/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$key = $request->header('token');
if (empty($key)) {
return response('Unauthorized.', 401);
}
$apiKeyModel = new ApiKey();
$apiKey = $apiKeyModel->getByKey($key);
if (empty($apiKey)) {
return response('Unauthorized.', 401);
}
return $next($request);
}
protected function checkAdmin(Request $request)
{
$key = $request->header('token');
if (empty($key)) {
abort(401, 'Ej, ej, nisi admin!');
}
$apiKeyModel = new ApiKey();
$apiKey = $apiKeyModel->getByKey($key);
if (empty($apiKey)) {
abort(401, 'Ej, ej, nisi admin!');
}
$user = User::find($apiKey->user_id);
if (empty($user)) {
abort(401, 'Ej, ej, nisi admin!');
}
if (!$user->admin) {
abort(401, 'Ej, ej, nisi admin!');
}
}
