public function testVerify_ok() { $sr = \Mockery::mock(SR::class)->makePartial(); $ac = new AC($sr); $r = $ac->verify(); $this->assertInstanceOf(JsonResponse::class, $r); $this->assertSame(200, $r->getStatusCode()); $this->assertSame(':)', $r->getData()); }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ public function handle($request, Closure $next) { //We don't know how we going to get user and password of the DOTW-API. //The best practices are that it must be in URL, but it's a problem because //we received the request, we can't proccess the URL //In this case we enter the user and the password on the body of the request. //It must be encrypted. // Firstly check if user:password is in caché. If not is in caché //(ElastiCaché in AWS), make new request to authorize of the DOWT API. //* If token has expired make new request to authorize of the DOWT API. //* If token is correct pass $request to Closure $next /*if($request->getUser() != env('API_USERNAME') && $request->getPassword() != env('API_PASSWORD')) { $headers = array('WWW-Authenticate' => 'Basic'); return response('Unauthorized', 401, $headers); }*/ if (!$this->authController->checkAuthorization($request)) { return response('Unauthorized.', 401); } return $next($request); }
public function isAdmin() { $user = AuthController::getAuthenticatedUser(); return $user->admin; }