248 lines
6.6 KiB
PHP
248 lines
6.6 KiB
PHP
|
<?php
|
||
|
|
|
||
|
|
namespace App\Http\Controllers;
|
||
|
|
|
||
|
|
use Illuminate\Support\Facades\Auth;
|
||
|
|
use Illuminate\Support\Facades\Hash;
|
||
|
|
use App\Authentication;
|
||
|
|
use App\PasswordReset;
|
||
|
|
use Illuminate\Support\Str;
|
||
|
|
use App\Notifications\PasswordResetRequest;
|
||
|
|
use App\Notifications\PasswordResetSuccess;
|
||
|
|
use Illuminate\Http\Request;
|
||
|
|
use Carbon\Carbon;
|
||
|
|
|
||
|
|
class AuthenticationController extends Controller
|
||
|
|
{
|
||
|
|
public function login(Request $request)
|
||
|
|
{
|
||
|
|
$request->validate([
|
||
|
|
'email' => 'required|string|email',
|
||
|
|
'password' => 'required|string',
|
||
|
|
'remember_me' => 'boolean'
|
||
|
|
]);
|
||
|
|
$credentials = request(['email', 'password']);
|
||
|
|
if (!Auth::attempt($credentials))
|
||
|
|
return response()->json([
|
||
|
|
'message' => 'Unauthorized'
|
||
|
|
], 401);
|
||
|
|
$user = $request->user();
|
||
|
|
$tokenResult = $user->createToken('Personal Access Token');
|
||
|
|
$token = $tokenResult->token;
|
||
|
|
if ($request->remember_me)
|
||
|
|
$token->expires_at = Carbon::now()->addWeeks(1);
|
||
|
|
$token->save();
|
||
|
|
return response()->json([
|
||
|
|
'access_token' => $tokenResult->accessToken,
|
||
|
|
'token_type' => 'Bearer',
|
||
|
|
'expires_at' => Carbon::parse(
|
||
|
|
$tokenResult->token->expires_at
|
||
|
|
)->toDateTimeString()
|
||
|
|
]);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function store(Request $request)
|
||
|
|
{
|
||
|
|
$data = $request->validate([
|
||
|
|
'username' => ['required', 'string', 'max:255'],
|
||
|
|
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
|
||
|
|
'password' => ['required', 'string', 'min:8'],
|
||
|
|
]);
|
||
|
|
|
||
|
|
$user = Authentication::create([
|
||
|
|
'username' => $data['username'],
|
||
|
|
'email' => $data['email'],
|
||
|
|
'password' => Hash::make($data['password']),
|
||
|
|
]);
|
||
|
|
return response()->json($user, 201);
|
||
|
|
}
|
||
|
|
|
||
|
|
public function logout(Request $request)
|
||
|
|
{
|
||
|
|
if (Auth::check()) {
|
||
|
|
Auth::user()->AauthAcessToken()->delete();
|
||
|
|
}
|
||
|
|
return response()->json([
|
||
|
|
'message' => 'Successfully logged out'
|
||
|
|
]);
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Create token password reset
|
||
|
|
*
|
||
|
|
* @param [string] email
|
||
|
|
* @return [string] message
|
||
|
|
*/
|
||
|
|
public function create(Request $request)
|
||
|
|
{
|
||
|
|
$request->validate([
|
||
|
|
'email' => 'required|string|email',
|
||
|
|
]);
|
||
|
|
$user = Authentication::where('email', $request->email)->first();
|
||
|
|
|
||
|
|
if (!$user)
|
||
|
|
return response()->json([
|
||
|
|
'message' => "We can't find a user with that e-mail address."
|
||
|
|
], 404);
|
||
|
|
$passwordReset = PasswordReset::updateOrCreate(
|
||
|
|
['email' => $user->email],
|
||
|
|
[
|
||
|
|
'email' => $user->email,
|
||
|
|
'token' => Str::random(60)
|
||
|
|
]
|
||
|
|
);
|
||
|
|
if ($user && $passwordReset)
|
||
|
|
$user->notify(
|
||
|
|
new PasswordResetRequest($passwordReset->token)
|
||
|
|
);
|
||
|
|
return response()->json([
|
||
|
|
'message' => 'We have e-mailed your password reset link!'
|
||
|
|
]);
|
||
|
|
}
|
||
|
|
/**
|
||
|
|
* Find token password reset
|
||
|
|
*
|
||
|
|
* @param [string] $token
|
||
|
|
* @return [string] message
|
||
|
|
* @return [json] passwordReset object
|
||
|
|
*/
|
||
|
|
public function find($token)
|
||
|
|
{
|
||
|
|
$passwordReset = PasswordReset::where('token', $token)
|
||
|
|
->first();
|
||
|
|
if (!$passwordReset)
|
||
|
|
return response()->json([
|
||
|
|
'message' => 'This password reset token is invalid.'
|
||
|
|
], 404);
|
||
|
|
if (Carbon::parse($passwordReset->updated_at)->addMinutes(720)->isPast()) {
|
||
|
|
$passwordReset->delete();
|
||
|
|
return response()->json([
|
||
|
|
'message' => 'This password reset token is invalid.'
|
||
|
|
], 404);
|
||
|
|
}
|
||
|
|
return response()->json($passwordReset);
|
||
|
|
}
|
||
|
|
/**
|
||
|
|
* Reset password
|
||
|
|
*
|
||
|
|
* @param [string] email
|
||
|
|
* @param [string] password
|
||
|
|
* @param [string] password_confirmation
|
||
|
|
* @param [string] token
|
||
|
|
* @return [string] message
|
||
|
|
* @return [json] user object
|
||
|
|
*/
|
||
|
|
public function reset(Request $request)
|
||
|
|
{
|
||
|
|
$request->validate([
|
||
|
|
'email' => 'required|string|email',
|
||
|
|
'password' => 'required|string|confirmed',
|
||
|
|
'token' => 'required|string'
|
||
|
|
]);
|
||
|
|
$passwordReset = PasswordReset::where([
|
||
|
|
['token', $request->token],
|
||
|
|
['email', $request->email]
|
||
|
|
])->first();
|
||
|
|
if (!$passwordReset)
|
||
|
|
return response()->json([
|
||
|
|
'message' => 'This password reset token is invalid.'
|
||
|
|
], 404);
|
||
|
|
$user = Authentication::where('email', $passwordReset->email)->first();
|
||
|
|
if (!$user)
|
||
|
|
return response()->json([
|
||
|
|
'message' => "We can't find a user with that e-mail address."
|
||
|
|
], 404);
|
||
|
|
$user->password = bcrypt($request->password);
|
||
|
|
$user->save();
|
||
|
|
$passwordReset->delete();
|
||
|
|
$user->notify(new PasswordResetSuccess($passwordReset));
|
||
|
|
return response()->json($user);
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Get the authenticated User
|
||
|
|
*
|
||
|
|
* @return [json] user object
|
||
|
|
*/
|
||
|
|
public function user(Request $request)
|
||
|
|
{
|
||
|
|
return response()->json($request->user());
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Display a listing of the resource.
|
||
|
|
*
|
||
|
|
* @return \Illuminate\Http\Response
|
||
|
|
*/
|
||
|
|
public function index()
|
||
|
|
{
|
||
|
|
//
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Show the form for creating a new resource.
|
||
|
|
*
|
||
|
|
* @return \Illuminate\Http\Response
|
||
|
|
*/
|
||
|
|
// public function create()
|
||
|
|
// {
|
||
|
|
// //
|
||
|
|
// }
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Store a newly created resource in storage.
|
||
|
|
*
|
||
|
|
* @param \Illuminate\Http\Request $request
|
||
|
|
* @return \Illuminate\Http\Response
|
||
|
|
*/
|
||
|
|
// public function store(Request $request)
|
||
|
|
// {
|
||
|
|
// //
|
||
|
|
// }
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Display the specified resource.
|
||
|
|
*
|
||
|
|
* @param \App\Auth $auth
|
||
|
|
* @return \Illuminate\Http\Response
|
||
|
|
*/
|
||
|
|
public function show(Auth $auth)
|
||
|
|
{
|
||
|
|
//
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Show the form for editing the specified resource.
|
||
|
|
*
|
||
|
|
* @param \App\Auth $auth
|
||
|
|
* @return \Illuminate\Http\Response
|
||
|
|
*/
|
||
|
|
public function edit(Auth $auth)
|
||
|
|
{
|
||
|
|
//
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Update the specified resource in storage.
|
||
|
|
*
|
||
|
|
* @param \Illuminate\Http\Request $request
|
||
|
|
* @param \App\Auth $auth
|
||
|
|
* @return \Illuminate\Http\Response
|
||
|
|
*/
|
||
|
|
public function update(Request $request, Auth $auth)
|
||
|
|
{
|
||
|
|
//
|
||
|
|
}
|
||
|
|
|
||
|
|
/**
|
||
|
|
* Remove the specified resource from storage.
|
||
|
|
*
|
||
|
|
* @param \App\Auth $auth
|
||
|
|
* @return \Illuminate\Http\Response
|
||
|
|
*/
|
||
|
|
public function destroy(Auth $auth)
|
||
|
|
{
|
||
|
|
//
|
||
|
|
}
|
||
|
|
}
|