respectively custom session guard

laravel · Nov 1, 2024 · 4d2fa2d · 4d2fa2d
1 parent 5716afc
commit 4d2fa2d
Show file tree

Hide file tree

Showing 3 changed files with 50 additions and 3 deletions.
diff --git a/src/Guard.php b/src/Guard.php
@@ -16,6 +16,13 @@ class Guard
      */
     protected $auth;
 
+    /**
+     * guards will be checked
+     *
+     * @var string|string[]|null
+     */
+    protected $guards;
+
     /**
      * The number of minutes tokens should be allowed to remain valid.
      *
@@ -36,13 +43,15 @@ class Guard
      * @param  \Illuminate\Contracts\Auth\Factory  $auth
      * @param  int  $expiration
      * @param  string  $provider
+     * @param  string|string[]|null  $guards
      * @return void
      */
-    public function __construct(AuthFactory $auth, $expiration = null, $provider = null)
+    public function __construct(AuthFactory $auth, $expiration = null, $provider = null, $guards = null)
     {
         $this->auth = $auth;
         $this->expiration = $expiration;
         $this->provider = $provider;
+        $this->guards = $guards;
     }
 
     /**
@@ -53,7 +62,7 @@ public function __construct(AuthFactory $auth, $expiration = null, $provider = n
      */
     public function __invoke(Request $request)
     {
-        foreach (Arr::wrap(config('sanctum.guard', 'web')) as $guard) {
+        foreach (Arr::wrap($this->guards ?? config('sanctum.guard', 'web')) as $guard) {
             if ($user = $this->auth->guard($guard)->user()) {
                 return $this->supportsTokens($user)
                     ? $user->withAccessToken(new TransientToken)

diff --git a/src/SanctumServiceProvider.php b/src/SanctumServiceProvider.php
@@ -103,7 +103,7 @@ protected function configureGuard()
     protected function createGuard($auth, $config)
     {
         return new RequestGuard(
-            new Guard($auth, config('sanctum.expiration'), $config['provider']),
+            new Guard($auth, config('sanctum.expiration'), $config['provider'], $config['with_guard'] ?? null),
             request(),
             $auth->createUserProvider($config['provider'] ?? null)
         );

diff --git a/tests/Feature/GuardTest.php b/tests/Feature/GuardTest.php
@@ -53,6 +53,44 @@ public function test_authentication_is_attempted_with_web_middleware()
         $this->assertTrue($user->tokenCan('foo'));
     }
 
+    public function test_authentication_is_attempted_with_given_guard()
+    {
+        $factory = Mockery::mock(AuthFactory::class);
+
+        $guard = new Guard($factory, null, 'users', ['other']);
+
+        $webGuard = Mockery::mock(stdClass::class);
+        $otherGuard = Mockery::mock(stdClass::class);
+
+        $factory->shouldReceive('guard')
+            ->with('web')
+            ->andReturn($webGuard);
+        $factory->shouldReceive('guard')
+            ->with('other')
+            ->andReturn($otherGuard);
+
+        $webGuard->shouldReceive('user')->never();
+        $otherGuard->shouldReceive('user')->once()->andReturn($fakeUser = new User);
+
+        $user = $guard->__invoke(Request::create('/', 'GET'));
+
+        $this->assertSame($user, $fakeUser);
+        $this->assertTrue($user->tokenCan('foo'));
+    }
+
+    public function test_authentication_ignore_all_guard()
+    {
+        $factory = Mockery::mock(AuthFactory::class);
+
+        $guard = new Guard($factory, null, 'users', []);
+
+        $factory->shouldReceive('guard')->never();
+
+        $user = $guard->__invoke(Request::create('/', 'GET'));
+
+        $this->assertNull($user);
+    }
+
     public function test_authentication_is_attempted_with_token_if_no_session_present()
     {
         $factory = Mockery::mock(AuthFactory::class);