28 lines
769 B
PHP
28 lines
769 B
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use Laravel\Sanctum\Http\Middleware\CheckForAnyAbility;
|
|
|
|
class ApiAbility extends CheckForAnyAbility
|
|
{
|
|
public function handle($request, $next, ...$abilities)
|
|
{
|
|
try {
|
|
if ($request->user()->tokenCan('root')) {
|
|
return $next($request);
|
|
}
|
|
|
|
return parent::handle($request, $next, ...$abilities);
|
|
} catch (\Illuminate\Auth\AuthenticationException $e) {
|
|
return response()->json([
|
|
'message' => 'Unauthenticated.',
|
|
], 401);
|
|
} catch (\Exception $e) {
|
|
return response()->json([
|
|
'message' => 'Missing required permissions: '.implode(', ', $abilities),
|
|
], 403);
|
|
}
|
|
}
|
|
}
|