I am currently developing and application that has an API which I want to be accessible through middleware that will check if the user is authenticated using either Laravel's default Auth middleware and Tymone's JWT.Auth token based middleware so requests can be authenticated either of the ways.
I can work out how to have one or the other but not both, how could I do this? I'm thinking I need to create a custom middleware that uses these existing middlewares?
I am using Laravel 5.1
Thanks
Turns out I did need to make my own middleware which was easier than I thought:
<?php
namespace App\Http\Middleware;
use Auth;
use JWTAuth;
use Closure;
class APIMiddleware {
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next) {
try {
$jwt = JWTAuth::parseToken()->authenticate();
} catch (\Tymon\JWTAuth\Exceptions\JWTException $e) {
$jwt = false;
}
if (Auth::check() || $jwt) {
return $next($request);
} else {
return response('Unauthorized.', 401);
}
}
}
Then I use this middleware on my api route group like so after registering in the kernel:
Route::group(['prefix' => 'api', 'middleware' => ['api.auth']], function() {
I think you can use Route::group in your routes.php file and define the middlewares you want to use in an array.
Route::group(['middleware' => ['auth', 'someOtherMiddleware']], function()
{
Route::get('api/somethinglist', function(){
return App\Something::all();
});
});
If I'm not mistaken all routes defined within that route group is checked against the middleware(s) you specify in the array.
来源:https://stackoverflow.com/questions/34921430/laravel-middleware-auth-for-api