cuongpv/faveo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Laravel version update

Browse Source 
Laravel version update
This commit is contained in:
Manish Verma
2018-08-06 18:48:58 +05:30
parent d143048413
commit 126fbb0255
13678 changed files with 1031482 additions and 778530 deletions
Download Patch File Download Diff File Expand all files Collapse all files

495
vendor/laravel/framework/src/Illuminate/Auth/SessionGuard.php vendored
View File

@@ -4,24 +4,25 @@ namespace Illuminate\Auth;
use RuntimeException;
use Illuminate\Support\Str;
use Illuminate\Http\Response;
use Illuminate\Contracts\Events\Dispatcher;
use Illuminate\Support\Traits\Macroable;
use Illuminate\Contracts\Session\Session;
use Illuminate\Contracts\Auth\UserProvider;
use Illuminate\Contracts\Events\Dispatcher;
use Illuminate\Contracts\Auth\StatefulGuard;
use Symfony\Component\HttpFoundation\Request;
use Illuminate\Contracts\Auth\SupportsBasicAuth;
use Illuminate\Contracts\Cookie\QueueingFactory as CookieJar;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
class SessionGuard implements StatefulGuard, SupportsBasicAuth
{
use GuardHelpers;
use GuardHelpers, Macroable;
/**
* The name of the Guard. Typically "session".
*
* Corresponds to driver name in authentication configuration.
* Corresponds to guard name in authentication configuration.
*
* @var string
*/
@@ -44,7 +45,7 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
/**
* The session used by the guard.
*
* @var \Symfony\Component\HttpFoundation\Session\SessionInterface
* @var \Illuminate\Contracts\Session\Session
*/
protected $session;
@@ -81,20 +82,20 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
*
* @var bool
*/
protected $tokenRetrievalAttempted = false;
protected $recallAttempted = false;
/**
* Create a new authentication guard.
*
* @param string $name
* @param \Illuminate\Contracts\Auth\UserProvider $provider
* @param \Symfony\Component\HttpFoundation\Session\SessionInterface $session
* @param \Illuminate\Contracts\Session\Session $session
* @param \Symfony\Component\HttpFoundation\Request $request
* @return void
*/
public function __construct($name,
UserProvider $provider,
SessionInterface $session,
Session $session,
Request $request = null)
{
$this->name = $name;
@@ -126,28 +127,68 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
// First we will try to load the user using the identifier in the session if
// one exists. Otherwise we will check for a "remember me" cookie in this
// request, and if one exists, attempt to retrieve the user using that.
$user = null;
if (! is_null($id)) {
$user = $this->provider->retrieveById($id);
if ($this->user = $this->provider->retrieveById($id)) {
$this->fireAuthenticatedEvent($this->user);
}
}
// If the user is null, but we decrypt a "recaller" cookie we can attempt to
// pull the user data on that cookie which serves as a remember cookie on
// the application. Once we have a user we can return it to the caller.
$recaller = $this->getRecaller();
$recaller = $this->recaller();
if (is_null($user) && ! is_null($recaller)) {
$user = $this->getUserByRecaller($recaller);
if (is_null($this->user) && ! is_null($recaller)) {
$this->user = $this->userFromRecaller($recaller);
if ($user) {
$this->updateSession($user->getAuthIdentifier());
if ($this->user) {
$this->updateSession($this->user->getAuthIdentifier());
$this->fireLoginEvent($user, true);
$this->fireLoginEvent($this->user, true);
}
}
return $this->user = $user;
return $this->user;
}
/**
* Pull a user from the repository by its "remember me" cookie token.
*
* @param \Illuminate\Auth\Recaller $recaller
* @return mixed
*/
protected function userFromRecaller($recaller)
{
if (! $recaller->valid() || $this->recallAttempted) {
return;
}
// If the user is null, but we decrypt a "recaller" cookie we can attempt to
// pull the user data on that cookie which serves as a remember cookie on
// the application. Once we have a user we can return it to the caller.
$this->recallAttempted = true;
$this->viaRemember = ! is_null($user = $this->provider->retrieveByToken(
$recaller->id(), $recaller->token()
));
return $user;
}
/**
* Get the decrypted recaller cookie for the request.
*
* @return \Illuminate\Auth\Recaller|null
*/
protected function recaller()
{
if (is_null($this->request)) {
return;
}
if ($recaller = $this->request->cookies->get($this->getRecallerName())) {
return new Recaller($recaller);
}
}
/**
@@ -161,71 +202,9 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
return;
}
$id = $this->session->get($this->getName());
if (is_null($id) && $this->user()) {
$id = $this->user()->getAuthIdentifier();
}
return $id;
}
/**
* Pull a user from the repository by its recaller ID.
*
* @param string $recaller
* @return mixed
*/
protected function getUserByRecaller($recaller)
{
if ($this->validRecaller($recaller) && ! $this->tokenRetrievalAttempted) {
$this->tokenRetrievalAttempted = true;
list($id, $token) = explode('|', $recaller, 2);
$this->viaRemember = ! is_null($user = $this->provider->retrieveByToken($id, $token));
return $user;
}
}
/**
* Get the decrypted recaller cookie for the request.
*
* @return string|null
*/
protected function getRecaller()
{
return $this->request->cookies->get($this->getRecallerName());
}
/**
* Get the user ID from the recaller cookie.
*
* @return string|null
*/
protected function getRecallerId()
{
if ($this->validRecaller($recaller = $this->getRecaller())) {
return head(explode('|', $recaller));
}
}
/**
* Determine if the recaller cookie is in a valid format.
*
* @param mixed $recaller
* @return bool
*/
protected function validRecaller($recaller)
{
if (! is_string($recaller) || ! Str::contains($recaller, '|')) {
return false;
}
$segments = explode('|', $recaller);
return count($segments) == 2 && trim($segments[0]) !== '' && trim($segments[1]) !== '';
return $this->user()
? $this->user()->getAuthIdentifier()
: $this->session->get($this->getName());
}
/**
@@ -236,6 +215,8 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
*/
public function once(array $credentials = [])
{
$this->fireAttemptEvent($credentials);
if ($this->validate($credentials)) {
$this->setUser($this->lastAttempted);
@@ -245,6 +226,23 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
return false;
}
/**
* Log the given user ID into the application without sessions or cookies.
*
* @param mixed $id
* @return \Illuminate\Contracts\Auth\Authenticatable|false
*/
public function onceUsingId($id)
{
if (! is_null($user = $this->provider->retrieveById($id))) {
$this->setUser($user);
return $user;
}
return false;
}
/**
* Validate a user's credentials.
*
@@ -253,7 +251,9 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
*/
public function validate(array $credentials = [])
{
return $this->attempt($credentials, false, false);
$this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials);
return $this->hasValidCredentials($user, $credentials);
}
/**
@@ -276,7 +276,7 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
return;
}
return $this->getBasicResponse();
return $this->failedBasicResponse();
}
/**
@@ -288,10 +288,10 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
*/
public function onceBasic($field = 'email', $extraConditions = [])
{
$credentials = $this->getBasicCredentials($this->getRequest(), $field);
$credentials = $this->basicCredentials($this->getRequest(), $field);
if (! $this->once(array_merge($credentials, $extraConditions))) {
return $this->getBasicResponse();
return $this->failedBasicResponse();
}
}
@@ -309,9 +309,9 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
return false;
}
$credentials = $this->getBasicCredentials($request, $field);
return $this->attempt(array_merge($credentials, $extraConditions));
return $this->attempt(array_merge(
$this->basicCredentials($request, $field), $extraConditions
));
}
/**
@@ -321,7 +321,7 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
* @param string $field
* @return array
*/
protected function getBasicCredentials(Request $request, $field)
protected function basicCredentials(Request $request, $field)
{
return [$field => $request->getUser(), 'password' => $request->getPassword()];
}
@@ -329,13 +329,12 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
/**
* Get the response for basic authentication.
*
* @return \Symfony\Component\HttpFoundation\Response
* @return void
* @throws \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException
*/
protected function getBasicResponse()
protected function failedBasicResponse()
{
$headers = ['WWW-Authenticate' => 'Basic'];
return new Response('Invalid credentials.', 401, $headers);
throw new UnauthorizedHttpException('Basic', 'Invalid credentials.');
}
/**
@@ -343,12 +342,11 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
*
* @param array $credentials
* @param bool $remember
* @param bool $login
* @return bool
*/
public function attempt(array $credentials = [], $remember = false, $login = true)
public function attempt(array $credentials = [], $remember = false)
{
$this->fireAttemptEvent($credentials, $remember, $login);
$this->fireAttemptEvent($credentials, $remember);
$this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials);
@@ -356,9 +354,7 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
// to validate the user against the given credentials, and if they are in
// fact valid we'll log the users into the application and return true.
if ($this->hasValidCredentials($user, $credentials)) {
if ($login) {
$this->login($user, $remember);
}
$this->login($user, $remember);
return true;
}
@@ -366,9 +362,7 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
// If the authentication attempt fails we will fire an event so that the user
// may be notified of any suspicious attempts to access their account from
// an unrecognized user. A developer may listen to this event as needed.
if ($login) {
$this->fireFailedEvent($user, $credentials);
}
$this->fireFailedEvent($user, $credentials);
return false;
}
@@ -386,47 +380,21 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
}
/**
* Fire the attempt event with the arguments.
* Log the given user ID into the application.
*
* @param array $credentials
* @param bool $remember
* @param bool $login
* @return void
* @param mixed $id
* @param bool $remember
* @return \Illuminate\Contracts\Auth\Authenticatable|false
*/
protected function fireAttemptEvent(array $credentials, $remember, $login)
public function loginUsingId($id, $remember = false)
{
if (isset($this->events)) {
$this->events->fire(new Events\Attempting(
$credentials, $remember, $login
));
}
}
if (! is_null($user = $this->provider->retrieveById($id))) {
$this->login($user, $remember);
/**
* Fire the failed authentication attempt event with the given arguments.
*
* @param \Illuminate\Contracts\Auth\Authenticatable|null $user
* @param array $credentials
* @return void
*/
protected function fireFailedEvent($user, array $credentials)
{
if (isset($this->events)) {
$this->events->fire(new Events\Failed($user, $credentials));
return $user;
}
}
/**
* Register an authentication attempt event listener.
*
* @param mixed $callback
* @return void
*/
public function attempting($callback)
{
if (isset($this->events)) {
$this->events->listen(Events\Attempting::class, $callback);
}
return false;
}
/**
@@ -444,7 +412,7 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
// queue a permanent cookie that contains the encrypted copy of the user
// identifier. We will then decrypt this later to retrieve the users.
if ($remember) {
$this->createRememberTokenIfDoesntExist($user);
$this->ensureRememberTokenIsSet($user);
$this->queueRecallerCookie($user);
}
@@ -457,20 +425,6 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
$this->setUser($user);
}
/**
* Fire the login event if the dispatcher is set.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user
* @param bool $remember
* @return void
*/
protected function fireLoginEvent($user, $remember = false)
{
if (isset($this->events)) {
$this->events->fire(new Events\Login($user, $remember));
}
}
/**
* Update the session with the given ID.
*
@@ -479,48 +433,22 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
*/
protected function updateSession($id)
{
$this->session->set($this->getName(), $id);
$this->session->put($this->getName(), $id);
$this->session->migrate(true);
}
/**
* Log the given user ID into the application.
* Create a new "remember me" token for the user if one doesn't already exist.
*
* @param mixed $id
* @param bool $remember
* @return \Illuminate\Contracts\Auth\Authenticatable
* @param \Illuminate\Contracts\Auth\Authenticatable $user
* @return void
*/
public function loginUsingId($id, $remember = false)
protected function ensureRememberTokenIsSet(AuthenticatableContract $user)
{
$user = $this->provider->retrieveById($id);
if (! is_null($user)) {
$this->login($user, $remember);
return $user;
if (empty($user->getRememberToken())) {
$this->cycleRememberToken($user);
}
return false;
}
/**
* Log the given user ID into the application without sessions or cookies.
*
* @param mixed $id
* @return bool
*/
public function onceUsingId($id)
{
$user = $this->provider->retrieveById($id);
if (! is_null($user)) {
$this->setUser($user);
return true;
}
return false;
}
/**
@@ -531,9 +459,9 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
*/
protected function queueRecallerCookie(AuthenticatableContract $user)
{
$value = $user->getAuthIdentifier().'|'.$user->getRememberToken();
$this->getCookieJar()->queue($this->createRecaller($value));
$this->getCookieJar()->queue($this->createRecaller(
$user->getAuthIdentifier().'|'.$user->getRememberToken().'|'.$user->getAuthPassword()
));
}
/**
@@ -562,11 +490,11 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
$this->clearUserDataFromStorage();
if (! is_null($this->user)) {
$this->refreshRememberToken($user);
$this->cycleRememberToken($user);
}
if (isset($this->events)) {
$this->events->fire(new Events\Logout($user));
$this->events->dispatch(new Events\Logout($user));
}
// Once we have fired the logout event we will clear the users out of memory
@@ -586,10 +514,9 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
{
$this->session->remove($this->getName());
if (! is_null($this->getRecaller())) {
$recaller = $this->getRecallerName();
$this->getCookieJar()->queue($this->getCookieJar()->forget($recaller));
if (! is_null($this->recaller())) {
$this->getCookieJar()->queue($this->getCookieJar()
->forget($this->getRecallerName()));
}
}
@@ -599,7 +526,7 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
* @param \Illuminate\Contracts\Auth\Authenticatable $user
* @return void
*/
protected function refreshRememberToken(AuthenticatableContract $user)
protected function cycleRememberToken(AuthenticatableContract $user)
{
$user->setRememberToken($token = Str::random(60));
@@ -607,18 +534,115 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
}
/**
* Create a new "remember me" token for the user if one doesn't already exist.
* Register an authentication attempt event listener.
*
* @param mixed $callback
* @return void
*/
public function attempting($callback)
{
if (isset($this->events)) {
$this->events->listen(Events\Attempting::class, $callback);
}
}
/**
* Fire the attempt event with the arguments.
*
* @param array $credentials
* @param bool $remember
* @return void
*/
protected function fireAttemptEvent(array $credentials, $remember = false)
{
if (isset($this->events)) {
$this->events->dispatch(new Events\Attempting(
$credentials, $remember
));
}
}
/**
* Fire the login event if the dispatcher is set.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user
* @param bool $remember
* @return void
*/
protected function fireLoginEvent($user, $remember = false)
{
if (isset($this->events)) {
$this->events->dispatch(new Events\Login($user, $remember));
}
}
/**
* Fire the authenticated event if the dispatcher is set.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user
* @return void
*/
protected function createRememberTokenIfDoesntExist(AuthenticatableContract $user)
protected function fireAuthenticatedEvent($user)
{
if (empty($user->getRememberToken())) {
$this->refreshRememberToken($user);
if (isset($this->events)) {
$this->events->dispatch(new Events\Authenticated($user));
}
}
/**
* Fire the failed authentication attempt event with the given arguments.
*
* @param \Illuminate\Contracts\Auth\Authenticatable|null $user
* @param array $credentials
* @return void
*/
protected function fireFailedEvent($user, array $credentials)
{
if (isset($this->events)) {
$this->events->dispatch(new Events\Failed($user, $credentials));
}
}
/**
* Get the last user we attempted to authenticate.
*
* @return \Illuminate\Contracts\Auth\Authenticatable
*/
public function getLastAttempted()
{
return $this->lastAttempted;
}
/**
* Get a unique identifier for the auth session value.
*
* @return string
*/
public function getName()
{
return 'login_'.$this->name.'_'.sha1(static::class);
}
/**
* Get the name of the cookie used to store the "recaller".
*
* @return string
*/
public function getRecallerName()
{
return 'remember_'.$this->name.'_'.sha1(static::class);
}
/**
* Determine if the user was authenticated via "remember me" cookie.
*
* @return bool
*/
public function viaRemember()
{
return $this->viaRemember;
}
/**
* Get the cookie creator instance used by the guard.
*
@@ -670,34 +694,13 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
/**
* Get the session store used by the guard.
*
* @return \Illuminate\Session\Store
* @return \Illuminate\Contracts\Session\Session
*/
public function getSession()
{
return $this->session;
}
/**
* Get the user provider used by the guard.
*
* @return \Illuminate\Contracts\Auth\UserProvider
*/
public function getProvider()
{
return $this->provider;
}
/**
* Set the user provider used by the guard.
*
* @param \Illuminate\Contracts\Auth\UserProvider $provider
* @return void
*/
public function setProvider(UserProvider $provider)
{
$this->provider = $provider;
}
/**
* Return the currently cached user.
*
@@ -720,6 +723,8 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
$this->loggedOut = false;
$this->fireAuthenticatedEvent($user);
return $this;
}
@@ -745,44 +750,4 @@ class SessionGuard implements StatefulGuard, SupportsBasicAuth
return $this;
}
/**
* Get the last user we attempted to authenticate.
*
* @return \Illuminate\Contracts\Auth\Authenticatable
*/
public function getLastAttempted()
{
return $this->lastAttempted;
}
/**
* Get a unique identifier for the auth session value.
*
* @return string
*/
public function getName()
{
return 'login_'.$this->name.'_'.sha1(static::class);
}
/**
* Get the name of the cookie used to store the "recaller".
*
* @return string
*/
public function getRecallerName()
{
return 'remember_'.$this->name.'_'.sha1(static::class);
}
/**
* Determine if the user was authenticated via "remember me" cookie.
*
* @return bool
*/
public function viaRemember()
{
return $this->viaRemember;
}
}