Level 102
What do you mean by a custom PHP file? Just a foo.php in your public directory that you want to call?
Aug 9, 2022
21
Level 12
Using the Auth facade inside a custom PHP file
Hello.
How can I use the Auth facade inside a custom PHP file? I need to catch user's administration level (Auth::user()->level) and based on that do some business logic inside that PHP file.
Level 12
@Sinnbeck Exactly.
Level 102
@Laralex You would need to boot laravel completely as the session is encrypted using your APP_KEY. So it will take some work getting it working correctly. You might be able to load composer autoload file as well as /bootstrap/app.php
But the question is why. This is going to be a pain to build and maintain.
Level 12
@Sinnbeck Because I need to restrict specific users from a specific permissions.
array(
'read' => true,
'write' => (Auth::user()->level > 1) ? true : false,
'locked'=> true
)
This php file is accessed through AJAX. Maybe send as data an encrypted information and then catch it inside that file?
Level 102
@Laralex And you cant do this in a regular laravel route?
Level 12
@Sinnbeck Well it's elFinder's configuration file and I'm not pretty sure if that's a good solution.
Level 102
@Laralex Implement it yourself. It seems to mostly be these two lines (you just need to make the config)
$connector = new elFinderConnector(new elFinder($opts));
$connector->run();
Level 12
@Sinnbeck And what about encrypting and passing the user's level through the AJAX request and then catching it inside the php file?
Level 102
@Laralex Well it might take some work to get it all working, but I would think it might be less work than implementing laravel in that file. You can try both solutions
You could also try with a laravel package instead? https://packagist.org/packages/barryvdh/laravel-elfinder
Level 1
@Laralex you should be using middleware on the routes where that permission is needed, and do the rest in the controller on that route that the ajax points to https://laravel.com/docs/9.x/middleware
Level 12
@nebulous75 Not moving the code into a Laravel route.
@sinnbeck I already built everything to work without package and it will be really painful to start from the beginning. I'll try the data pass through AJAX solution and I'll reply back. Any suggestions on encrypting the data?
Level 102
@Laralex I would assume that it does that automatically if you use that example file? Otherwise you can use something like https://github.com/defuse/php-encryption
Level 12
@Sinnbeck Okay. I did it really simple as this page is only usable from administrators which won't do anything harmful.
=================
Added to the AJAX request a new data called htr5 (just a random name) which has the following contents:
8475{{ auth()->user()->level }}9785
Starts and ends with static numbers which are excluded when the data arrives so I end up with the user level. I don't think encryption is needed at this point.
Level 1
add
use Illuminate\Support\Facades\Auth;
Level 12
@nebulous75 Tried that but doesn't seems to work.
use Illuminate\Support\Facades\Auth;
return json_encode(Auth::user()->level);
this returns
Fatal error: Uncaught Error: Class "Illuminate\Support\Facades\Auth" not found
Level 122
its not going to work. You have access to nothing if you don't boot the framework
what possible reason is there for a standalone php script?
Level 3
facin same issue
Level 102
@mahsanr44 What really? You implemented that php code in a separate file as well?! :O
1 like
Please or to participate in this conversation.