public function run(Request $request, Application $app) { $isDebug = isEnv('local'); $token = self::getHeader(self::AUTHTOKEN_KEY); $user = User::findByValidToken($token); if (empty($user) && $isDebug) { $user = User::resolve(['email' => '*****@*****.**']); } if (empty($user)) { self::failAuthResponse($app, "Invalid Token or Session Expired!"); } $user->refreshToken(); //alias $aliasReq = self::getAliasReq(); if (!empty($aliasReq) && ($isDebug || $user->isAdmin())) { $alias = User::resolve($aliasReq); if (empty($alias)) { self::failAuthResponse($app, "Cannot match this alias!"); } Session::setAlias($alias); } Session::setUser($user); }