/**
* Handle an incoming request.
*
* @param Request $request
* @param Closure $next
* @param string $action
* @param string $resource
* @return mixed
*/
public function handle(Request $request, Closure $next, $action, $resource = null)
{
$user = $this->jwtAuth->getUser();
$lock = $this->lock->makeCallerLockAware($user);
if (!$user->can($action, $resource)) {
throw new ForbiddenException();
}
return $next($request);
}
/**
* Refresh a login token
*
* @return ApiResponse
*/
public function refresh()
{
$token = $this->jwtAuth->getTokenFromRequest();
// Get the user to make sure the token is fully valid
$this->jwtAuth->getUser();
$token = $this->jwtAuth->refresh($token);
return $this->getResponse()->transformer($this->getTransformer())->item($token);
}
