |
46 | | - $passwordHash = explode('|', $request->cookies->get($this->guard()->getRecallerName()))[2] ?? null; |
47 | | - |
48 | | - if (! $passwordHash || $passwordHash != $this->user->getAuthPassword()) { |
49 | | - $this->logout($request); |
50 | | - } |
51 | | - } |
52 | | - |
53 | | - if (! $request->session()->has('password_hash_'.backpack_guard_name())) { |
54 | | - $this->storePasswordHashInSession($request); |
55 | | - } |
56 | | - |
57 | | - if ($request->session()->get('password_hash_'.backpack_guard_name()) !== $this->user->getAuthPassword()) { |
58 | | - $this->logout($request); |
59 | | - } |
60 | | - |
61 | | - return tap($next($request), function () use ($request) { |
62 | | - if (! is_null($this->guard()->user())) { |
63 | | - $this->storePasswordHashInSession($request); |
64 | | - } |
65 | | - }); |
66 | | - } |
67 | | - |
68 | | - /** |
69 | | - * Store the user's current password hash in the session. |
70 | | - * |
71 | | - * @param \Illuminate\Http\Request $request |
72 | | - * @return void |
73 | | - */ |
74 | | - protected function storePasswordHashInSession($request) |
75 | | - { |
76 | | - if (! $this->user) { |
77 | | - return; |
78 | | - } |
79 | | - |
80 | | - $request->session()->put([ |
81 | | - 'password_hash_'.backpack_guard_name() => $this->user->getAuthPassword(), |
82 | | - ]); |
83 | | - } |
84 | | - |
85 | | - /** |
86 | | - * Log the user out of the application. |
87 | | - * |
88 | | - * @param \Illuminate\Http\Request $request |
89 | | - * @return void |
90 | | - * |
91 | | - * @throws \Illuminate\Auth\AuthenticationException |
92 | | - */ |
93 | | - protected function logout($request) |
94 | | - { |
95 | | - $this->guard()->logoutCurrentDevice(); |
96 | | - |
97 | | - $request->session()->flush(); |
98 | | - |
99 | | - \Alert::error('Your password was changed in another browser session. Please login again using the new password.')->flash(); |
100 | | - |
101 | | - throw new AuthenticationException('Unauthenticated.', [backpack_guard_name()], backpack_url('login')); |
102 | | - } |
103 | | - |
104 | | - /** |
105 | | - * Get the guard instance that should be used by the middleware. |
106 | | - * |
107 | | - * @return \Illuminate\Contracts\Auth\Factory|\Illuminate\Contracts\Auth\Guard |
108 | | - */ |
109 | | - protected function guard() |
| 5 | +if (class_exists('Illuminate\Contracts\Session\Middleware\AuthenticatesSessions', false)) { |
| 6 | + class AuthenticateSession extends AuthenticateSessionL9 |
110 | 7 | { |
111 | | - return $this->auth; |
112 | 8 | } |
113 | 9 | } |
0 commit comments