fipamo/app/Http/Middleware/ValidateAPIToken.php
ro 4113418c83
reorganized api, added token validation
regrouped api calls for better organization and to add a bit more
security. it now checks to make sure the incoming token matches the
current session to authorize requests
2024-07-06 17:41:32 -06:00

30 lines
783 B
PHP

<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class ValidateAPIToken
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
$token = $request->header('fipamo-access-token');
if ($token == session('token')) {
return $next($request);
} else {
$response = [
'message' => "API Auth Fail",
'type' => 'postError',
];
return response()->json($response)->header('Content-Type', 'application/json');
}
}
}