Skip to content

Commit

Permalink
fix: fix basic auth with token (#6673)
Browse files Browse the repository at this point in the history
  • Loading branch information
@asbiin
asbiin authored Jun 12, 2023
1 parent ec3a44d commit fab6c32
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion app/Http/Middleware/AuthenticateWithTokenOnBasicAuth.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,8 @@ private function sanctumUser(Request $request): ?User
$user = $this->sanctum()->setRequest($request)->user();

// if there is no bearer token PHP_AUTH_USER header must match user email
if ($user->currentAccessToken() !== null
if ($user !== null
&& $user->currentAccessToken() !== null
&& $request->bearerToken() !== null
&& $request->getUser() !== $user->email) {
return null;
Expand Down

0 comments on commit fab6c32

Please sign in to comment.