Buffalo Eats Online API Documentation

ApiAuthMiddleware extends Middleware
in package

API authentication middleware.

Validates Bearer tokens from the Authorization header against the api_keys table. Sets the authenticated API key and business context for downstream controllers. Supports scope-based authorization.

Tags
author

J.J. Johnson visionquest716@gmail.com

copyright

2026 VisionQuestServices LLC

Table of Contents

Properties

$requiredScope  : string|null

Methods

__construct()  : mixed
Create a new API auth middleware instance.
handle()  : bool
Validate the API bearer token and authorize the request.
extractBearerToken()  : string|null
Extract the bearer token from the Authorization header.

Properties

$requiredScope

private string|null $requiredScope

Required scope for this middleware instance

Methods

__construct()

Create a new API auth middleware instance.

public __construct([string|null $scope = null ]) : mixed
Parameters
$scope : string|null = null

Required scope (e.g., 'orders:read')

handle()

Validate the API bearer token and authorize the request.

public handle([array<string|int, mixed> $params = [] ]) : bool

Extracts the token from the Authorization header, looks up the key, validates it, checks scopes, and stores the API context in a global registry for controllers.

Parameters
$params : array<string|int, mixed> = []

Route parameters

Return values
bool

True if authorized, false otherwise

extractBearerToken()

Extract the bearer token from the Authorization header.

private extractBearerToken() : string|null
Return values
string|null

The token or null if not found


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results