Файл: app/Http/Middleware/CheckToken.php
Строк: 23
<?php
namespace AppHttpMiddleware;
use AppModelsUser;
use Closure;
use IlluminateHttpRequest;
class CheckToken
{
/**
* Handle an incoming request.
*/
public function handle(Request $request, Closure $next)
{
$token = $request->bearerToken();
if (! $token) {
abort(400, 'Api token missing');
}
if (! $user = User::query()->where('apikey', $token)->first()) {
abort(401, 'Unauthorized');
}
if ($user->level === User::BANNED) {
abort(403, 'User banned');
}
auth()->setUser($user);
return $next($request);
}
}