mirror of
https://github.com/sakaljurgis/actions-api.git
synced 2026-07-08 22:07:40 +00:00
add api token
This commit is contained in:
@@ -42,6 +42,7 @@ class Kernel extends HttpKernel
|
||||
// \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
|
||||
\Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
|
||||
\Illuminate\Routing\Middleware\SubstituteBindings::class,
|
||||
\App\Http\Middleware\EnsureTokenIsValid::class,
|
||||
],
|
||||
];
|
||||
|
||||
|
||||
@@ -0,0 +1,27 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use Illuminate\Http\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class EnsureTokenIsValid
|
||||
{
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
|
||||
*/
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
$requestToken = $request->header('token') ?? $request->input('token');
|
||||
$token = env('API_AUTH_TOKEN');
|
||||
if (!$requestToken || !$token || $requestToken !== $token) {
|
||||
return (new JsonResponse(['error' => 'Unauthorized']))->setStatusCode(Response::HTTP_UNAUTHORIZED);
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user