validate([ 'email' => 'required', 'password' => 'required|min:6' ]); // get user object $client = Client::where('email', request()->email)->first(); if($client){ // do the passwords match? if (!Hash::check(request()->password, $client->password)) { // no they don't return response()->json(['error' => 'Unauthorized'], 401); } Auth::login($client); // get new token $tokenResult = $client->createToken('auth_token'); // return token in json response return response()->json(['success' => ['token' => $tokenResult, 'client' => $client]], 200); } return response()->json(['error' => ['message' => 'email not found']], 404); } /** * @OA\POST( * path="/api/register", * summary=" - Register user", * tags = {"Authorization"}, * @OA\RequestBody( * @OA\MediaType( * mediaType="application/json", * @OA\Schema( * @OA\Property( * property="firstname", * type="string", * ), * @OA\Property( * property="lastname", * type="string", * ), * @OA\Property( * property="email", * type="string", * ), * @OA\Property( * property="password", * type="string", * ), * example={"firstname":"Mahri", "lastname":"Ilmedova" ,"email": "ilmedovamahri@gmail.com", "password": 12345678} * ) * ) * ), * @OA\Response( * response="200", * description="OK" * ), * @OA\Response( * response="401", * description="Unauthorized" * ) * ) */ public function register(Request $request){ $validatedData = request()->validate([ 'email' => 'required', 'password' => 'required|min:6', 'firstname' => 'required', 'lastname' => 'required', ]); $data = $request->all(); // hashing client's passord $data['password'] = Hash::make($data['password']); // set client's status to false (Admin will set the client's status from Admin Panel) $data['status'] = false; $client = Client::where('email', $data['email'])->first(); if($client){ return response()->json([ 'error' => 'This email is already used' ], 401); } $client = Client::create($data); Auth::login($client); // get new token $tokenResult = $client->createToken('auth_token'); // return token in json response return response()->json(['success' => ['token' => $tokenResult]], 200); } /** * @OA\GET( * path="/api/client", * summary=" - Get user", * tags = {"Authorization"}, * security={ * {"bearerAuth": {}} * }, * @OA\Response( * response="200", * description="OK" * ), * @OA\Response( * response="401", * description="Unauthorized" * ) * ) */ public function client(Request $request) { $user = $request->user(); if($user){ return response()->json($request->user(),200); } return response()->json([ 'message' => 'token_expired' ], 401); } /** * @OA\POST( * path="/api/logout", * summary=" - Logout user", * tags = {"Authorization"}, * security={ * {"bearerAuth": {}} * }, * @OA\Response( * response="200", * description="OK" * ), * @OA\Response( * response="401", * description="Unauthorized" * ) * ) */ public function logout(Request $request) { // Revoke the token that was used to authenticate the current request $request->user()->currentAccessToken()->delete(); //$request->user->tokens()->delete(); // use this to revoke all tokens (logout from all devices) return response()->json([ 'message' => 'ok' ], 200); } /** * @OA\POST( * path="/api/forgot-password", * summary=" - Send a user password reset link", * tags = {"Authorization"}, * @OA\RequestBody( * @OA\MediaType( * mediaType="application/json", * @OA\Schema( * @OA\Property( * property="email", * type="string", * ), * example={"email": "ilmedovamahri@gmail.com"} * ) * ) * ), * @OA\Response( * response="200", * description="OK" * ) * ) */ public function sendPasswordResetLinkEmail(Request $request) { $request->validate(['email' => 'required|email']); $user = Client::where('email', $request->email)->first(); if (!$user) { return back()->with('failed', 'Failed! email is not registered.'); } $token = rand(1000, 9999); $user['token'] = $token; $user['is_verified'] = 0; $user->save(); Mail::to($request->email)->send(new ResetPassword($user->name, $token)); return response()->json([ 'message' => 'OK' ], 200); } /** * @OA\POST( * path="/api/reset-password", * summary=" - Reset client password and enter new", * tags = {"Authorization"}, * @OA\RequestBody( * @OA\MediaType( * mediaType="application/json", * @OA\Schema( * @OA\Property( * property="email", * type="string", * ), * @OA\Property( * property="token", * type="string", * ), * @OA\Property( * property="password", * type="string", * ), * @OA\Property( * property="confirm_password", * type="string", * ), * example={"email": "ilmedovamahri@gmail.com", "token":"2546", "password":"Hello001!", "confirm_password":"Hello001!"} * ) * ) * ), * @OA\Response( * response="200", * description="OK" * ) * ) */ public function updatePassword(Request $request) { $this->validate($request, [ 'token' => 'required', 'email' => 'required', 'password' => 'required', 'confirm_password' => 'required|same:password' ]); $user = Client::where('email', $request->email)->first(); if($user && $request->token == $user->token){ $user['is_verified'] = 0; $user['password'] = Hash::make($request->password); $user->save(); return response()->json([ 'message' => 'OK' ], 200); } return response()->json([ 'message' => 'not_found' ], 404); } /** * @OA\POST( * path="/api/update-account", * summary=" - Update client account", * tags = {"Authorization"}, * description = "All the fields are optional (if password field is being updated then confirm_password is required)", * security={ * {"bearerAuth": {}} * }, * @OA\RequestBody( * @OA\MediaType( * mediaType="application/json", * @OA\Schema( * @OA\Property( * property="firstname", * type="string", * ), * @OA\Property( * property="lastname", * type="string", * ), * @OA\Property( * property="email", * type="string", * ), * @OA\Property( * property="password", * type="string", * ), * @OA\Property( * property="confirm_password", * type="string", * ), * example={"firstname":"Mahri","lastname":"Ilmedova","email": "ilmedovamahri@gmail.com", "password":"Hello001!", "confirm_password":"Hello001!"} * ) * ) * ), * @OA\Response( * response="200", * description="OK" * ) * ) */ public function updateClient(Request $request){ $user = $request->user(); $client = Client::find($user->id); $data = $request->all(); if($client){ if(count($data) > 0){ if(isset($data['firstname'])){ $client['firstname'] = $data['firstname']; } if(isset($data['lastname'])){ $client['lastname'] = $data['lastname']; } if(isset($data['email'])){ $client['email'] = $data['email']; } if(isset($data['password'])){ if(isset($data['confirm_password'])){ $this->validate($request, [ 'password' => 'required', 'confirm_password' => 'required|same:password' ]); $client['password'] = Hash::make($request->password); } return response()->json([ 'error' => 'confirm_password missing' ], 400); } } $client->save(); return response()->json($client, 200); } return response()->json([ 'error' => 'unauthorised' ]); } }