Added testing coverage to API token auth

2025-06-04 08:54:33 +08:00 · 2019-12-30 19:42:46 +00:00
parent 6f1b88a6a6
commit 3d11cba223
8 changed files with 126 additions and 7 deletions
--- a/app/Api/ApiTokenGuard.php
+++ b/app/Api/ApiTokenGuard.php
@ -150,4 +150,11 @@ class ApiTokenGuard implements Guard
        return Hash::check($credentials['secret'], $token->secret);
    }

+    /**
+     * "Log out" the currently authenticated user.
+     */
+    public function logout()
+    {
+        $this->user = null;
+    }
 }
--- a/app/Auth/Role.php
+++ b/app/Auth/Role.php
@ -72,7 +72,7 @@ class Role extends Model
     */
    public function detachPermission(RolePermission $permission)
    {
-        $this->permissions()->detach($permission->id);
+        $this->permissions()->detach([$permission->id]);
    }

    /**
--- a/app/Http/Middleware/ApiAuthenticate.php
+++ b/app/Http/Middleware/ApiAuthenticate.php
@ -35,7 +35,7 @@ class ApiAuthenticate
        }

        if ($this->awaitingEmailConfirmation()) {
-            return $this->emailConfirmationErrorResponse($request);
+            return $this->emailConfirmationErrorResponse($request, true);
        }

        return $next($request);
--- a/app/Http/Middleware/ChecksForEmailConfirmation.php
+++ b/app/Http/Middleware/ChecksForEmailConfirmation.php
@ -26,9 +26,9 @@ trait ChecksForEmailConfirmation
     * Provide an error response for when the current user's email is not confirmed
     * in a system which requires it.
     */
-    protected function emailConfirmationErrorResponse(Request $request)
+    protected function emailConfirmationErrorResponse(Request $request, bool $forceJson = false)
    {
-        if ($request->wantsJson()) {
+        if ($request->wantsJson() || $forceJson) {
            return response()->json([
                'error' => [
                    'code' => 401,