devol
/
LinkStack
mirror of https://github.com/LinkStackOrg/LinkStack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor

This commit is contained in:
Julian Prieber 2023-07-14 18:18:41 +02:00
parent b3e0b36dba
commit 4652bc3e5e
1 changed files with 55 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
app/Http/Middleware/Impersonate.php
View File

@ -1,6 +1,7 @@
<?php <?php
namespace App\Http\Middleware; namespace App\Http\Middleware;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Str; use Illuminate\Support\Str;
use App\Models\User; use App\Models\User;
@ -12,51 +13,46 @@ class Impersonate
{ {
$adminUser = User::where('role', 'admin')->where(function ($query) { $adminUser = User::where('role', 'admin')->where(function ($query) {
$query->where('auth_as', '!=', null) $query->where('auth_as', '!=', null)
->where('auth_as', '!=', ''); ->where('auth_as', '!=', '');
})->first(); })->first();
if ($adminUser && is_numeric($adminUser->auth_as)) { if ($adminUser && is_numeric($adminUser->auth_as)) {
$originalUserId = $adminUser->id;
$impersonateUserId = is_numeric($adminUser->auth_as) ? $adminUser->auth_as : $adminUser->id;
$impersonateUser = User::find($impersonateUserId);
$impersonateUserName = $impersonateUser->name;
$originalUser = $adminUser->id; if (Auth::user()->id === $originalUserId) {
$token = Str::random(60);
if (\Route::currentRouteName() !== 'authAs') {
$adminUser->remember_token = $token;
$adminUser->save();
echo "<script>window.location.href = '" . url('studio/links') . "';</script>";
}
$id = is_numeric($adminUser->auth_as) ? $adminUser->auth_as : $adminUser->id; Auth::loginUsingId($impersonateUserId);
$user = User::find($id); $request->session()->put('display_auth_nav', $token);
$request->session()->save();
}
$name = $user->name; if ($request->session()->has('display_auth_nav')) {
$dashboardUrl = url('dashboard');
$authAsUrl = url('/auth-as');
$csrfToken = csrf_token();
$rememberTokenUser = User::find($originalUserId);
$rememberToken = $rememberTokenUser->remember_token;
$storageToken = $request->session()->get('display_auth_nav');
if(Auth::user()->id === $originalUser) { if ($storageToken === $rememberToken) {
if (file_exists(base_path(findAvatar($impersonateUserId)))) {
// Generate unique token $avatarUrl = url(findAvatar($impersonateUserId));
$token = Str::random(60); } elseif (file_exists(base_path("assets/linkstack/images/") . findFile('avatar'))) {
if(\Route::currentRouteName() !== 'authAs'){ $avatarUrl = url("assets/linkstack/images/") . "/" . findFile('avatar');
$adminUser->remember_token = $token; } else {
$adminUser->save(); $avatarUrl = asset('assets/linkstack/images/logo.svg');
echo "<script>window.location.href = '".url('studio/links')."';</script>"; }
}
Auth::loginUsingId($id);
$request->session()->put('display_auth_nav', $token);
$request->session()->save();
}
if($request->session()->has('display_auth_nav')) {
$dashboard = url('dashboard');
$URL = url('/auth-as');
$csrf = csrf_token();
$remember_token = User::find($originalUser);
$token = $remember_token->remember_token;
$storageToken = $request->session()->get('display_auth_nav');
if($storageToken === $token) {
if (file_exists(base_path(findAvatar($id)))) {
$img = '<img alt="avatar" class="iimg irounded" src="' . url(findAvatar($id)) . '">';
} elseif (file_exists(base_path("assets/linkstack/images/").findFile('avatar'))) {
$img = '<img alt="avatar" class="iimg irounded" src="' . url("assets/linkstack/images/") . "/" . findFile('avatar') . '">';
} else {
$img = '<img alt="avatar" class="iimg" src="' . asset('assets/linkstack/images/logo.svg') . '">';
}
$customHtml =
<<<EOD
$customHtml = <<<EOD
<style> <style>
.ibar { .ibar {
position: fixed; position: fixed;
@ -117,7 +113,7 @@ $customHtml =
<div class="ibar"> <div class="ibar">
<p class="itext1"> <p class="itext1">
<span> <span>
<a href="$dashboard">$img $name</a> <a href="$dashboardUrl"><img alt="avatar" class="iimg irounded" src="$avatarUrl">$impersonateUserName</a>
</span> </span>
<a style="cursor:pointer" onclick="document.getElementById('submitForm').submit(); return false;"> <a style="cursor:pointer" onclick="document.getElementById('submitForm').submit(); return false;">
<svg xmlns="http://www.w3.org/2000/svg" class="bi bi-x" viewBox="0 0 16 16"> <svg xmlns="http://www.w3.org/2000/svg" class="bi bi-x" viewBox="0 0 16 16">
@ -129,10 +125,10 @@ $customHtml =
</p> </p>
</div> </div>
<form id="submitForm" action="$URL" method="POST" style="display: none;"> <form id="submitForm" action="$authAsUrl" method="POST" style="display: none;">
<input type="hidden" name="_token" value="$csrf"> <input type="hidden" name="_token" value="$csrfToken">
<input type="hidden" name="token" value="$token"> <input type="hidden" name="token" value="$rememberToken">
<input type="hidden" name="id" value="$originalUser"> <input type="hidden" name="id" value="$originalUserId">
</form> </form>
<script> <script>
@ -140,22 +136,26 @@ $customHtml =
document.getElementById('submitForm').submit(); document.getElementById('submitForm').submit();
} }
</script> </script>
EOD;
} else {
$customHtml = "";
}
EOD;; $response = $next($request);
} else {$customHtml = "";} $content = $response->getContent();
$modifiedContent = preg_replace('/<body([^>]*)>/', "<body$1>{$customHtml}", $content);
$response->setContent($modifiedContent);
$response = $next($request); return $response;
$content = $response->getContent(); } else {
$modifiedContent = preg_replace('/<body([^>]*)>/', "<body$1>{$customHtml}", $content); if ($request->session()->has('display_auth_nav')) {
$response->setContent($modifiedContent); $request->session()->forget('display_auth_nav');
Auth::logout();
return $response; }
} else { return $next($request);
if($request->session()->has('display_auth_nav')) {
$request->session()->forget('display_auth_nav');
Auth::logout();
} }
} else {
return $next($request); return $next($request);
}}else{return $next($request);} }
} }
} }