API changes

app/Http/Middleware/ApiCheck.php

@@ -42,7 +42,7 @@ class ApiCheck {
 
             // check if user is archived
             if ($token && $token->user) {
-                Auth::loginUsingId($token->user_id);
+                Auth::onceUsingId($token->user_id);
                 Session::set('token_id', $token->id);
             } else {
                 sleep(ERROR_DELAY);

app/Http/Requests/UpdateUserRequest.php

@@ -2,9 +2,9 @@
 
 use Auth;
 
-class UpdateUserRequest extends Request
+class UpdateUserRequest extends EntityReques
 {
-    // Expenses 
+    // Expenses
     /**
      * Determine if the user is authorized to make this request.
      *
@@ -12,7 +12,7 @@ class UpdateUserRequest extends Request
      */
     public function authorize()
     {
-        return $this->user()->can('edit', $this->entity());
+        return Auth::user()->is_admin || $this->user()->id == Auth::user()->id;
     }
 
     /**