koel/app/Providers/AuthServiceProvider.php

<?php

namespace App\Providers;

use App\Models\User;
use App\Services\TokenManager;
use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Validation\Rules\Password;

class AuthServiceProvider extends ServiceProvider
{
    public function boot(): void
    {
        $this->registerPolicies();

        Auth::viaRequest('token-via-query-parameter', static function (Request $request): ?User {
            /** @var TokenManager $tokenManager */
            $tokenManager = app(TokenManager::class);

            $token = $request->get('api_token') ?: $request->get('t');

            return $tokenManager->getUserFromPlainTextToken($token ?: '');
        });

        $this->setPasswordDefaultRules();
    }

    private function setPasswordDefaultRules(): void
    {
        Password::defaults(fn (): Password => $this->app->isProduction()
            ? Password::min(10)->letters()->numbers()->symbols()->uncompromised()
            : Password::min(6));
    }
}
Big Bang 2015-12-13 04:42:28 +00:00			`<?php`

			`namespace App\Providers;`

Use Laravel built-in authorization The comment below motivated me to find a better solution for the repeated authorisation checks: ```php // This can't be put into a Request authorize(), due to Laravel(?)'s limitation. ``` This is the result. 2015-12-14 16:27:26 +00:00			`use App\Models\User;`
feat: move non-API routes out of API namespace 2020-09-07 20:43:23 +00:00			`use App\Services\TokenManager;`
Big Bang 2015-12-13 04:42:28 +00:00			`use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;`
feat: move non-API routes out of API namespace 2020-09-07 20:43:23 +00:00			`use Illuminate\Http\Request;`
			`use Illuminate\Support\Facades\Auth;`
feat: implement stricter password rules 2021-05-21 17:14:00 +00:00			`use Illuminate\Validation\Rules\Password;`
Big Bang 2015-12-13 04:42:28 +00:00
			`class AuthServiceProvider extends ServiceProvider`
			`{`
chore: fix CS 2020-12-22 20:11:22 +00:00			`public function boot(): void`
Big Bang 2015-12-13 04:42:28 +00:00			`{`
Upgrade to Laravel 5.3 2016-09-26 06:30:00 +00:00			`$this->registerPolicies();`
feat: move non-API routes out of API namespace 2020-09-07 20:43:23 +00:00
			`Auth::viaRequest('token-via-query-parameter', static function (Request $request): ?User {`
			`/** @var TokenManager $tokenManager */`
			`$tokenManager = app(TokenManager::class);`

feat: use a composition token (#1592) 2022-11-16 17:57:38 +00:00			`$token = $request->get('api_token') ?: $request->get('t');`

			`return $tokenManager->getUserFromPlainTextToken($token ?: '');`
feat: move non-API routes out of API namespace 2020-09-07 20:43:23 +00:00			`});`
feat: implement stricter password rules 2021-05-21 17:14:00 +00:00
			`$this->setPasswordDefaultRules();`
			`}`

			`private function setPasswordDefaultRules(): void`
			`{`
feat: require PHP7.4 (#1326) 2021-06-05 10:47:56 +00:00			`Password::defaults(fn (): Password => $this->app->isProduction()`
			`? Password::min(10)->letters()->numbers()->symbols()->uncompromised()`
			`: Password::min(6));`
Big Bang 2015-12-13 04:42:28 +00:00			`}`
			`}`