diff --git a/app/Api/v1/ApiController.php b/app/Api/v1/ApiController.php index 28f3c161e..13b9bb61f 100644 --- a/app/Api/v1/ApiController.php +++ b/app/Api/v1/ApiController.php @@ -59,7 +59,7 @@ class ApiController extends Controller { $this->request = $request; - $this->middleware('jwt.auth'); + $this->middleware('jwt.authOveride'); $this->middleware('api', ['except' => 'GenerateApiKey']); try { diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index ad44346df..d5d746839 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -48,23 +48,24 @@ class Kernel extends HttpKernel * @var array */ protected $routeMiddleware = [ - 'auth' => \App\Http\Middleware\Authenticate::class, - 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, - 'can' => \Illuminate\Auth\Middleware\Authorize::class, - 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, - 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, - 'roles' => \App\Http\Middleware\CheckRole::class, - 'role.agent' => \App\Http\Middleware\CheckRoleAgent::class, - 'role.user' => \App\Http\Middleware\CheckRoleUser::class, - 'api' => \App\Http\Middleware\ApiKey::class, - 'jwt.auth' => \Tymon\JWTAuth\Middleware\GetUserFromToken::class, - 'jwt.refresh' => \Tymon\JWTAuth\Middleware\RefreshToken::class, - 'update' => \App\Http\Middleware\CheckUpdate::class, - 'board' => \App\Http\Middleware\CheckBoard::class, - 'install' => \App\Http\Middleware\Install::class, - 'redirect' => \App\Http\Middleware\Redirect::class, - 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, - 'installer' => \App\Http\Middleware\IsInstalled::class, - 'force.option' => \App\Http\Middleware\TicketViewURL::class, + 'auth' => \App\Http\Middleware\Authenticate::class, + 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, + 'can' => \Illuminate\Auth\Middleware\Authorize::class, + 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, + 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, + 'roles' => \App\Http\Middleware\CheckRole::class, + 'role.agent' => \App\Http\Middleware\CheckRoleAgent::class, + 'role.user' => \App\Http\Middleware\CheckRoleUser::class, + 'api' => \App\Http\Middleware\ApiKey::class, + 'jwt.auth' => \Tymon\JWTAuth\Middleware\GetUserFromToken::class, + 'jwt.refresh' => \Tymon\JWTAuth\Middleware\RefreshToken::class, + 'jwt.authOveride' => \App\Http\Middleware\JwtAuthenticate::class, + 'update' => \App\Http\Middleware\CheckUpdate::class, + 'board' => \App\Http\Middleware\CheckBoard::class, + 'install' => \App\Http\Middleware\Install::class, + 'redirect' => \App\Http\Middleware\Redirect::class, + 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, + 'installer' => \App\Http\Middleware\IsInstalled::class, + 'force.option' => \App\Http\Middleware\TicketViewURL::class, ]; } diff --git a/app/Http/Middleware/JwtAuthenticate.php b/app/Http/Middleware/JwtAuthenticate.php new file mode 100644 index 000000000..d2e6ec2a4 --- /dev/null +++ b/app/Http/Middleware/JwtAuthenticate.php @@ -0,0 +1,49 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace App\Http\Middleware; + +use Closure; +use Tymon\JWTAuth\Http\Middleware\BaseMiddleware; + +/** + * Middleware to handle JWT Authentication for the API call which requires + * a valid token + * + * @author Manish Verma + * @since v1.10 + */ +class JwtAuthenticate extends BaseMiddleware +{ + /** + * Handle an incoming request. + * + * @param \Illuminate\Http\Request $request + * @param \Closure $next + * + * @throws \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException + * + * @return mixed + */ + public function handle($request, Closure $next) + { + try { + $this->authenticate($request); + + return $next($request); + } catch (\Exception $e) { + + return response( + ['success' => false, 'message' => $e->getMessage()], + $e->getStatusCode() + ); + } + } +}