API with Lumen Framework authorize not work

Question

I working a simple API with Lumen, But I encounter a problem. I want to delete the user if he is the user, but my authorize is not work.

For the login I use JWT token.

UserController.php

    /**
     * Delete user by user id.
     *
     * @param int $id
     *
     * @return mixed
     */
    public function delete($id)
    {
        $user = User::find($id);

        $this->authorize('delete', $user);

        $user->delete();

        return response()->json([
            'success'   =>  'User deleted with success'
        ], 200);
    }

UserPolicy.php

class UserPolicy
{

    public function delete(User $user, User $user_current)
    {
        return $user->id === $user_current->id;
    }

}

AuthServiceProvider.php

    public function boot()
    {
        Gate::policy(User::class, UserPolicy::class);

        $this->app['auth']->viaRequest('api', function ($request) {
            if ($request->header('Authorization')) {
                return User::where('api_token', $request->input('api_token'))->first();
            }
        });
    }

I I do not understand why it does not work.

Answer 1

Try using like below in your header:

Authorization : Bearer [TOKEN]

---

Update 1:

If you're in Apache, I guess this might help you as it works on mine:
Just add these lines on your .htaccess file:

RewriteEngine On  
RewriteCond %{HTTP:Authorization} ^(.*)  
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]  

---

Update 2:

Okay, Please change your AuthServiceProvider like below codes:

$this->app['auth']->viaRequest('api', function ($request) {
    $token = $request->bearerToken();

    if(!$token) {
        // Unauthorized response if token not there
        throw new Exception('token not provided');
    }
    .
    .
    .
}