From e31902dba1aa169cec3619925ef0f10161f5c606 Mon Sep 17 00:00:00 2001 From: Bill Riess Date: Wed, 6 May 2020 12:35:12 -0400 Subject: [PATCH] Moved provider check to bearer token only --- src/Guards/TokenGuard.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Guards/TokenGuard.php b/src/Guards/TokenGuard.php index f30468310..e4e01d1c2 100644 --- a/src/Guards/TokenGuard.php +++ b/src/Guards/TokenGuard.php @@ -108,10 +108,6 @@ protected function hasValidProvider(Request $request) */ public function user(Request $request) { - if (! $this->hasValidProvider($request)) { - return; - } - if ($request->bearerToken()) { return $this->authenticateViaBearerToken($request); } elseif ($request->cookie(Passport::cookie())) { @@ -154,6 +150,10 @@ protected function authenticateViaBearerToken($request) return; } + if (! $this->hasValidProvider($request)) { + return; + } + // If the access token is valid we will retrieve the user according to the user ID // associated with the token. We will use the provider implementation which may // be used to retrieve users from Eloquent. Next, we'll be ready to continue.