/**
* Verify the incoming request's user belongs to team.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return \Illuminate\Http\Response
*/
public function handle($request, $next)
{
if (!backend_auth()->check()) {
if ($user = \Auth::guard('api')->user()) {
backend_auth()->setUser($user);
$response = $next($request);
$response->withCookie($this->repository->createCookie($user->token()));
return $response;
}
}
return $next($request);
}
/**
* Get the token for the given request cookie.
*
* @param Request $request
* @return Token
*/
protected function getTokenFromCookie($request)
{
// If we need to retrieve the token from the cookie, it'll be encrypted so we must
// first decrypt the cookie and then attempt to find the token value within the
// database. If we can't decrypt the value we'll bail out with a null return.
try {
$token = JWT::decode($request->cookie('kodicms_token'));
} catch (Exception $e) {
return;
}
return $this->tokens->valid($token['token']);
}
/**
* @param TokenRepository $repository
*/
public function deleteKey(TokenRepository $repository)
{
$key = $this->getRequiredParameter('key');
$this->setContent((bool) $repository->deleteForUser($this->currentUser, $key));
}