dyzulk/trustlab-api
1
0
Fork 0
mirror of https://github.com/dyzulk/trustlab-api.git synced 2026-01-26 13:22:05 +07:00
Code Issues Packages Projects Releases Wiki Activity

fix: make role checks case-insensitive and clean up middleware

Browse Source
This commit is contained in:
dyzulk
2025-12-30 20:31:24 +07:00
parent 1eabedcb5b
commit 42fa9b75ff
1 changed files with 1 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/Http/Middleware/AdminMiddleware.php
View File

@@ -16,10 +16,7 @@ class AdminMiddleware
public function handle(Request $request, Closure $next): Response public function handle(Request $request, Closure $next): Response
{ {
if (!$request->user() || !$request->user()->isAdminOrOwner()) { if (!$request->user() || !$request->user()->isAdminOrOwner()) {
$role = $request->user() ? $request->user()->role : 'guest'; return response()->json(['message' => 'Unauthorized. Admin access required.'], 403);
return response()->json([
'message' => "Unauthorized. Admin access required. (Current role: {$role})"
], 403);
} }
return $next($request); return $next($request);