From 31e5624aec46bf4f1293834fdda37410a583fb43 Mon Sep 17 00:00:00 2001
From: Julien Nahum <julien@nahum.net>
Date: Thu, 21 Mar 2024 17:55:15 +0100
Subject: [PATCH] Skip jwt token security when impersonating

---
 app/Http/Middleware/AuthenticateJWT.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/app/Http/Middleware/AuthenticateJWT.php b/app/Http/Middleware/AuthenticateJWT.php
index c701d9dd..82016196 100644
--- a/app/Http/Middleware/AuthenticateJWT.php
+++ b/app/Http/Middleware/AuthenticateJWT.php
@@ -32,6 +32,11 @@ class AuthenticateJWT
                 }
             }
 
+            // If it's impersonating, skip the rest
+            if ($payload->get('impersonating')) {
+                return $next($request);
+            }
+
             $error = null;
             if (! \Hash::check($request->ip(), $payload->get('ip'))) {
                 $error = 'Origin IP is invalid';