extern/2FAuth
1
0
Fork 0
mirror of https://github.com/Bubka/2FAuth.git synced 2025-04-03 14:00:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix inactivity middleware trying to logout stateless request

Browse Source
This commit is contained in:
Bubka 2021-11-17 23:37:16 +01:00
parent 6533f844d9
commit eea7cec043
2 changed files with 6 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Http/Kernel.php
View File

@ -44,7 +44,7 @@ class Kernel extends HttpKernel
'api.v1' => [ 'api.v1' => [
'throttle:60,1', 'throttle:60,1',
'bindings', 'bindings',
\App\Http\Middleware\LogoutInactiveUser::class, \App\Http\Middleware\KickOutInactiveUser::class,
\App\Http\Middleware\LogUserLastSeen::class, \App\Http\Middleware\LogUserLastSeen::class,
], ],
]; ];

9
app/Http/Middleware/LogoutInactiveUser.php → app/Http/Middleware/KickOutInactiveUser.php
View File

@ -9,7 +9,7 @@
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log; use Illuminate\Support\Facades\Log;
class LogoutInactiveUser class KickOutInactiveUser
{ {
/** /**
* Handle an incoming request. * Handle an incoming request.
@ -20,12 +20,12 @@ class LogoutInactiveUser
*/ */
public function handle($request, Closure $next, $guard = null) public function handle($request, Closure $next, $guard = null)
{ {
// We do not track activity of non-logged-in user or user authenticated against a bearer token // We do not track activity of guest or user authenticated against a bearer token
if (!Auth::guard('api')->check() || $request->bearerToken()) { if (Auth::guest() || $request->bearerToken()) {
return $next($request); return $next($request);
} }
$user = Auth::guard($guard)->user(); $user = Auth::user();
$now = Carbon::now(); $now = Carbon::now();
$inactiveFor = $now->diffInSeconds(Carbon::parse($user->last_seen_at)); $inactiveFor = $now->diffInSeconds(Carbon::parse($user->last_seen_at));
@ -39,7 +39,6 @@ public function handle($request, Closure $next, $guard = null)
$user->last_seen_at = $now->format('Y-m-d H:i:s'); $user->last_seen_at = $now->format('Y-m-d H:i:s');
$user->save(); $user->save();
Auth::logout();
Log::notice('Inactive user detected, authentication rejected'); Log::notice('Inactive user detected, authentication rejected');
return response()->json(['message' => 'unauthorised'], Response::HTTP_UNAUTHORIZED); return response()->json(['message' => 'unauthorised'], Response::HTTP_UNAUTHORIZED);