invoiceninja/app/filters.php

<?php

/*
|--------------------------------------------------------------------------
| Application & Route Filters
|--------------------------------------------------------------------------
|
| Below you will find the "before" and "after" events for the application
| which may be used to do any work before or after a request into your
| application. Here you may also register your custom route filters.
|
*/

App::before(function($request)
{
  if (Auth::check())
  {
    $count = Session::get(SESSION_COUNTER, 0);
    Session::put(SESSION_COUNTER, ++$count);
  }

  if (App::environment() == ENV_PRODUCTION)
  {
    if (!Request::secure()) 
    {
      return Redirect::secure(Request::getRequestUri());      
    }
  }

  if (Input::has('lang'))
  {
    $locale = Input::get('lang');
    App::setLocale($locale);
    Session::set(SESSION_LOCALE, $locale);    

    if (Auth::check())
    {
      if ($language = Language::whereLocale($locale)->first())
      {
        $account = Auth::user()->account;
        $account->language_id = $language->id;
        $account->save();
      }
    }
  } 
  else if (Auth::check())
  {
    $locale = Session::get(SESSION_LOCALE, DEFAULT_LOCALE);
    App::setLocale($locale);    
  }
});


App::after(function($request, $response)
{
	//
});

/*
|--------------------------------------------------------------------------
| Authentication Filters
|--------------------------------------------------------------------------
|
| The following filters are used to verify that the user of the current
| session is logged into this application. The "basic" filter easily
| integrates HTTP Basic authentication for quick, simple checking.
|
*/

Route::filter('auth', function()
{
    if (Auth::guest()) {
      if(Utils::isNinja()) {
          return Redirect::guest('/');
      } else {
          return Redirect::guest('/login');
      }
    }
});


Route::filter('auth.basic', function()
{
	return Auth::basic();
});

/*
|--------------------------------------------------------------------------
| Guest Filter
|--------------------------------------------------------------------------
|
| The "guest" filter is the counterpart of the authentication filters as
| it simply checks that the current user is not logged in. A redirect
| response will be issued if they are, which you may freely change.
|
*/

Route::filter('guest', function()
{
	if (Auth::check()) return Redirect::to('/');
});

/*
|--------------------------------------------------------------------------
| CSRF Protection Filter
|--------------------------------------------------------------------------
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/

Route::filter('csrf', function()
{
	$token = Request::ajax() ? Request::header('X-CSRF-Token') : Input::get('_token');
	
   	if (Session::token() != $token) 
   	{      
      Session::flash('warning', trans('texts.session_expired'));   

   		return Redirect::to('/');
			//throw new Illuminate\Session\TokenMismatchException;
   	}
});
Initial commit 2013-11-26 13:45:07 +01:00			`<?php`

			`/*`
			`\|--------------------------------------------------------------------------`
			`\| Application & Route Filters`
			`\|--------------------------------------------------------------------------`
			`\|`
			`\| Below you will find the "before" and "after" events for the application`
			`\| which may be used to do any work before or after a request into your`
			`\| application. Here you may also register your custom route filters.`
			`\|`
			`*/`

			`App::before(function($request)`
			`{`
Show new client form on click 2014-07-07 08:43:16 +02:00			`if (Auth::check())`
			`{`
			`$count = Session::get(SESSION_COUNTER, 0);`
			`Session::put(SESSION_COUNTER, ++$count);`
			`}`

bug fixes 2014-02-01 21:01:32 +01:00			`if (App::environment() == ENV_PRODUCTION)`
			`{`
			`if (!Request::secure())`
			`{`
			`return Redirect::secure(Request::getRequestUri());`
			`}`
			`}`
Working on multi-language support 2014-03-19 23:00:56 +01:00
Working on multi-language support 2014-04-02 14:28:23 +02:00			`if (Input::has('lang'))`
			`{`
Bug fixes 2014-04-06 11:02:04 +02:00			`$locale = Input::get('lang');`
			`App::setLocale($locale);`
Bug fixes 2014-04-14 13:33:43 +02:00			`Session::set(SESSION_LOCALE, $locale);`

			`if (Auth::check())`
			`{`
			`if ($language = Language::whereLocale($locale)->first())`
			`{`
			`$account = Auth::user()->account;`
			`$account->language_id = $language->id;`
			`$account->save();`
			`}`
			`}`
Working on multi-language support 2014-04-02 14:28:23 +02:00			`}`
			`else if (Auth::check())`
Working on multi-language support 2014-04-02 15:10:00 +02:00			`{`
Fix "DEFAULT_LOCALE" constant spelling Was “DEFUALT_LOCALE” 2014-04-09 23:53:09 +02:00			`$locale = Session::get(SESSION_LOCALE, DEFAULT_LOCALE);`
Working on multi-language support 2014-04-02 15:10:00 +02:00			`App::setLocale($locale);`
Working on multi-language support 2014-03-19 23:00:56 +01:00			`}`
Initial commit 2013-11-26 13:45:07 +01:00			`});`


			`App::after(function($request, $response)`
			`{`
			`//`
			`});`

			`/*`
			`\|--------------------------------------------------------------------------`
			`\| Authentication Filters`
			`\|--------------------------------------------------------------------------`
			`\|`
			`\| The following filters are used to verify that the user of the current`
			`\| session is logged into this application. The "basic" filter easily`
			`\| integrates HTTP Basic authentication for quick, simple checking.`
			`\|`
			`*/`

			`Route::filter('auth', function()`
			`{`
Disable commercial website unless it has NINJA_PROD or NINJA_DEV env set 2014-07-04 20:07:31 +02:00			`if (Auth::guest()) {`
Working on self hosting 2014-07-15 22:36:40 +02:00			`if(Utils::isNinja()) {`
			`return Redirect::guest('/');`
			`} else {`
			`return Redirect::guest('/login');`
			`}`
Disable commercial website unless it has NINJA_PROD or NINJA_DEV env set 2014-07-04 20:07:31 +02:00			`}`
Initial commit 2013-11-26 13:45:07 +01:00			`});`


			`Route::filter('auth.basic', function()`
			`{`
			`return Auth::basic();`
			`});`

			`/*`
			`\|--------------------------------------------------------------------------`
			`\| Guest Filter`
			`\|--------------------------------------------------------------------------`
			`\|`
			`\| The "guest" filter is the counterpart of the authentication filters as`
			`\| it simply checks that the current user is not logged in. A redirect`
			`\| response will be issued if they are, which you may freely change.`
			`\|`
			`*/`

			`Route::filter('guest', function()`
			`{`
			`if (Auth::check()) return Redirect::to('/');`
			`});`

			`/*`
			`\|--------------------------------------------------------------------------`
			`\| CSRF Protection Filter`
			`\|--------------------------------------------------------------------------`
			`\|`
			`\| The CSRF filter is responsible for protecting your application against`
			`\| cross-site request forgery attacks. If this special token in a user`
			`\| session does not match the one given in this request, we'll bail.`
			`\|`
			`*/`

			`Route::filter('csrf', function()`
			`{`
Improving data model 2013-12-03 18:32:33 +01:00			`$token = Request::ajax() ? Request::header('X-CSRF-Token') : Input::get('_token');`
bug fixes 2014-01-02 14:21:15 +01:00
bug fixes 2014-02-01 21:01:32 +01:00			`if (Session::token() != $token)`
Bug fixes 2014-06-02 18:21:47 +02:00			`{`
			`Session::flash('warning', trans('texts.session_expired'));`

bug fixes 2014-02-01 21:01:32 +01:00			`return Redirect::to('/');`
			`//throw new Illuminate\Session\TokenMismatchException;`
Improving data model 2013-12-03 18:32:33 +01:00			`}`
Initial commit 2013-11-26 13:45:07 +01:00			`});`