-
-
Save frzsombor/ddd0e11f93885060ef35 to your computer and use it in GitHub Desktop.
| <?php | |
| /* | |
| |-------------------------------------------------------------------------- | |
| | Sharing Laravel's session and checking authentication | |
| |-------------------------------------------------------------------------- | |
| | | |
| | Use the following code in any CMS (WordPress, Joomla, etc), filemanager (CKFinder, | |
| | KCFinder, simogeos's Filemanager, etc), or any other non-Laravel project to boot into | |
| | the Laravel framework, with session support, and check if the user is authenticated. | |
| | | |
| | The following code is tested with Laravel 4.2.11 | |
| | It may not work with Laravel 5 | |
| | | |
| | Last update: 2015-01-09 | |
| | | |
| */ | |
| require '/path/to/laravel/bootstrap/autoload.php'; | |
| $app = require_once '/path/to/laravel/bootstrap/start.php'; | |
| $request = $app['request']; | |
| $client = (new \Stack\Builder) | |
| ->push('Illuminate\Cookie\Guard', $app['encrypter']) | |
| ->push('Illuminate\Cookie\Queue', $app['cookie']) | |
| ->push('Illuminate\Session\Middleware', $app['session'], null); | |
| $stack = $client->resolve($app); | |
| $stack->handle($request); | |
| $isAuthorized = Auth::check(); | |
Laravel 7
Hello, help me please.
I added CKFinder to the admin panel in the articles section, and I want to make access only for the logged-in administrator when I remove exit (); function everything works there is a loading of images adding folders, but exit (); gives an error (Invalid request), but without exit (); I understand that it is not safe.:((
Thank you in advance for your help!
$config['authentication'] = function () {
require $_SERVER['DOCUMENT_ROOT'] . '/vendor/autoload.php';
$app = require_once $_SERVER['DOCUMENT_ROOT']. '/bootstrap/app.php';
$response = $app->make('Illuminate\Contracts\Http\Kernel')->handle(Illuminate\Http\Request::capture());
$cookie = $_COOKIE[$app['config']['session']['cookie']] ?? false;
if ($cookie) {
$id = $app['encrypter']->decrypt($cookie, false);
$session = $app['session']->driver();
$session->setId($id);
$session->start();
}
if (!$app['auth']->check() || !$app['auth']->user()->is_admin){
header('HTTP/1.0 403 Forbidden'); exit();
}
return true;
};
The solution above for 5.2 should still work. In 5.5+ you just need to change
bootstrap/autoload.phptovendor/autoload.php.<?php require '/path/to/laravel/vendor/autoload.php'; $app = require_once '/path/to/laravel/bootstrap/app.php'; $app->make('Illuminate\Contracts\Http\Kernel') ->handle(Illuminate\Http\Request::capture()); // An instance of the Laravel app should be now at your fingertip ;-) ... $isAuthorized = Auth::check();
How can we achieve this if both applications are on different servers?
Laravel 5.5
require __DIR__.'/../../../vendor/autoload.php'; $app = require __DIR__.'/../../../bootstrap/app.php'; $app->make('Illuminate\Contracts\Http\Kernel') ->handle(Illuminate\Http\Request::capture()); $value = Session::get("any key");
Use Session::all() to see what keys are available:
$value = Session::all();
echo "<pre>";
print_r($value);
echo "<pre>";
But in 5.5 I am still getting empty array for Session and for Auth ... so not pulling the session over for some reason :(
The above solution works for Laravel 5.5