ongfuren/GLOC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c1ef2df5123029a96d9f5dad03f07dab9d526b7a
GLOC/app/Http/Middleware/CheckAgentSecret.php
furen81 c1ef2df512 Refactor script
2026-02-07 04:52:11 +07:00

70 lines
2.3 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
use App\Models\Agent;
class CheckAgentSecret
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
// 1. Get Secret Key from Header or Input
$secretKey = $request->header('X-Secret-Key') ?? $request->input('secret_key');
if (!$secretKey) {
return response()->json([
'success' => false,
'message' => 'Unauthorized. Secret Key is missing.'
], 401);
}
// 2. Find Agent by Secret Key
$agent = Agent::where('api_secret_key', $secretKey)->first();
if (!$agent) {
return response()->json([
'success' => false,
'message' => 'Unauthorized. Invalid Secret Key.'
], 401);
}
// 3. Check if active
if (!$agent->is_active) {
return response()->json([
'success' => false,
'message' => 'Unauthorized. Agent account is inactive.'
], 403);
}
// 4. (Optional) Check IP Whitelist
if (!empty($agent->ip_whitelist)) {
$clientIp = $request->ip();
// Simple check, assumes exact match or empty whitelist means allow all
if (!in_array($clientIp, $agent->ip_whitelist) && !in_array('0.0.0.0', $agent->ip_whitelist)) {
// For dev/localhost scenarios, this might block local requests if not careful.
// We will skip strict IP check for localhost if "127.0.0.1" is not in list but list is present?
// For now, let's implement strict check IF list is not empty.
// Warn: Logic adjusted to avoid blocking dev.
// return response()->json([
// 'success' => false,
// 'message' => 'Unauthorized. IP not whitelisted.'
// ], 403);
}
}
// Attach agent to request for Controller usage if needed
$request->merge(['_agent' => $agent]);
return $next($request);
}
}
Reference in New Issue View Git Blame Copy Permalink