make_sure_allowed()
public function make_sure_allowed(): ?string
Description
Ensures the current request is from an authenticated admin user (user level 1). Blocks direct URL access to this method for security.
In development mode, automatically logs in as the first active user if no valid token exists (convenience for development).
In production mode, redirects to the login page if no valid token is found.
For MX (Trongate MX) requests, returns HTTP 200 with the token or HTTP 401 on failure, then terminates.
Parameters
This method accepts no parameters.
Return Value
| Type | Description |
|---|---|
| string|null | The authentication token string if access is granted, or null if redirected/terminated. |