FFXIV/FFXIV_Lodestone_Handler
2
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases Wiki Activity
f5382aa16d
FFXIV_Lodestone_Handler/app/Http/Middleware/ApiAuthorization.php
Daniel-I-Am dc01409fbc
Fix my logic
2020-08-29 15:25:39 +02:00

39 lines
986 B
PHP
Raw Blame History

<?php
namespace App\Http\Middleware;
use App\AuthToken;
use Closure;
class ApiAuthorization
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
// During debug mode disable this check
if (!config('chaosapi.middleware-enabled')) return $next($request);
// Get the Authorization header
$authHeader = $request->header('Authorization');
// Check if header present or header malformed
if ($authHeader === null) return abort(403);
if (!str_starts_with($authHeader, 'Bearer ')) return abort(400);
$authToken = substr($authHeader, 7);
$dbAuthToken = AuthToken::where('token', $authToken)->first();
// Check token in DB
if ($dbAuthToken === null) return abort(401);
// Valid request
return $next($request);
}
}
Reference in New Issue View Git Blame Copy Permalink