mgsmus söyle auth:api kullanmadım söyle bir middleware tanımladım;
public` function handle($request, Closure $next)
{
$response = response([
'status' => '403',
'error' => 'Unauthenticated request'
])->setStatusCode(403);
if(!$request->has('AuthToken') || !$request->has('AuthUser'))
return $response;
$authToken = $request->get('AuthToken');
$authUser = $request->get('AuthUser');
if(!$this->checkToken($authToken,$authUser))
return $response;
return $next($request);
}
private function checkToken($AuthToken,$AuthUser){
$user = User::whereApiToken($AuthToken)->get();
if(!$user->count())
return false;
if($user->first()->name != $AuthUser)
return false;
return true;
}
Route olarakta;
Route::middleware("check.token")->get('/product','ProductController@index');
kullandım.
mapApiRoutes methodunada cors middleware ni ekledim;
public function handle($request, Closure $next)
{
return $next($request)
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Methods', '*')
->header('Access-Control-Allow-Headers', '*');
}