-
-
Save frzsombor/ddd0e11f93885060ef35 to your computer and use it in GitHub Desktop.
| <?php | |
| /* | |
| |-------------------------------------------------------------------------- | |
| | Sharing Laravel's session and checking authentication | |
| |-------------------------------------------------------------------------- | |
| | | |
| | Use the following code in any CMS (WordPress, Joomla, etc), filemanager (CKFinder, | |
| | KCFinder, simogeos's Filemanager, etc), or any other non-Laravel project to boot into | |
| | the Laravel framework, with session support, and check if the user is authenticated. | |
| | | |
| | The following code is tested with Laravel 4.2.11 | |
| | It may not work with Laravel 5 | |
| | | |
| | Last update: 2015-01-09 | |
| | | |
| */ | |
| require '/path/to/laravel/bootstrap/autoload.php'; | |
| $app = require_once '/path/to/laravel/bootstrap/start.php'; | |
| $request = $app['request']; | |
| $client = (new \Stack\Builder) | |
| ->push('Illuminate\Cookie\Guard', $app['encrypter']) | |
| ->push('Illuminate\Cookie\Queue', $app['cookie']) | |
| ->push('Illuminate\Session\Middleware', $app['session'], null); | |
| $stack = $client->resolve($app); | |
| $stack->handle($request); | |
| $isAuthorized = Auth::check(); | |
It is really useful and works good.
I believe there's one more important thing to notice.
If you are mixing native laravel routes with legacy app routes then Session:put() is not enough.
You also need to call Session::save() for the new variables to be persistent in Session (when invoked in legacy app route).
It would be greater if Session:put() would act same in both situations.
Is it possible to do something like this with Laravel 5? I would like to integrate ResponsiveFilemanager (http://www.responsivefilemanager.com) to allow users to have their own home folders in a Laravel 5 project.
I'd also like to know if this can work on Laravel 5. Thanks!
For Laravel 5 try:
<?php
require '/path/to/laravel/bootstrap/autoload.php';
$app = require_once '/path/to/laravel/bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')
->handle(Illuminate\Http\Request::capture());
// An instance of the Laravel app should be now at your fingertip ;-)
...
$isAuthorized = Auth::check();
This works great thanks!
@menjaraz when trying the laravel 5 approach I get this "Cannot redeclare endsWith() (previously declared in .../vendor/hamcrest/hamcrest-php/hamcrest/Hamcrest.php:655)"
How can I avoid this?
I'm sorry,
where do I put this code?
How can i use this code to integrate Cakephp 2.5 and Laravel 5.1? so if the user has logged in into cakePHP the same login will be maintained into Laravel and vice-versa ?
This is great but how do I modify this code to be able to use Laravel's url() function as well?
hello .
my Config.php file is :
require '../../bootstrap/autoload.php';
$app = require '../../bootstrap/start.php';
function CheckAuthentication()
{
return Auth::check();
}
but error in filemanager Page :
ErrorException (E_NOTICE)
Undefined variable: lang
laravel 4.2 .
please help me .
after some hour of study.
my solution is to use the default session variable available with ckfinder
$config['roleSessionVar'] = 'CKFinder_UserRole';
- in your controller or filter which determine user role, add this
$_SESSION['CKFinder_UserRole'] = 'administrator';
and then in the config.php
$check = $_SESSION['CKFinder_UserRole'];
$config['authentication'] = function () use ($check){
if ($check == 'administrator'){
return true;
}else{
return false;
}
};
now, only authorized user can access the ckfinder, but outsider are being blocked.
Hi, I am using this way for getting csrf_token but problem is laravel boots up but the page gets break after booting laravel
my code is as follow:
$generate_csrf_token = function() use($csrf_token) {
require get_theme_root().'pathtolaravel/autoload.php';
$app = require get_theme_root().'pathtolaravel/start.php';
$request = $app['request'];
$client = (new \Stack\Builder)
->push('Illuminate\Cookie\Guard', $app['encrypter'])
->push('Illuminate\Cookie\Queue', $app['cookie'])
->push('Illuminate\Session\Middleware', $app['session'], null);
$stack = $client->resolve($app);
$stack->handle($request);
return csrf_token();
};
I have login page in wordpress and from that page I want to post on Laravel with csrf_token.
Any idea how can I get csrf token from laravel.
Edit: I am using laravel 4.2
Edit: I thought I was using Laravel 4.2 but actually I am using Laravel 4.0.
In 4.0 there is method call in start.php as follow:
$app->redirectIfTrailingSlash();
It was causing the problem of stucking and breaking the page.
Solution: I created another start.php for wordpress called start_cms.php and commented the above method call in that.Now it works very well.
Any ideas on how to get this working in Laravel 5.3?
So far I've gotten here...
require $_SERVER['DOCUMENT_ROOT'].'/../rbpoarentals/bootstrap/autoload.php';
$app = require $_SERVER['DOCUMENT_ROOT'].'/../laravel/bootstrap/app.php';
$kernel = $app->make('Illuminate\Contracts\Http\Kernel');
$response = $kernel->handle( $request = Illuminate\Http\Request::capture());And it works on the Wordpress home page (example.com/) but no any subdirectories like example.com/page/.
I var_dump'd the $response and can see that the $response is the 404 page. So I could fix this by adding every single Wordpress url to my Laravels routes file... but that is messy. Any idea how I could have it start the Laravel app from the index no matter what Wordpress url I am at?
The 404 page on Laravel doesn't have access to the session.
@octoxan I'm in the same boat. Curious if you ever solved the issue. The root path works fine, it's as though I need to allow the request to fall through all of laravel's routes and then be handled by wordpress. Along those lines I added the rollowing to the end of my web routes, which seems to be working(but I'm sure it has some sort of catch):
Route::get('{any?}', function ($any = null) {
});
Hi! anyone manage to work this on 5.3 and up?
The solution above for 5.2 should still work. In 5.5+ you just need to change bootstrap/autoload.php to vendor/autoload.php.
<?php
require '/path/to/laravel/vendor/autoload.php';
$app = require_once '/path/to/laravel/bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')
->handle(Illuminate\Http\Request::capture());
// An instance of the Laravel app should be now at your fingertip ;-)
...
$isAuthorized = Auth::check();
Dear fellas
I tried to use the code for getting laravel auth check in an external php file but it always returns null
@tomsisk can you help me with it?
and would you please share the complete code for it
this is my code
`
require $path . '/vendor/autoload.php';
$app = require_once $path . '/bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')
->handle(Illuminate\Http\Request::capture());
return Auth::user();
`
it always returns null
I managed to get mine to work properly in an external PHP file by manually starting the session before checking for auth data.
I am not certain if this has any side effects so use at your own risk.
Laravel 5.1
require '/path/to/bootstrap/autoload.php';
$app = require_once '/path/to/bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')->handle(\Illuminate\Http\Request::capture());
$id = $app['encrypter']->decrypt($_COOKIE[$app['config']['session']['cookie']]);
$session = $app['session']->driver();
$session->setId($id);
$session->start();
$isAuthenticated = $app['auth']->check();
Tried this @ntanis in 5.5 but getting this error:
[2018-08-22 23:09:32] prod.ERROR: Undefined index: xxyyzz_session {"exception":"[object] (ErrorException(code: 0): Undefined index: xxyyzz_session at /home/...
Any known solution for 5.5?
Laravel 5.4
require '/var/www/vhosts/xx.xxx.com/bootstrap/autoload.php';
$app = require_once '/var/www/vhosts/xxx.xxx.com/bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')->handle(Illuminate\Http\Request::capture());
$id = $app['encrypter']->decrypt($_COOKIE[$app['config']['session.cookie']]);
$session = $app['session']->driver();
$session->setId($id);
$session->start();
$isAuthenticated = $app['auth']->check();
if($isAuthenticated) {
echo 'logged in';
} else {
echo 'not';
}
I can get the laravel session data using above code to any PHP file.
Laravel 5.4
require '/var/www/vhosts/xx.xxx.com/bootstrap/autoload.php';
$app = require_once '/var/www/vhosts/xxx.xxx.com/bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')->handle(Illuminate\Http\Request::capture());
$id = $app['encrypter']->decrypt($_COOKIE[$app['config']['session.cookie']]);
$session = $app['session']->driver();
$session->setId($id);
$session->start();$isAuthenticated = $app['auth']->check();
if($isAuthenticated) {
echo 'logged in';
} else {
echo 'not';
}I can get the laravel session data using above code to any PHP file.
@Developers-account Don't work mate. $app->make('Illuminate\Contracts\Http\Kernel') is throwing a fit with the following error. "Call to a member function make() on boolean"
I need to understand Laravel indepth.
Laravel 5.5
require __DIR__.'/../../../vendor/autoload.php';
$app = require __DIR__.'/../../../bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')
->handle(Illuminate\Http\Request::capture());
$value = Session::get("any key");
Laravel 8
I work in a docker environement, and because i use redis as the session driver and not file i had to intall php redis extension.
I also got a database error connection, to fix it, i installed the pdo_mysql php extension.
`
include $_SERVER['DOCUMENT_ROOT'].'/../../vendor/autoload.php';
$app = include $_SERVER['DOCUMENT_ROOT'].'/../../bootstrap/app.php';
$kernel = $app->make('Illuminate\Contracts\Http\Kernel');
$kernel->handle($request = Illuminate\Http\Request::capture());
$id = (isset($_COOKIE[$app['config']['session.cookie']]) ? $app['encrypter']->decrypt($_COOKIE[$app['config']['session.cookie']], false) : null);
if ($id) {
$app['session']->driver()->setId(explode('|', $id)[1]);
$app['session']->driver()->start();
// Session::all()
// $app['auth']->getSession() // Illuminate\Session\Store
// Auth::user()
// $app['auth']->user()
} else {
var_dump('NO SESSION ID');
}
`
The above solution works for Laravel 5.5
Laravel 7
Hello, help me please.
I added CKFinder to the admin panel in the articles section, and I want to make access only for the logged-in administrator when I remove exit (); function everything works there is a loading of images adding folders, but exit (); gives an error (Invalid request), but without exit (); I understand that it is not safe.:((
Thank you in advance for your help!
$config['authentication'] = function () {
require $_SERVER['DOCUMENT_ROOT'] . '/vendor/autoload.php';
$app = require_once $_SERVER['DOCUMENT_ROOT']. '/bootstrap/app.php';
$response = $app->make('Illuminate\Contracts\Http\Kernel')->handle(Illuminate\Http\Request::capture());
$cookie = $_COOKIE[$app['config']['session']['cookie']] ?? false;
if ($cookie) {
$id = $app['encrypter']->decrypt($cookie, false);
$session = $app['session']->driver();
$session->setId($id);
$session->start();
}
if (!$app['auth']->check() || !$app['auth']->user()->is_admin){
header('HTTP/1.0 403 Forbidden'); exit();
}
return true;
};
The solution above for 5.2 should still work. In 5.5+ you just need to change
bootstrap/autoload.phptovendor/autoload.php.<?php require '/path/to/laravel/vendor/autoload.php'; $app = require_once '/path/to/laravel/bootstrap/app.php'; $app->make('Illuminate\Contracts\Http\Kernel') ->handle(Illuminate\Http\Request::capture()); // An instance of the Laravel app should be now at your fingertip ;-) ... $isAuthorized = Auth::check();
How can we achieve this if both applications are on different servers?
Laravel 5.5
require __DIR__.'/../../../vendor/autoload.php'; $app = require __DIR__.'/../../../bootstrap/app.php'; $app->make('Illuminate\Contracts\Http\Kernel') ->handle(Illuminate\Http\Request::capture()); $value = Session::get("any key");
Use Session::all() to see what keys are available:
$value = Session::all();
echo "<pre>";
print_r($value);
echo "<pre>";
But in 5.5 I am still getting empty array for Session and for Auth ... so not pulling the session over for some reason :(
All the time I tried integrating a filemanager (KCFinder, simogeo's Filemanager, etc), into a Laravel project, checking if the user is authenticated was always a problem. Reading a few Stackoverflow questions, and other forum/blog posts, it looks like from around 4.1.28, Application::boot() does not initialize sensitive session data anymore, so I had to create a solution to initialize the framework without actually calling Application::run().
Here are a few pages I've found about this issue:
stackoverflow.com: share session info with laravel and back
stackoverflow.com: How to integrate CKFinder with Laravel?
stackoverflow.com: Share Laravel authentication/session with PHP
laravel-tricks.com: Integrating Laravel >=4.1.28 with 3rd party libraries
jacopobeschi.com: Integrate Laravel And Session in external php application
laravel.io: Checking laravel auth in subdomain (wordpress)
I've linked this Gist to all of the above pages, so we can discuss if my
solution is better than the others, and if not, which is the best.
If we find a better solution, I will update this code.
Hope someone finds this useful!