File "VerifyIntegrationToken.php"
Full Path: /var/www/html/back/app/Middleware/VerifyIntegrationToken.php
File size: 1.4 KB
MIME-type: text/x-php
Charset: utf-8
<?php
namespace App\Middleware;
use App\Models\System;
use Illuminate\Http\Request;
use Laravel\Sanctum\PersonalAccessToken;
use Closure;
class VerifyIntegrationToken
{
public function handle(Request $request, Closure $next)
{
// $modelId = $request->route('modelId');
$token = $request->bearerToken()
?? $request->header('X-Integration-Token')
?? $request->query('token');
if (!$token) {
return response()->json(['message' => 'Токен не передан'], 401);
}
$access = PersonalAccessToken::findToken($token);
// if ($access->tokenable_id != $modelId) {
// return response()->json(['message' => 'Неверный токен'], 401);
// }
if (!$access) {
return response()->json(['message' => 'Неверный токен'], 401);
}
if ($access->expires_at && $access->expires_at->isPast()) {
return response()->json(['message' => 'Токен истёк'], 401);
}
$tokenable = $access->tokenable;
if (!($tokenable instanceof System)) {
return response()->json(['message' => 'Недопустимый тип токена'], 403);
}
$tokenable->withAccessToken($access);
// $request->setUserResolver(fn() => $tokenable);
// Auth::setUser($tokenable);
return $next($request);
}
}