Change header from Authorization to X-API-KEY to avoid Apache issues

This commit is contained in:
Nabeel Shahzad
2017-12-30 13:31:11 -06:00
parent 41227d3fdb
commit 5e32bcc52d
3 changed files with 12 additions and 8 deletions

View File

@@ -22,13 +22,15 @@ class ApiAuth
public function handle($request, Closure $next)
{
// Check if Authorization header is in place
$auth = $request->header('Authorization', null);
if($auth === null) {
return $this->unauthorized('Authorization header missing');
$api_key = $request->header('x-api-key', null);
if($api_key === null) {
$api_key = $request->header('Authorization', null);
if ($api_key === null) {
return $this->unauthorized('X-API-KEY header missing');
}
}
// Try to find the user via API key. Cache this lookup
$api_key = $request->header('Authorization');
$user = User::where('api_key', $api_key)->first();
if($user === null) {
return $this->unauthorized('User not found with key "'.$api_key.'"');