/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, \Closure $next)
{
try {
$userAndKey = $this->key->extractKeyAndUser($request);
if ($userAndKey) {
/** @var User $user */
$user = $userAndKey['user'];
if ($user->isDisabled()) {
abort(403, 'User is disabled');
}
$this->manager->setUser($user);
}
return $next($request);
} catch (InvalidAuthException $e) {
abort(401, $e->getMessage());
}
abort(401, 'User could not be found.');
}
public function __construct(Request $request, Guard $auth)
{
// TODO: Add API keys and check here
// Check the session token and authenticate the user.
if ($sessionToken = $request->get('sessionToken')) {
$user = $this->validateSessionToken($sessionToken);
$auth->setUser($user);
}
parent::__construct($request, $auth);
}
/**
* Set the current user.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user
* @return void
* @static
*/
public static function setUser($user)
{
\Illuminate\Auth\Guard::setUser($user);
}
/**
* Set the current user of the application.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user
*/
public function setUser(UserContract $user)
{
parent::setUser($user);
$this->resetRolesAndPermissions();
$this->setRolesAndPermissions($user);
}
/**
* Set the current user.
*
* @param UserModel $user
*/
public function setCurrentUser(UserModel $user)
{
$this->auth->setUser($user);
}
public function __construct(Request $request, Guard $auth)
{
// TODO: Add API keys and check here
if ($sessionKey = $request->get('sessionKey')) {
/** @var UserSession $session */
$session = UserSession::find($sessionKey);
if (!$session) {
throw new NotFoundHttpException("The given sessionKey is invalid.");
}
if (!$session->user) {
throw new NotFoundHttpException("The user for that session could not be found.");
}
// Login the user just for this request.
$auth->setUser($session->user);
}
parent::__construct($request, $auth);
}
