Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • 33-evaluate-on-javascript-support
  • 36-wikipedia-bilder-laden-teilweise-nicht
  • 31-change-cache-driver
  • 25-remove-subdocument-iframe-url
  • 15-deployment-is-resource-hungry
  • 16-add-prometheus-statistics-and-rate-limit
  • hotfix
8 results
Blame Permalink
CheckPassword.php 1.18 KiB 
<?php

namespace App\Http\Middleware;

use Closure;

class CheckPassword
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next, $timed = "false")
    {

        $password = $request->route('password');
        if ($timed === "true") {
            $checkPw = md5(env('PROXY_PASSWORD') . date('dmy'));
            if ($checkPw === $password) {
                return $next($request);
            }
        } else {
            $targetUrl = str_replace("<<SLASH>>", "/", $request->route('url'));
            $targetUrl = str_rot13(base64_decode($targetUrl));
            
            // FIXME temporary check for ban list
            if (md5($targetUrl) === "d1524b8dd3f1bee9ba24fe775339ba40") {
                return abort(403);
            }
            
            // Check Password:
            $checkPw  = md5(env('PROXY_PASSWORD') . $targetUrl);
            $password = $request->route('password');
            if ($checkPw === $password) {
                return $next($request);
            }
        }
        return abort(403);
    }
}