202509011734

加入 API Token 驗證
2025-09-01 17:35:41 +08:00 · 2025-09-01 17:35:41 +08:00 · 59b839111f
commit 59b839111f
parent fc5c97913d
1 changed files with 22 additions and 0 deletions
--- a/routes/api.php
+++ b/routes/api.php
@ -8,12 +8,34 @@ use App\Http\Controllers\Api\SyncController;
 use App\Http\Controllers\Api\RoomControlController;
 use App\Http\Controllers\Api\RoomSongController;
 use App\Http\Controllers\Api\SongSearchController;
+use Illuminate\Http\Request;
+use Laravel\Sanctum\PersonalAccessToken;

 Route::get('/artists/search', [ArtistController::class, 'search'])->name('api.artists.search');

 Route::post('/login', [AuthController::class, 'login']);
 Route::post('/room/receiveRegister', [RoomControlController::class, 'receiveRegister']);

+Route::post('/token/validate', function (Request $request) {
+    $token = $request->bearerToken();
+
+    if (!$token) {
+        return response()->json(['valid' => false, 'message' => 'Token missing'], 401);
+    }
+
+    $accessToken = PersonalAccessToken::findToken($token);
+
+    if (!$accessToken) {
+        return response()->json(['valid' => false, 'message' => 'Invalid token'], 401);
+    }
+
+    return response()->json([
+        'valid' => true,
+        'user_id' => $accessToken->tokenable_id,
+        'abilities' => $accessToken->abilities,
+    ]);
+});
+
 Route::middleware('auth:sanctum')->group(function () {
    Route::get ('/profile', [AuthController::class, 'profile']);
    Route::get ('/branches',[BranchControlController::class, 'Branches']);