filters.php 2.0 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980
  1. <?php
  2. /*
  3. |--------------------------------------------------------------------------
  4. | Application & Route Filters
  5. |--------------------------------------------------------------------------
  6. |
  7. | Below you will find the "before" and "after" events for the application
  8. | which may be used to do any work before or after a request into your
  9. | application. Here you may also register your custom route filters.
  10. |
  11. */
  12. App::before(function($request)
  13. {
  14. //
  15. });
  16. App::after(function($request, $response)
  17. {
  18. //
  19. });
  20. /*
  21. |--------------------------------------------------------------------------
  22. | Authentication Filters
  23. |--------------------------------------------------------------------------
  24. |
  25. | The following filters are used to verify that the user of the current
  26. | session is logged into this application. The "basic" filter easily
  27. | integrates HTTP Basic authentication for quick, simple checking.
  28. |
  29. */
  30. Route::filter('auth', function()
  31. {
  32. if (Auth::guest()) return Redirect::route('login');
  33. });
  34. Route::filter('auth.basic', function()
  35. {
  36. return Auth::basic();
  37. });
  38. /*
  39. |--------------------------------------------------------------------------
  40. | Guest Filter
  41. |--------------------------------------------------------------------------
  42. |
  43. | The "guest" filter is the counterpart of the authentication filters as
  44. | it simply checks that the current user is not logged in. A redirect
  45. | response will be issued if they are, which you may freely change.
  46. |
  47. */
  48. Route::filter('guest', function()
  49. {
  50. if (Auth::check()) return Redirect::to('/');
  51. });
  52. /*
  53. |--------------------------------------------------------------------------
  54. | CSRF Protection Filter
  55. |--------------------------------------------------------------------------
  56. |
  57. | The CSRF filter is responsible for protecting your application against
  58. | cross-site request forgery attacks. If this special token in a user
  59. | session does not match the one given in this request, we'll bail.
  60. |
  61. */
  62. Route::filter('csrf', function()
  63. {
  64. if (Session::getToken() != Input::get('_token'))
  65. {
  66. throw new Illuminate\Session\TokenMismatchException;
  67. }
  68. });