Skip to content
Snippets Groups Projects
Normal view Permalink
CheckPassword.php 1.18 KiB
Newer Older
Dominik Hebeler's avatar
Erster Commit
Dominik Hebeler committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 
<?php

namespace App\Http\Middleware;

use Closure;

class CheckPassword
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next, $timed = "false")
    {

        $password = $request->route('password');
        if ($timed === "true") {
            $checkPw = md5(env('PROXY_PASSWORD') . date('dmy'));
            if ($checkPw === $password) {
                return $next($request);
            }
        } else {
Dominik Hebeler's avatar
Nur zur Sicherung. Die Software funktioniert noch nicht optimal  
Dominik Hebeler committed
26 27 
            $targetUrl = str_replace("<<SLASH>>", "/", $request->route('url'));
            $targetUrl = str_rot13(base64_decode($targetUrl));
Phil Höfer's avatar
Update CheckPassword.php  
Phil Höfer committed
28 29 30 31 32 33 
            
            // FIXME temporary check for ban list
            if (md5($targetUrl) === "d1524b8dd3f1bee9ba24fe775339ba40") {
                return abort(403);
            }
Dominik Hebeler's avatar
Erster Commit
Dominik Hebeler committed
34 35 36 37 38 39 40 41 42 43 
            // Check Password:
            $checkPw  = md5(env('PROXY_PASSWORD') . $targetUrl);
            $password = $request->route('password');
            if ($checkPw === $password) {
                return $next($request);
            }
        }
        return abort(403);
    }
}