Middleware se encarga de validar que usuario pertenezca al restaurant

backend/app/Http/Middleware/Auth0Middleware.php

@@ -17,12 +17,20 @@ class Auth0Middleware {
         $token = $request->bearerToken();
 
         if (!$token) {
+            Log::warning('Se intento acceder a una ruta protegida sin un token', [
+                'path' => $request->getPathInfo()
+            ]);
             return response()->json(['error' => 'no_token', 'message' => 'No se envío el token'], 401);
         }
 
         try {
             $validated = $this->validateToken($token);
         } catch (InvalidTokenException $e) {
+            Log::warning('Se intento acceder a una ruta protegida con un token invalido', [
+                'path' => $request->getPathInfo(),
+                'message' => $e->getMessage(),
+                'token' => $token
+            ]);
             return response()->json([
                 'error' => 'auth0_invalid_token',
                 'message' => $e->getMessage()
@@ -30,6 +38,7 @@ class Auth0Middleware {
         }
 
         $user = Usuario::where('auth0_id', $validated['sub'])->first();
+        Log::debug('Se identifico al usuario', ['id' => $user->id, 'auth0_id' => $user->auth0_id]);
 
         return $next($request->merge(['user' => $user]));
     }

backend/app/Http/Middleware/Authenticate.php

@@ -1,22 +0,0 @@
-<?php
-
-namespace App\Http\Middleware;
-
-use Closure;
-use Illuminate\Contracts\Auth\Factory as Auth;
-
-class Authenticate {
-    protected $auth;
-
-    public function __construct(Auth $auth) {
-        $this->auth = $auth;
-    }
-
-    public function handle($request, Closure $next, $guard = null) {
-        if ($this->auth->guard($guard)->guest()) {
-            return response('Unauthorized.', 401);
-        }
-
-        return $next($request);
-    }
-}

backend/app/Http/Middleware/CorsMiddleware.php

@@ -14,15 +14,13 @@ class CorsMiddleware {
             'Access-Control-Allow-Headers'     => 'Content-Type, Authorization, X-Requested-With'
         ];
 
-        if ($request->isMethod('OPTIONS'))
-        {
+        if ($request->isMethod('OPTIONS')) {
             return response()->json([], 200, $headers);
         }
 
         $response = $next($request);
 
-        foreach($headers as $key => $value)
-        {
+        foreach($headers as $key => $value) {
             $response->header($key, $value);
         }
 

backend/app/Http/Middleware/InRestauranteMiddleware.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Support\Facades\Log;
+use App\Exceptions\ModelNotFoundException;
+use App\Models\Restaurante;
+
+class InRestauranteMiddleware {
+    public function handle($request, Closure $next) {
+        $restaurante = Restaurante::findOrFail($request->route('restaurante_id'));
+        $user = $request->user;
+
+
+        if(!$user->isOnRestaurante($restaurante)) {
+            Log::debug('El usuario intento acceder a un restaurante que no le pertenece', [
+                'user' => $user->id,
+                'restaurante' => $restaurante->id
+            ]);
+            throw new ModelNotFoundException('restaurante', $restaurante->id);
+        } else {
+            Log::debug('El usuario accedio a un restaurante que si le pertenece', [
+                'user' => $user->id,
+                'restaurante' => $restaurante->id
+            ]);
+        }
+
+        return $next($request);
+    }
+}

backend/app/Http/Middleware/LogEndpointHitMiddleware.php

@@ -7,17 +7,16 @@ use Illuminate\Support\Facades\Log;
 
 class LogEndpointHitMiddleware {
     public function handle($request, Closure $next) {
-        $userId = $request->user ? $request->user->id : null;
+        $user = $request->user;
         $method = $request->getMethod();
         $path = $request->getPathInfo();
 
-        Log::debug('User ' . $userId . ' hitting ' . $method . ' ' . $path . ' endpoint', [
-            'user' => $userId,
+        Log::debug('User ' . $user->id . ' hitting ' . $method . ' ' . $path . ' endpoint', [
+            'user' => $user->id,
+            'roles' => implode('|', $user->roles),
             'method' => $method,
             'path' => $path,
-            'input' => array_filter($request->input(), function ($key) {
-                return $key !== 'user';
-            }, ARRAY_FILTER_USE_KEY)
+            'input' => array_filter($request->input(), function ($key) { return $key !== 'user'; }, ARRAY_FILTER_USE_KEY)
         ]);
 
         return $next($request);

backend/app/Http/Middleware/RoleMiddleware.php

@@ -3,6 +3,7 @@
 namespace App\Http\Middleware;
 
 use Closure;
+use Illuminate\Support\Facades\Log;
 use App\Exceptions\NotAuthorizedException;
 
 class RoleMiddleware {
@@ -16,6 +17,11 @@ class RoleMiddleware {
         }
 
         if(!$has_permission) {
+            Log::warning('El usuario intento acceder a una ruta sin los roles necesarios', [
+                'user' => $user->id,
+                'required_roles' => $raw_roles,
+                'user_roles' => implode('|', $user->roles)
+            ]);
             throw new NotAuthorizedException($request->user);
         }