I'm building an API in Laravel. The API is accessible from a front end page, using an access key. In my database I've saved the users of this API with their own access key. This key is obtained from Facebook by using the Socialite plugin.
When a user makes a request through an AJAX call (to modify the database), this request should be checked for the access key. The access key should then be found in the users table to find the right user. It actually comes down to two questions:
- How can the access key be 'intercepted' from the request? Do I do this through middleware?
- When the right user is found in the table, how do I set this user globally or pass the user to the right controller that is connected to the route?
For example when a user wants to add a new item to the database, the route is like this:
Route::post('items', 'ItemController@add')->middleware('tokencheck');
I've created a middleware 'tokencheck' that should find the token from the request, but I'm not sure about the usage of middleware in this case. After passing this check, the user should be found in the database and passed to the ItemController@add. How do I pass this value?
Thank you!
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire