diff --git a/app/Http/Controllers/ParticipantController.php b/app/Http/Controllers/ParticipantController.php index 90c02b4..cb90d52 100644 --- a/app/Http/Controllers/ParticipantController.php +++ b/app/Http/Controllers/ParticipantController.php @@ -16,7 +16,7 @@ class ParticipantController extends Controller { $permission = $request->permission; - if ($permission === "key_1") { + if ($permission === "key_5") { $participants = Participant::whereNotNull('lan_id') ->select('id','lan_id', 'first_name', 'surname','grade','phone','email', 'guardian_name', 'guardian_phone', 'guardian_email', 'is_visiting','friends', 'special_diet', 'status','created_at', 'updated_at') @@ -149,7 +149,7 @@ class ParticipantController extends Controller } return response()->json([ - 'code' => 200, 'message' => 'Unauthorized' + 'code' => 401, 'message' => 'Unauthorized' ]); } diff --git a/app/Http/Middleware/ApiToken.php b/app/Http/Middleware/ApiToken.php index 25a5606..30c3bcc 100644 --- a/app/Http/Middleware/ApiToken.php +++ b/app/Http/Middleware/ApiToken.php @@ -15,7 +15,7 @@ class ApiToken */ public function handle(Request $request, Closure $next): Response { - if ($request->header('X-API-KEY') === config('apikeys.key_1')) { + if ($request->header('X-API-KEY') === config('apikeys.key_1')) { $request->merge(["permission" => "key_1"]); @@ -31,6 +31,10 @@ class ApiToken $request->merge(["permission" => "key_4"]); + } elseif ($request->header('X-API-KEY') === config('apikeys.key_5')) { + + $request->merge(["permission" => "key_5"]); + } else { return response()->json(['code' => 401, 'message' => 'Unauthorized']); } diff --git a/config/apikeys.php b/config/apikeys.php index b006013..0c7b461 100644 --- a/config/apikeys.php +++ b/config/apikeys.php @@ -14,5 +14,5 @@ return [ 'key_2' => env('API_KEY_2'), 'key_3' => env('API_KEY_3'), 'key_4' => env('API_KEY_4'), - + 'key_5' => env('API_KEY_5') ]; \ No newline at end of file