/** * This method checks if the logged user has a role that allows to get the request. * * @param Request $request The request. * * @return bool True if the user is allowed. False otherwise. */ public function isUserAllowed(Request $request) { // Get token $token = Token::getTokenFromRequest($request); if (!$token) { return false; } // Get user in cache $serializeUser = Cache::get($token); $user = unserialize($serializeUser); // Get rol name $role = Role::find($user->role_id); $rolename = $role->name; // Get allowed roles for the request $actions = $request->route(); $allowedRoles = $actions[1]; // check if (in_array($rolename, $allowedRoles['roles'])) { return true; } return false; }
/** * Check that the request comes with a valid token. * * @param Request $request The request. * * @return bool True if there is a valid token in the request. False otherwise. */ public function checkAuthorization(Request $request) { $token = Token::getTokenFromRequest($request); return Token::existToken($token); }