/**
* {@inheritdoc}
*/
public function __invoke(Request $request, Response $response, callable $out = null)
{
$header = $request->getHeaderLine('authorization');
$parts = explode(';', $header);
if (isset($parts[0]) && starts_with($parts[0], $this->prefix)) {
$token = substr($parts[0], strlen($this->prefix));
if ($accessToken = AccessToken::valid($token)) {
$this->app->instance('flarum.actor', $user = $accessToken->user);
$user->updateLastSeen()->save();
} elseif (isset($parts[1]) && ($apiKey = ApiKey::valid($token))) {
$userParts = explode('=', trim($parts[1]));
if (isset($userParts[0]) && $userParts[0] === 'userId') {
$this->app->instance('flarum.actor', $user = User::find($userParts[1]));
}
}
}
return $out ? $out($request, $response) : $response;
}
