51 lines
1.4 KiB
PHP
51 lines
1.4 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Middleware;
|
|
|
|
use Closure;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\DB;
|
|
use App\Models\Member;
|
|
|
|
class ApiKeyMiddleware
|
|
{
|
|
public function handle(Request $request, Closure $next)
|
|
{
|
|
$apiKey = $request->header('X-API-KEY');
|
|
|
|
$validApiKey = false;
|
|
|
|
// 1. API 키가 유효한지 확인
|
|
if ($apiKey) {
|
|
$validApiKey = DB::table('api_keys')
|
|
->where('key', $apiKey)
|
|
->where('is_active', true)
|
|
->exists();
|
|
|
|
// 2. 회원 인증 (remember_token으로)
|
|
if (!$validApiKey) {
|
|
$user = Member::where('remember_token', $apiKey)->first();
|
|
|
|
if ($user) {
|
|
$validApiKey = true;
|
|
|
|
// ✅ 세션에 유저 정보 저장
|
|
session(['Adm' => [
|
|
'idx' => $user->mb_num,
|
|
'id' => $user->mb_id,
|
|
'name' => $user->mb_name,
|
|
'level' => $user->mb_level,
|
|
'token' => $user->remember_token,
|
|
]]);
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!$validApiKey) {
|
|
return response()->json(['message' => 'Unauthorized. Invalid or missing API key or token'], 401);
|
|
}
|
|
|
|
return $next($request);
|
|
}
|
|
}
|