/** * Make the current resource owner (access_token or Authorization header) * the current authenticated user in Laravel. * * @return void */ protected function bootAuthResourceOwner() { if (config('api.auth_resource_owner', true) && !Auth::check() && Request::input('access_token', Request::header('Authorization'))) { if ($user_id = Authentication::instance()->userId()) { Auth::onceUsingId($user_id); } } }
/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle($request, Closure $next) { if (Auth::guest()) { Auth::onceUsingId(Crypt::decrypt(request()->input('_user'))); } if (Auth::user()) { return $next($request); } else { Response::make('No Autorizado', 401); } }