Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Middleware/AuthenticateReseller.php
- This file was copied from src/app/Http/Middleware/AuthenticateAdmin.php.
| <?php | <?php | ||||
| namespace App\Http\Middleware; | namespace App\Http\Middleware; | ||||
| use Closure; | use Closure; | ||||
| class AuthenticateAdmin | class AuthenticateReseller | ||||
| { | { | ||||
| /** | /** | ||||
| * Handle an incoming request. | * Handle an incoming request. | ||||
| * | * | ||||
| * @param \Illuminate\Http\Request $request | * @param \Illuminate\Http\Request $request | ||||
| * @param \Closure $next | * @param \Closure $next | ||||
| * @return mixed | * @return mixed | ||||
| */ | */ | ||||
| public function handle($request, Closure $next) | public function handle($request, Closure $next) | ||||
| { | { | ||||
| $user = auth()->user(); | $user = auth()->user(); | ||||
| if (!$user) { | if (!$user) { | ||||
| abort(401, "Unauthorized"); | |||||
| } | |||||
| if ($user->role !== "reseller") { | |||||
| abort(403, "Unauthorized"); | abort(403, "Unauthorized"); | ||||
| } | } | ||||
| if ($user->role !== "admin") { | if ($user->tenant_id != \config('app.tenant_id')) { | ||||
| abort(403, "Unauthorized"); | abort(403, "Unauthorized"); | ||||
| } | } | ||||
| return $next($request); | return $next($request); | ||||
| } | } | ||||
| } | } | ||||