-
-
Save frzsombor/ddd0e11f93885060ef35 to your computer and use it in GitHub Desktop.
<?php | |
/* | |
|-------------------------------------------------------------------------- | |
| Sharing Laravel's session and checking authentication | |
|-------------------------------------------------------------------------- | |
| | |
| Use the following code in any CMS (WordPress, Joomla, etc), filemanager (CKFinder, | |
| KCFinder, simogeos's Filemanager, etc), or any other non-Laravel project to boot into | |
| the Laravel framework, with session support, and check if the user is authenticated. | |
| | |
| The following code is tested with Laravel 4.2.11 | |
| It may not work with Laravel 5 | |
| | |
| Last update: 2015-01-09 | |
| | |
*/ | |
require '/path/to/laravel/bootstrap/autoload.php'; | |
$app = require_once '/path/to/laravel/bootstrap/start.php'; | |
$request = $app['request']; | |
$client = (new \Stack\Builder) | |
->push('Illuminate\Cookie\Guard', $app['encrypter']) | |
->push('Illuminate\Cookie\Queue', $app['cookie']) | |
->push('Illuminate\Session\Middleware', $app['session'], null); | |
$stack = $client->resolve($app); | |
$stack->handle($request); | |
$isAuthorized = Auth::check(); | |
after some hour of study.
my solution is to use the default session variable available with ckfinder
$config['roleSessionVar'] = 'CKFinder_UserRole';
- in your controller or filter which determine user role, add this
$_SESSION['CKFinder_UserRole'] = 'administrator';
and then in the config.php
$check = $_SESSION['CKFinder_UserRole'];
$config['authentication'] = function () use ($check){
if ($check == 'administrator'){
return true;
}else{
return false;
}
};
now, only authorized user can access the ckfinder, but outsider are being blocked.
Hi, I am using this way for getting csrf_token but problem is laravel boots up but the page gets break after booting laravel
my code is as follow:
$generate_csrf_token = function() use($csrf_token) {
require get_theme_root().'pathtolaravel/autoload.php';
$app = require get_theme_root().'pathtolaravel/start.php';
$request = $app['request'];
$client = (new \Stack\Builder)
->push('Illuminate\Cookie\Guard', $app['encrypter'])
->push('Illuminate\Cookie\Queue', $app['cookie'])
->push('Illuminate\Session\Middleware', $app['session'], null);
$stack = $client->resolve($app);
$stack->handle($request);
return csrf_token();
};
I have login page in wordpress and from that page I want to post on Laravel with csrf_token.
Any idea how can I get csrf token from laravel.
Edit: I am using laravel 4.2
Edit: I thought I was using Laravel 4.2 but actually I am using Laravel 4.0.
In 4.0 there is method call in start.php as follow:
$app->redirectIfTrailingSlash();
It was causing the problem of stucking and breaking the page.
Solution: I created another start.php for wordpress called start_cms.php and commented the above method call in that.Now it works very well.
Any ideas on how to get this working in Laravel 5.3?
So far I've gotten here...
require $_SERVER['DOCUMENT_ROOT'].'/../rbpoarentals/bootstrap/autoload.php';
$app = require $_SERVER['DOCUMENT_ROOT'].'/../laravel/bootstrap/app.php';
$kernel = $app->make('Illuminate\Contracts\Http\Kernel');
$response = $kernel->handle( $request = Illuminate\Http\Request::capture());
And it works on the Wordpress home page (example.com/) but no any subdirectories like example.com/page/.
I var_dump'd the $response and can see that the $response is the 404 page. So I could fix this by adding every single Wordpress url to my Laravels routes file... but that is messy. Any idea how I could have it start the Laravel app from the index no matter what Wordpress url I am at?
The 404 page on Laravel doesn't have access to the session.
@octoxan I'm in the same boat. Curious if you ever solved the issue. The root path works fine, it's as though I need to allow the request to fall through all of laravel's routes and then be handled by wordpress. Along those lines I added the rollowing to the end of my web routes, which seems to be working(but I'm sure it has some sort of catch):
Route::get('{any?}', function ($any = null) {
});
Hi! anyone manage to work this on 5.3 and up?
The solution above for 5.2 should still work. In 5.5+ you just need to change bootstrap/autoload.php
to vendor/autoload.php
.
<?php
require '/path/to/laravel/vendor/autoload.php';
$app = require_once '/path/to/laravel/bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')
->handle(Illuminate\Http\Request::capture());
// An instance of the Laravel app should be now at your fingertip ;-)
...
$isAuthorized = Auth::check();
Dear fellas
I tried to use the code for getting laravel auth check in an external php file but it always returns null
@tomsisk can you help me with it?
and would you please share the complete code for it
this is my code
`
require $path . '/vendor/autoload.php';
$app = require_once $path . '/bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')
->handle(Illuminate\Http\Request::capture());
return Auth::user();
`
it always returns null
I managed to get mine to work properly in an external PHP file by manually starting the session before checking for auth data.
I am not certain if this has any side effects so use at your own risk.
Laravel 5.1
require '/path/to/bootstrap/autoload.php';
$app = require_once '/path/to/bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')->handle(\Illuminate\Http\Request::capture());
$id = $app['encrypter']->decrypt($_COOKIE[$app['config']['session']['cookie']]);
$session = $app['session']->driver();
$session->setId($id);
$session->start();
$isAuthenticated = $app['auth']->check();
Tried this @ntanis in 5.5 but getting this error:
[2018-08-22 23:09:32] prod.ERROR: Undefined index: xxyyzz_session {"exception":"[object] (ErrorException(code: 0): Undefined index: xxyyzz_session at /home/...
Any known solution for 5.5?
Laravel 5.4
require '/var/www/vhosts/xx.xxx.com/bootstrap/autoload.php';
$app = require_once '/var/www/vhosts/xxx.xxx.com/bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')->handle(Illuminate\Http\Request::capture());
$id = $app['encrypter']->decrypt($_COOKIE[$app['config']['session.cookie']]);
$session = $app['session']->driver();
$session->setId($id);
$session->start();
$isAuthenticated = $app['auth']->check();
if($isAuthenticated) {
echo 'logged in';
} else {
echo 'not';
}
I can get the laravel session data using above code to any PHP file.
Laravel 5.4
require '/var/www/vhosts/xx.xxx.com/bootstrap/autoload.php';
$app = require_once '/var/www/vhosts/xxx.xxx.com/bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')->handle(Illuminate\Http\Request::capture());
$id = $app['encrypter']->decrypt($_COOKIE[$app['config']['session.cookie']]);
$session = $app['session']->driver();
$session->setId($id);
$session->start();$isAuthenticated = $app['auth']->check();
if($isAuthenticated) {
echo 'logged in';
} else {
echo 'not';
}I can get the laravel session data using above code to any PHP file.
@Developers-account Don't work mate. $app->make('Illuminate\Contracts\Http\Kernel') is throwing a fit with the following error. "Call to a member function make() on boolean"
I need to understand Laravel indepth.
Laravel 5.5
require __DIR__.'/../../../vendor/autoload.php';
$app = require __DIR__.'/../../../bootstrap/app.php';
$app->make('Illuminate\Contracts\Http\Kernel')
->handle(Illuminate\Http\Request::capture());
$value = Session::get("any key");
Laravel 8
I work in a docker environement, and because i use redis as the session driver and not file i had to intall php redis extension.
I also got a database error connection, to fix it, i installed the pdo_mysql php extension.
`
include $_SERVER['DOCUMENT_ROOT'].'/../../vendor/autoload.php';
$app = include $_SERVER['DOCUMENT_ROOT'].'/../../bootstrap/app.php';
$kernel = $app->make('Illuminate\Contracts\Http\Kernel');
$kernel->handle($request = Illuminate\Http\Request::capture());
$id = (isset($_COOKIE[$app['config']['session.cookie']]) ? $app['encrypter']->decrypt($_COOKIE[$app['config']['session.cookie']], false) : null);
if ($id) {
$app['session']->driver()->setId(explode('|', $id)[1]);
$app['session']->driver()->start();
// Session::all()
// $app['auth']->getSession() // Illuminate\Session\Store
// Auth::user()
// $app['auth']->user()
} else {
var_dump('NO SESSION ID');
}
`
The above solution works for Laravel 5.5
Laravel 7
Hello, help me please.
I added CKFinder to the admin panel in the articles section, and I want to make access only for the logged-in administrator when I remove exit (); function everything works there is a loading of images adding folders, but exit (); gives an error (Invalid request), but without exit (); I understand that it is not safe.:((
Thank you in advance for your help!
$config['authentication'] = function () {
require $_SERVER['DOCUMENT_ROOT'] . '/vendor/autoload.php';
$app = require_once $_SERVER['DOCUMENT_ROOT']. '/bootstrap/app.php';
$response = $app->make('Illuminate\Contracts\Http\Kernel')->handle(Illuminate\Http\Request::capture());
$cookie = $_COOKIE[$app['config']['session']['cookie']] ?? false;
if ($cookie) {
$id = $app['encrypter']->decrypt($cookie, false);
$session = $app['session']->driver();
$session->setId($id);
$session->start();
}
if (!$app['auth']->check() || !$app['auth']->user()->is_admin){
header('HTTP/1.0 403 Forbidden'); exit();
}
return true;
};
The solution above for 5.2 should still work. In 5.5+ you just need to change
bootstrap/autoload.php
tovendor/autoload.php
.<?php require '/path/to/laravel/vendor/autoload.php'; $app = require_once '/path/to/laravel/bootstrap/app.php'; $app->make('Illuminate\Contracts\Http\Kernel') ->handle(Illuminate\Http\Request::capture()); // An instance of the Laravel app should be now at your fingertip ;-) ... $isAuthorized = Auth::check();
How can we achieve this if both applications are on different servers?
Laravel 5.5
require __DIR__.'/../../../vendor/autoload.php'; $app = require __DIR__.'/../../../bootstrap/app.php'; $app->make('Illuminate\Contracts\Http\Kernel') ->handle(Illuminate\Http\Request::capture()); $value = Session::get("any key");
Use Session::all() to see what keys are available:
$value = Session::all();
echo "<pre>";
print_r($value);
echo "<pre>";
But in 5.5 I am still getting empty array for Session and for Auth ... so not pulling the session over for some reason :(
hello .
my Config.php file is :
require '../../bootstrap/autoload.php';
$app = require '../../bootstrap/start.php';
function CheckAuthentication()
{
return Auth::check();
}
but error in filemanager Page :
ErrorException (E_NOTICE)
Undefined variable: lang
laravel 4.2 .
please help me .