diff --git a/api-nodes/Http/Middleware/AgentTokenAuth.php b/api-nodes/Http/Middleware/AgentTokenAuth.php index 9c0cb6d..fdd0031 100644 --- a/api-nodes/Http/Middleware/AgentTokenAuth.php +++ b/api-nodes/Http/Middleware/AgentTokenAuth.php @@ -24,9 +24,13 @@ public function handle(Request $request, Closure $next): Response $token = $request->header(self::AUTH_HEADER); if (!$token) { + if ($request->bearerToken()) { + return $next($request); + } + return response()->json([ 'message' => 'Unauthorized' - ], 401); + ], 403); } $node = Node::withoutGlobalScope(TeamScope::class)->with('team')->whereAgentToken($token)->firstOrFail(); diff --git a/bootstrap/app.php b/bootstrap/app.php index ffb0b45..c4a8bc4 100644 --- a/bootstrap/app.php +++ b/bootstrap/app.php @@ -1,5 +1,6 @@ trustProxies('*'); $middleware + ->api(prepend: [ + AgentTokenAuth::class, + ]) ->web(append: [ HandleInertiaRequests::class, AddLinkHeadersForPreloadedAssets::class, diff --git a/routes/api.php b/routes/api.php index a9d8a06..39ef222 100644 --- a/routes/api.php +++ b/routes/api.php @@ -7,7 +7,7 @@ use App\Api\Controllers\ServiceController; use Illuminate\Support\Facades\Route; -Route::group(['prefix' => '/_nodes/v1', 'middleware' => [AgentTokenAuth::class]], function () { +Route::group(['prefix' => '/_nodes/v1'], function () { Route::group(['prefix' => '/events'], function () { Route::post('/started', [EventController::class, 'started']); });