browner12/controller.php

## controller.php
<?php

namespace App\Http\Controllers;

use Illuminate\Contracts\Hashing\Hasher;
use Illuminate\Http\Request;

class ReauthorizeController extends Controller
{
    /**
     * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
     */
    public function reauthorize()
    {
        //load view
        return view('main/auth/reauthorize');
    }

    /**
     * @param \Illuminate\Http\Request             $request
     * @param \Illuminate\Contracts\Hashing\Hasher $hasher
     * @return \Illuminate\Http\RedirectResponse
     */
    public function processReauthorize(Request $request, Hasher $hasher)
    {
        //good password
        if ($hasher->check($request->get('password'), $request->user()->password)) {

            //update session
            $request->session()->put('reauthorize.last_authorized', strtotime('now'));

            //send to requested page
            return redirect()->to($request->session()->get('reauthorize.requested_url', '/'));
        }

        //message
        alert('Error', 'Incorrect password.');

        //send back
        return back();
    }
}

## kernel.php
<?php

/**
     * The application's route middleware.
     *
     * These middleware may be assigned to groups or used individually.
     *
     * @var array
     */
    protected $routeMiddleware = [
        'auth'        => \Illuminate\Auth\Middleware\Authenticate::class,
        'auth.basic'  => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'bindings'    => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'can'         => \Illuminate\Auth\Middleware\Authorize::class,
        'guest'       => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'throttle'    => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'reauthorize' => \App\Http\Middleware\Reauthorize::class,
    ];

## middleware.php
<?php

namespace App\Http\Middleware;

use Closure;

class Reauthorize
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request $request
     * @param  \Closure                 $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        //only check after set number of seconds
        if ((strtotime('now') - $request->session()->get('reauthorize.last_authorized', 0)) > 10) {

            //store the requested url
            $request->session()->put('reauthorize.requested_url', $request->route()->uri());

            //send to reauthorization page
            return redirect()->route('reauthorize');
        }

        //reset timer if we are already authorized
        $request->session()->put('reauthorize.last_authorized', strtotime('now'));

        //next layer
        return $next($request);
    }
}

## routes.php
//reauthorize
Route::get('reauthorize', 'ReauthorizeController@reauthorize')->name('reauthorize');
Route::post('reauthorize', 'ReauthorizeController@processReauthorize')->name('reauthorize.process');

## view.php
@extends('layouts.master')

@section('content')

    <div class="container">

        <div class="row">

            <div class="col-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 m-auto">

                <div class="text-center">
                    <img src="/images/logo.png" />
                    <h3 class="my-4">Confirm Password</h3>
                </div>

                <div class="text-center"></div>

                <div class="card">

                    <div class="card-body">

                        <form name="reauthorize" method="post" action="{{ route('reauthorize.process') }}">

                            <!--hidden-->
                            <input name="_token" type="hidden" value="{{ csrf_token() }}" />

                            <!--password-->
                            <div class="form-group row {{ validation_state($errors, ['password']) }}">
                                <div class="col-12">
                                    <input name="password" type="password" class="form-control" id="password" placeholder="Password" autofocus value="" />
                                </div>
                            </div>

                            <!--submit-->
                            <div class="form-group row mb-0">
                                <div class="col-12">
                                    <button name="submit" type="submit" id="submit" class="btn btn-primary btn-block">Confirm Password <i class="fa fa-check-circle"></i></button>
                                </div>
                            </div>

                        </form>

                    </div>

                </div>

                <div class="mt-2 px-3" style="font-size: 0.8rem; ">Tip: You are entering sudo mode. We won’t ask for your password again for a few hours. After you've performed a sudo-protected action, you'll only be asked to re-authenticate again after a few hours of inactivity. Every sudo-protected action resets this timer.</div>

            </div>

        </div>

    </div>

@endsection
	<?php

	namespace App\Http\Controllers;

	use Illuminate\Contracts\Hashing\Hasher;
	use Illuminate\Http\Request;

	class ReauthorizeController extends Controller
	{
	/**
	* @return \Illuminate\Contracts\View\Factory\|\Illuminate\View\View
	*/
	public function reauthorize()
	{
	//load view
	return view('main/auth/reauthorize');
	}

	/**
	* @param \Illuminate\Http\Request $request
	* @param \Illuminate\Contracts\Hashing\Hasher $hasher
	* @return \Illuminate\Http\RedirectResponse
	*/
	public function processReauthorize(Request $request, Hasher $hasher)
	{
	//good password
	if ($hasher->check($request->get('password'), $request->user()->password)) {

	//update session
	$request->session()->put('reauthorize.last_authorized', strtotime('now'));

	//send to requested page
	return redirect()->to($request->session()->get('reauthorize.requested_url', '/'));
	}

	//message
	alert('Error', 'Incorrect password.');

	//send back
	return back();
	}
	}
	<?php

	/**
	* The application's route middleware.
	*
	* These middleware may be assigned to groups or used individually.
	*
	* @var array
	*/
	protected $routeMiddleware = [
	'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
	'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
	'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
	'can' => \Illuminate\Auth\Middleware\Authorize::class,
	'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
	'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
	'reauthorize' => \App\Http\Middleware\Reauthorize::class,
	];
	<?php

	namespace App\Http\Middleware;

	use Closure;

	class Reauthorize
	{
	/**
	* Handle an incoming request.
	*
	* @param \Illuminate\Http\Request $request
	* @param \Closure $next
	* @return mixed
	*/
	public function handle($request, Closure $next)
	{
	//only check after set number of seconds
	if ((strtotime('now') - $request->session()->get('reauthorize.last_authorized', 0)) > 10) {

	//store the requested url
	$request->session()->put('reauthorize.requested_url', $request->route()->uri());

	//send to reauthorization page
	return redirect()->route('reauthorize');
	}

	//reset timer if we are already authorized
	$request->session()->put('reauthorize.last_authorized', strtotime('now'));

	//next layer
	return $next($request);
	}
	}
	//reauthorize
	Route::get('reauthorize', 'ReauthorizeController@reauthorize')->name('reauthorize');
	Route::post('reauthorize', 'ReauthorizeController@processReauthorize')->name('reauthorize.process');
	@extends('layouts.master')

	@section('content')

	<div class="container">

	<div class="row">

	<div class="col-12 col-sm-10 col-sm-offset-1 col-md-8 col-md-offset-2 col-lg-6 col-lg-offset-3 m-auto">

	<div class="text-center">
	<img src="/images/logo.png" />
	<h3 class="my-4">Confirm Password</h3>
	</div>

	<div class="text-center"></div>

	<div class="card">

	<div class="card-body">

	<form name="reauthorize" method="post" action="{{ route('reauthorize.process') }}">

	<!--hidden-->
	<input name="_token" type="hidden" value="{{ csrf_token() }}" />

	<!--password-->
	<div class="form-group row {{ validation_state($errors, ['password']) }}">
	<div class="col-12">
	<input name="password" type="password" class="form-control" id="password" placeholder="Password" autofocus value="" />
	</div>
	</div>

	<!--submit-->
	<div class="form-group row mb-0">
	<div class="col-12">
	<button name="submit" type="submit" id="submit" class="btn btn-primary btn-block">Confirm Password <i class="fa fa-check-circle"></i></button>
	</div>
	</div>

	</form>

	</div>

	</div>

	<div class="mt-2 px-3" style="font-size: 0.8rem; ">Tip: You are entering sudo mode. We won’t ask for your password again for a few hours. After you've performed a sudo-protected action, you'll only be asked to re-authenticate again after a few hours of inactivity. Every sudo-protected action resets this timer.</div>

	</div>

	</div>

	</div>

	@endsection