Server : Apache System : Linux 145.162.205.92.host.secureserver.net 5.14.0-611.45.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Apr 1 05:56:53 EDT 2026 x86_64 User : tradze ( 1001) PHP Version : 8.1.34 Disable Function : NONE Directory : /home/tradze/public_html/dev-test/app/Http/Middleware/ |
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
class Authenticate
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
// Get token from header or query
$token = $request->bearerToken() ?: $request->query('api_token');
if ($token) {
$user = \App\User::where('api_token', $token)->first();
if ($user) {
Auth::setUser($user); // 👈 bind user manually
}
}
if (!Auth::check()) {
if($request->is('api/*')){
return response()->json([
'success' => false,
'message' => 'Unauthorized',
'from' => $request->is('api/*')
], 401);
}else{
return redirect()->guest('/login');
}
}
return $next($request);
}
}