protected function performChecks() { $token = $this->request->getHeader(Config::get('app.authHeader')); if (empty($token)) { throw new UnAuthorizedException('Missing Header'); } $this->userId = UserToken::getValidUserId($token, $this->request->getAttribute('ip_address')); if (empty($this->userId)) { // Log attempt then remove token? throw new UnAuthorizedException('Unauthorized'); } }