Werk365\JwtAuthRoles\Middlewares\RoleMiddleware

Complexity

Total Complexity

3

Size/Duplication

Total Lines	15
Duplicated Lines	0 %

Importance

Changes

0

1 Method

Rating	Name	Duplication	Size	Complexity
A	handle()	0	13	3

<?php

namespace Werk365\JwtAuthRoles\Middlewares;

use Closure;
use Illuminate\Support\Facades\Auth;
use Werk365\JwtAuthRoles\Exceptions\AuthException;

class RoleMiddleware
{
    public function handle($request, Closure $next, $role)
    {
        $roles = is_array($role)
            ? $role
            : explode('|', $role);
        $user_roles = array_map('strtolower', Auth::user()->roles);

Accessing roles on the interface Illuminate\Contracts\Auth\Authenticatable suggest that you code against a concrete implementation. How about adding an instanceof check?

        $same = (array_intersect($roles, $user_roles));

        if (empty($same)) {
            throw AuthException::auth('401', 'User does not have right roles');
        }

        return $next($request);
    }
}