55 lines
1.2 KiB
PHP
55 lines
1.2 KiB
PHP
<?php
|
|
|
|
namespace Modules\Api\Http\Middleware;
|
|
|
|
use Carbon\Carbon;
|
|
use Closure;
|
|
use Illuminate\Http\Request;
|
|
use Modules\Api\Entities\ApiToken;
|
|
|
|
class ApiAuthorization
|
|
{
|
|
/**
|
|
* @param \Illuminate\Http\Request $request
|
|
* @param \Closure $next
|
|
* @param string $permission
|
|
* @param string $to
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function handle(Request $request, Closure $next)
|
|
{
|
|
if ($this->hasAccess($request)) {
|
|
return $next($request);
|
|
}
|
|
return $this->handleUnauthorizedRequest($request);
|
|
}
|
|
|
|
/**
|
|
* @param \Illuminate\Http\Request $request
|
|
* @param string $permission
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
private function handleUnauthorizedRequest(Request $request)
|
|
{
|
|
return response()->json([
|
|
'status' => 'Unauthorized.'
|
|
], 401);
|
|
}
|
|
|
|
private function hasAccess(Request $request)
|
|
{
|
|
$token = $request->header('authorization');
|
|
|
|
$hasToken = ApiToken::query()
|
|
->where('token', $token)
|
|
->exists();
|
|
|
|
if (!empty($token) && $hasToken) {
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
|
|
}
|