/**
* Perform authentication before a request is executed.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param $grant
*
* @return mixed
* @throws AccessDeniedException
*/
public function handle($request, Closure $next, $grant = null)
{
$route = $this->router->getCurrentRoute();
/**
* FOR (Internal API requests)
* @note GRANT(user) will always be able to access routes that are protected by: GRANT(client)
*
* For OAuth grants from password (i.e. Resource Owner: user)
* @Auth will only check once, because user exists in auth afterwards
*
* For OAuth grants from client_credentials (i.e. Resource Owner: client)
* @Auth will always check, because user is never exists in auth
*/
if (!$this->auth->check(false)) {
$this->auth->authenticate($route->getAuthenticationProviders());
$provider = $this->auth->getProviderUsed();
/** @var OAuth2 $provider */
if ($provider instanceof OAuth2) {
// check oauth grant type
if (!is_null($grant) && $provider->getResourceOwnerType() !== $grant) {
throw new AccessDeniedException();
}
}
// login user through Auth
$user = $this->auth->getUser();
if ($user instanceof User) {
\Auth::login($user);
event(new UserLoggedInEvent($user));
}
}
return $next($request);
}
/**
* Perform authentication before a request is executed.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next)
{
$route = $this->router->getCurrentRoute();
if (!$this->auth->check(false)) {
$this->auth->authenticate($route->getAuthProviders());
}
return $next($request);
}
/**
* Refresh the request stack.
*
* This is done by resetting the authentication, popping
* the last request from the stack, replacing the input,
* and resetting the version and parameters.
*
* @return void
*/
protected function refreshRequestStack()
{
if (!$this->persistAuthentication) {
$this->auth->setUser(null);
$this->persistAuthentication = true;
}
if ($route = array_pop($this->routeStack)) {
$this->router->setCurrentRoute($route);
}
$this->replaceRequestInstance();
$this->clearCachedFacadeInstance();
$this->raw = false;
$this->version = $this->domain = $this->content = null;
$this->parameters = $this->uploads = [];
}
/**
* Create new note
* @param Request $request
* @param Auth $auth
* @return Response
*/
public function store(Auth $auth)
{
$this->validate($this->request, ['title' => 'required|max:255', 'content' => 'required']);
$data = ['title' => $this->request->input('title'), 'content' => $this->request->input('content'), 'user_id' => $auth->user()->id];
$this->noteRepository->create($data);
}
/**
* Extend the authentication layer with a custom provider.
*
* @author Morten Rugaard <*****@*****.**>
*
* @param string $key
* @param object|callable $provider
* @return \Nodes\Api\Auth
*/
public function extend($key, $provider)
{
parent::extend($key, $provider);
return $this;
}
