Assign key to model X (not User)

[RokSiEu]

Would it be possible to assign API key to X model rather than (only to) User? When developing API for Mobile devices there is a need to assign key to each device and not to user.

[chrisbjr]

Hi @RokSiEu yes, it's possible. What we've done in our other apps is assign an API key per device so our devices table has an api_key_id in it. We then created another class that extends the ApiGuardController that overrides the constructor like so:

abstract class ApiController extends ApiGuardController
{

    protected $authenticateDevice = false;

    /**
     * @var Device
     */
    protected $device;

    public function __construct()
    {
        parent::__construct();

        if ($this->authenticateDevice) {

            $apiKey = Request::header(config('apiguard.keyName'));

            if ( ! is_null($apiKey)) {
                try {
                    $this->apiKey = ApiKey::where('key', $apiKey)
                        ->firstOrFail();
                } catch (Exception $e) {
                    return $this->response->errorUnauthorized('The API key you specified does not exist.');
                }
            }

            try {
                $this->device = Device::where('api_key_id', $this->apiKey->id)
                    ->firstOrFail();

            } catch (Exception $e) {
                return $this->response->errorUnauthorized('This device is not authorized to access this API.');
            }
        }
    }
}

[RokSiEu]

Tnx for reply. Yes I did something like you wrote but I was thinking about changing the whole package to general use of model that require api key access. So that we could assign api keys to X Model (device,company,user...)
Something that could be controlled through config file. Because now we are using workarounds (like yours).