62 lines
1.6 KiB
PHP
62 lines
1.6 KiB
PHP
|
<?php
|
||
|
|
||
|
namespace App\Http\Middleware;
|
||
|
|
||
|
use App\ApiKey;
|
||
|
use App\Facades\JSON;
|
||
|
use Carbon\Carbon;
|
||
|
use Closure;
|
||
|
use Illuminate\Http\Request;
|
||
|
use Illuminate\Support\Facades\Hash;
|
||
|
use Illuminate\Support\Facades\Log;
|
||
|
use Illuminate\Support\Str;
|
||
|
|
||
|
class APIAuthenticationMiddleware
|
||
|
{
|
||
|
/**
|
||
|
* Handle an incoming request.
|
||
|
*
|
||
|
* @param \Illuminate\Http\Request $request
|
||
|
* @param \Closure $next
|
||
|
* @return mixed
|
||
|
*/
|
||
|
public function handle(Request $request, Closure $next)
|
||
|
{
|
||
|
$key = $request->bearerToken();
|
||
|
|
||
|
if (!is_null($key))
|
||
|
{
|
||
|
// we have a valid discriminator
|
||
|
$discriminator = Str::before($key, '.');
|
||
|
$loneKey = Str::after($key, '.');
|
||
|
|
||
|
$keyRecord = ApiKey::where('discriminator', $discriminator)->first();
|
||
|
|
||
|
if ($keyRecord && Hash::check($loneKey, $keyRecord->secret) && $keyRecord->status == 'active')
|
||
|
{
|
||
|
Log::alert('API Authentication Success', [
|
||
|
'discriminator' => $discriminator
|
||
|
]);
|
||
|
|
||
|
$keyRecord->last_used = Carbon::now();
|
||
|
$keyRecord->save();
|
||
|
|
||
|
return $next($request);
|
||
|
}
|
||
|
|
||
|
return JSON::setResponseType('error')
|
||
|
->setStatus('authfail')
|
||
|
->setMessage('Invalid / Revoked API key.')
|
||
|
->setCode(401)
|
||
|
->build();
|
||
|
}
|
||
|
|
||
|
return JSON::setResponseType('error')
|
||
|
->setStatus('malformed_key')
|
||
|
->setMessage('Missing or malformed API key.')
|
||
|
->setCode(400)
|
||
|
->build();
|
||
|
|
||
|
}
|
||
|
}
|