/** * Handle an incoming request. * * @param Request $request * @param Closure $next * @param string $action * @param string $resource * @return mixed */ public function handle(Request $request, Closure $next, $action, $resource = null) { $user = $this->jwtAuth->getUser(); $lock = $this->lock->makeCallerLockAware($user); if (!$user->can($action, $resource)) { throw new ForbiddenException(); } return $next($request); }
/** * Refresh a login token * * @return ApiResponse */ public function refresh() { $token = $this->jwtAuth->getTokenFromRequest(); // Get the user to make sure the token is fully valid $this->jwtAuth->getUser(); $token = $this->jwtAuth->refresh($token); return $this->getResponse()->transformer($this->getTransformer())->item($token); }