private function authenticateApiRequest() { $resource = $this->app['oauth_resource']; $request = Request::createFromGlobals(); $response = new Response(); if ($resource->verifyResourceRequest($request, $response)) { $tokenData = $resource->getResourceController()->getToken(); // replace current user with the user from the access token $userModel = Auth::USER_MODEL; $user = $this->app['user'] = new $userModel($tokenData['user_id'], true); // use the authenticated user as the requester for model permissions Model::configure(['requester' => $user]); } else { $response->send(); exit; } }