add api token

This commit is contained in:
Jurgis Sakalauskas
2025-01-11 11:50:04 +02:00
parent 9a87526982
commit f44d21a9be
3 changed files with 30 additions and 0 deletions
+2
View File
@@ -12,3 +12,5 @@ GOOGLE_APPLICATION_CREDENTIALS=/var/www/html/auth.json
GOOGLE_CLOUD_PROJECT= GOOGLE_CLOUD_PROJECT=
GOOGLE_LOCATION=us-central1 GOOGLE_LOCATION=us-central1
GOOGLE_IMAGEN_MODEL=imagen-3.0-fast-generate-001 GOOGLE_IMAGEN_MODEL=imagen-3.0-fast-generate-001
API_AUTH_TOKEN=
+1
View File
@@ -42,6 +42,7 @@ class Kernel extends HttpKernel
// \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class, // \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
\Illuminate\Routing\Middleware\ThrottleRequests::class.':api', \Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
\Illuminate\Routing\Middleware\SubstituteBindings::class, \Illuminate\Routing\Middleware\SubstituteBindings::class,
\App\Http\Middleware\EnsureTokenIsValid::class,
], ],
]; ];
@@ -0,0 +1,27 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class EnsureTokenIsValid
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
$requestToken = $request->header('token') ?? $request->input('token');
$token = env('API_AUTH_TOKEN');
if (!$requestToken || !$token || $requestToken !== $token) {
return (new JsonResponse(['error' => 'Unauthorized']))->setStatusCode(Response::HTTP_UNAUTHORIZED);
}
return $next($request);
}
}