public function before(Request $request, Application $app) { $ip = $request->getClientIp(); if ($this->isNotWhitelisted($ip)) { $app->abort(403, 'Forbidden! ' . $ip); } }
public function before(Request $request, Application $app) { if (!$request->headers->get('X-Authentication-Token')) { $app->abort(401, 'Not authenticated. Header X-Authentication-Token missing.'); } $token = $request->headers->get('X-Authentication-Token'); if (!$this->isAuthorized($token, $app)) { $msg = sprinf('Not authenticated. X-Authentication-Token %s is not authorized.', $token); $app->abort(401, $msg); } }