input('email'))->first(); if($client){ if (!Hash::check(request()->password, $client->password)){ return response()->json([ 'message' => 'Unauthorized' ], 401); } Auth::login($client); $client->tokens()->delete(); $client->token = $client->createToken('auth_token')->plainTextToken; return ClientResource::make($client); } return response()->json(['message' => 'email not found'], 404); } /** * @OA\POST( * path="/api/register", * summary=" - Register user", * tags = {"Authorization"}, * @OA\RequestBody( * @OA\MediaType( * mediaType="application/json", * @OA\Schema( * @OA\Property( * property="firstname", * type="string", * ), * @OA\Property( * property="lastname", * type="string", * ), * @OA\Property( * property="email", * type="string", * ), * @OA\Property( * property="password", * type="string", * ), * * example={"firstname":"Mahri", "lastname":"Ilmedova" ,"email": "ilmedovamahri@gmail.com", "password": 12345678} * ) * ) * ), * @OA\Response( * response="201", * description="OK", * @OA\JsonContent( * type="object", * @OA\Property(property="token", type="string"), * @OA\Property(property="client", type="object", * @OA\Property(property="id", type="integer"), * @OA\Property(property="firstname", type="string"), * @OA\Property(property="lastname", type="string"), * @OA\Property(property="email", type="string"), * @OA\Property(property="is_verified", type="boolean"), * ) * ) * ), * @OA\Response( * response="422", * description="Validation Error", * @OA\JsonContent(type="object", * @OA\Property(property="message", type="string"), * @OA\Property(property="errors", type="object"), * ) * ) * ) */ public function register(RegisterRequest $request) { $data = $request->only(['email','firstname','lastname']); $data['password'] = Hash::make($request->input('password')); $email_verification = (bool) Config::get('settings.email_verification'); $data['is_verified'] = $email_verification; $data['verification_token'] = rand(1000, 9999);//generate code; // $data['status'] = 0 ; $client = Client::create($data); if($email_verification) { Mail::to($request->email)->queue(new EmailVerification($request->firstname, $client->token)); } else{ Auth::login($client); $client->token = $client->createToken('auth_token')->plainTextToken; } return ClientResource::make($client); } /** * @OA\POST( * path="/api/verify-email", * summary=" - Verify email of client", * tags = {"Authorization"}, * @OA\RequestBody( * @OA\MediaType( * mediaType="application/json", * @OA\Schema( * @OA\Property( * property="email", * type="string", * ), * @OA\Property( * property="token", * type="string", * ), * example={"email": "ilmedovamahri@gmail.com", "token": "4515"} * ) * ) * ), * @OA\Response( * response="200", * description="OK" * ), * @OA\Response( * response="400", * description="Missing fields (email or token)" * ), * @OA\Response( * response="404", * description="Client not found" * ), * @OA\Response( * response="401", * description="Unauthorised. Tokens do not match" * ) * ) */ public function verifyEmail(Request $request){ $request->validate([ 'email' => 'required|email', 'token' => 'required' ]); $client = Client::where('email', $request->email)->first(); if($client){ if($client->token === $request->token){ Auth::login($client); $tokenResult = $client->createToken('auth_token'); return response()->json(['data' => ['token' => $tokenResult, 'client' => $client]], 200); } else{ return response()->json(['message' => 'tokens don\'t match'], 401); } } else{ return response()->json([ 'message' => 'no such client' ], 404); } } /** * @OA\GET( * path="/api/client", * summary=" - Get user", * tags = {"Authorization"}, * security={ * {"bearerAuth": {}} * }, * @OA\Response( * response="200", * description="OK" * ), * @OA\Response( * response="401", * description="Unauthorized" * ) * ) */ public function client(Request $request) { if($client = $request->user()){ return ClientResource::make($client); } return response()->json([ 'message' => 'token_expired' ], 401); } /** * @OA\POST( * path="/api/logout", * summary=" - Logout user", * tags = {"Authorization"}, * security={ * {"bearerAuth": {}} * }, * @OA\Response( * response="200", * description="OK" * ), * @OA\Response( * response="401", * description="Unauthorized" * ) * ) */ public function logout(Request $request) { $request->user()->currentAccessToken()->delete(); //$request->user->tokens()->delete(); // use this to revoke all tokens (logout from all devices) return response()->json([ 'message' => 'ok' ], 200); } /** * @OA\POST( * path="/api/forgot-password", * summary=" - Send a user password reset link", * tags = {"Authorization"}, * @OA\RequestBody( * @OA\MediaType( * mediaType="application/json", * @OA\Schema( * @OA\Property( * property="email", * type="string", * ), * example={"email": "ilmedovamahri@gmail.com"} * ) * ) * ), * @OA\Response( * response="200", * description="OK" * ) * ) */ public function sendPasswordResetLinkEmail(Request $request) { try{ $request->validate(['email' => 'required|email']); $user = Client::where('email', $request->email)->first(); if (!$user) { return response()->json([ 'message' => 'user with provided email not found' ], 404); } $token = rand(1000, 9999); $user['verification_token'] = $token; $user->save(); Mail::to($request->email)->queue(new ResetPassword($user->firstname, $token)); return response()->json([ 'message' => 'sent reset code' ], 200); } catch(\Exception $e){ return response()->json([ 'message' => $e->getMessage() ], 200); } } /** * @OA\POST( * path="/api/reset-password", * summary=" - Reset client password and enter new", * tags = {"Authorization"}, * @OA\RequestBody( * @OA\MediaType( * mediaType="application/json", * @OA\Schema( * @OA\Property( * property="email", * type="string", * ), * @OA\Property( * property="token", * type="string", * ), * @OA\Property( * property="password", * type="string", * ), * @OA\Property( * property="confirm_password", * type="string", * ), * example={"email": "ilmedovamahri@gmail.com", "token":"2546", "password":"Hello001!", "confirm_password":"Hello001!"} * ) * ) * ), * @OA\Response( * response="200", * description="OK" * ) * ) */ public function updatePassword(Request $request) { try{ $this->validate($request, [ 'token' => 'required', 'email' => 'required|email', 'password' => 'required', 'confirm_password' => 'required|same:password' ]); $user = Client::where('email', $request->email)->first(); if($user && $request->token == $user->token){ $user['password'] = Hash::make($request->password); $user->save(); return response()->json([ 'message' => 'OK' ], 200); } return response()->json([ 'message' => 'not_found' ], 404); } catch(\Exception $e){ return response()->json([ 'message' => $e->getMessage() ], 500); } } /** * @OA\POST( * path="/api/update-account", * summary=" - Update client account", * tags = {"Authorization"}, * description = "All the fields are optional (if password field is being updated then confirm_password is required)", * security={ * {"bearerAuth": {}} * }, * @OA\RequestBody( * @OA\MediaType( * mediaType="application/json", * @OA\Schema( * @OA\Property( * property="firstname", * type="string", * ), * @OA\Property( * property="lastname", * type="string", * ), * @OA\Property( * property="password", * type="string", * ), * @OA\Property( * property="confirm_password", * type="string", * ), * example={"firstname":"Mahri","lastname":"Ilmedova","email": "ilmedovamahri@gmail.com", "password":"Hello001!", "confirm_password":"Hello001!"} * ) * ) * ), * @OA\Response( * response="200", * description="OK" * ) * ) */ public function updateClient(UpdateClientRequest $request){ $client = $request->user(); $data = $request->only('firstname', 'lastname', 'password'); if (! isset($data['password']) || ! $data['password']) { unset($data['password']); } else { $data['password'] = bcrypt($data['password']); } if($client->fill($data)->save()){ return ClientResource::make($client); } return response()->json([ 'message' => 'Your account has not been updated.', ],500); } }