execom99
105
0
Lumen

Lumen Passport OAuth - Inject token to the Request header

Posted 2 months ago by execom99

hi, I'm trying to simulate other user signed in (impersonation) and having other user's ID in one of the request parameters.

Is there a way to inject this other user's token into the header before Auth happens please? I have created middleware watching presence of this varaible but it is fired up after auth.

Also, I have added following code into the AuthServiceProvider's booth() if parameterd is in request before anything else:

    $user = User::findOrFail($impersonation_user_id);
    Auth::setUser($user);
    $token = $user->createToken('personal_tokens')->accessToken;
    $this->app->request->headers->set('authorization', 'Bearer '.$token);
    return $user;

When I check content of request's header then, new token is injected correctly but user logged in is not changed.

Other problem is, that it everytime generates new token, so if one page rendering has several API calls, then it generate several tokens ...

Any advice please? thanks

Please sign in or create an account to participate in this conversation.