Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-05-24 02:14:21 -04:00
Code Issues Packages Projects Releases Wiki Activity

Restrict API access for free/unpaid accounts

Browse Source
This commit is contained in:
David Bomba 2021-11-10 08:23:22 +11:00
parent 075fe7a5e5
commit d0be8f744c
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
app/Http/Middleware/TokenAuth.php
View File

@ -42,6 +42,16 @@ class TokenAuth
return response()->json($error, 403);
}
if(Ninja::isHosted() && $company_token->is_system == 0 && !$user->account->isPaid()){
$error = [
'message' => 'Feature not available with free / unpaid account.',
'errors' => new stdClass,
];
return response()->json($error, 403);
}
/*
|
| Necessary evil here: As we are authenticating on CompanyToken,