From 90fbf8e481c8b3c271aea6e162271829b08a5338 Mon Sep 17 00:00:00 2001 From: Daniel Supernault Date: Sun, 9 Sep 2018 14:19:57 -0600 Subject: [PATCH] Add DangerZone middleware --- app/Http/Kernel.php | 1 + app/Http/Middleware/DangerZone.php | 32 ++++++++++++++++++++++++++++++ 2 files changed, 33 insertions(+) create mode 100644 app/Http/Middleware/DangerZone.php diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index cb2b91876..b90d197a4 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -57,6 +57,7 @@ class Kernel extends HttpKernel 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class, 'can' => \Illuminate\Auth\Middleware\Authorize::class, + 'dangerzone' => \App\Http\Middleware\DangerZone::class, 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, diff --git a/app/Http/Middleware/DangerZone.php b/app/Http/Middleware/DangerZone.php new file mode 100644 index 000000000..22a3d23f2 --- /dev/null +++ b/app/Http/Middleware/DangerZone.php @@ -0,0 +1,32 @@ +is('i/auth/sudo')) { + if( false == $request->cookie('sudoMode') ) { + return redirect('/i/auth/sudo')->withCookie('redirectNext', $request->url()); + } + if( $request->cookie('sudoMode') < Carbon::now()->subMinutes(30)->timestamp ) { + return redirect('/i/auth/sudo')->withCookie('redirectNext', $request->url()); + } + } + return $next($request); + } +}