I have an api that used Dingo API. The current users therefore use a
X-Api-Key header for authentication. I now want to switch to laravels implemented API system which requires an Authorization header.
Is it possible to tell laravel which header to use. Or preferrably: Is there a hook that I can use to modify the headers (e.g. copy the X-Api-Key header value into the Authorization header), before authentication takes place?
You can create middleware like this:
<?php
namespace App\Http\Middleware;
use Closure;
class ModifyHeader extends BaseAuthorize
{
public function handle($request, Closure $next)
{
if ($authorization = $request->header('X-Api-Key')) {
$request->headers->set('Authorization', $authorization);
}
return $next($request);
}
}
Then you need to add this middleware to $middlewareGroups or $routeMiddleware for example like this:
protected $middlewareGroups = [
'api' => [
// ...
\App\Http\Middleware\ModifyHeader::class,
],
// ...
];
and then you should make sure that routes you want to make the change are in api middleware. Of course you can also create custom middleware group for this or apply this for selected routes.
Then for example if you add such route:
Route::group(['middleware' => 'api'], function () {
Route::get('/test', function () {
dd(request()->header('Authorization'));
});
});
You should get the same value that is passed in X-Api-Key header.
api middleware for such usage although it depends on author application how exactly his middleware groups are organized