302 lines
8.8 KiB
PHP
302 lines
8.8 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Mail\ResetPassword;
|
|
use App\Models\Client;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Illuminate\Support\Facades\Mail;
|
|
use Illuminate\Support\Str;
|
|
|
|
|
|
use Illuminate\Support\Facades\Password;
|
|
use Illuminate\Support\Facades\Validator;
|
|
use Illuminate\Auth\Events\PasswordReset;
|
|
use Illuminate\Validation\ValidationException;
|
|
|
|
/**
|
|
* @OA\Info(
|
|
* title="Legalization API",
|
|
* version="1.0.1"
|
|
* )
|
|
* @OA\SecurityScheme(
|
|
* securityScheme="bearerAuth",
|
|
* in="header",
|
|
* name="bearerAuth",
|
|
* type="http",
|
|
* scheme="bearer",
|
|
* bearerFormat="JWT",
|
|
* ),
|
|
*/
|
|
|
|
|
|
//controller where all auth process for client happens
|
|
class AuthController extends Controller
|
|
{
|
|
|
|
/**
|
|
* @OA\POST(
|
|
* path="/api/login",
|
|
* summary=" - Login user",
|
|
* tags = {"Authorization"},
|
|
* @OA\RequestBody(
|
|
* @OA\MediaType(
|
|
* mediaType="application/json",
|
|
* @OA\Schema(
|
|
* @OA\Property(
|
|
* property="email",
|
|
* type="string",
|
|
* ),
|
|
* @OA\Property(
|
|
* property="password",
|
|
* type="string",
|
|
* ),
|
|
* example={"email": "ilmedovamahri@gmail.com", "password": 12345678}
|
|
* )
|
|
* )
|
|
* ),
|
|
* @OA\Response(
|
|
* response="200",
|
|
* description="OK"
|
|
* ),
|
|
* @OA\Response(
|
|
* response="401",
|
|
* description="Unauthorized"
|
|
* )
|
|
* )
|
|
*/
|
|
public function login(Request $request){
|
|
$validatedData = request()->validate([
|
|
'email' => 'required',
|
|
'password' => 'required|min:6'
|
|
]);
|
|
|
|
// get user object
|
|
$client = Client::where('email', request()->email)->first();
|
|
|
|
// do the passwords match?
|
|
if (!Hash::check(request()->password, $client->password)) {
|
|
// no they don't
|
|
return response()->json(['error' => 'Unauthorized'], 401);
|
|
}
|
|
|
|
Auth::login($client);
|
|
|
|
// get new token
|
|
$tokenResult = $client->createToken('auth_token');
|
|
|
|
// return token in json response
|
|
return response()->json(['success' => ['token' => $tokenResult]], 200);
|
|
}
|
|
|
|
/**
|
|
* @OA\POST(
|
|
* path="/api/register",
|
|
* summary=" - Register user",
|
|
* tags = {"Authorization"},
|
|
* @OA\RequestBody(
|
|
* @OA\MediaType(
|
|
* mediaType="application/json",
|
|
* @OA\Schema(
|
|
* @OA\Property(
|
|
* property="firstname",
|
|
* type="string",
|
|
* ),
|
|
* @OA\Property(
|
|
* property="lastname",
|
|
* type="string",
|
|
* ),
|
|
* @OA\Property(
|
|
* property="email",
|
|
* type="string",
|
|
* ),
|
|
* @OA\Property(
|
|
* property="password",
|
|
* type="string",
|
|
* ),
|
|
* example={"firstname":"Mahri", "lastname":"Ilmedova" ,"email": "ilmedovamahri@gmail.com", "password": 12345678}
|
|
* )
|
|
* )
|
|
* ),
|
|
* @OA\Response(
|
|
* response="200",
|
|
* description="OK"
|
|
* ),
|
|
* @OA\Response(
|
|
* response="401",
|
|
* description="Unauthorized"
|
|
* )
|
|
* )
|
|
*/
|
|
public function register(Request $request){
|
|
$validatedData = request()->validate([
|
|
'email' => 'required',
|
|
'password' => 'required|min:6',
|
|
'firstname' => 'required',
|
|
'lastname' => 'required',
|
|
]);
|
|
|
|
$data = $request->all();
|
|
|
|
// hashing client's passord
|
|
$data['password'] = Hash::make($data['password']);
|
|
|
|
// set client's status to false (Admin will set the client's status from Admin Panel)
|
|
$data['status'] = false;
|
|
|
|
$client = Client::where('email', $data['email'])->first();
|
|
if($client){
|
|
return response()->json([
|
|
'error' => 'This email is already used'
|
|
], 401);
|
|
}
|
|
|
|
$client = Client::create($data);
|
|
|
|
Auth::login($client);
|
|
|
|
// get new token
|
|
$tokenResult = $client->createToken('auth_token');
|
|
|
|
// return token in json response
|
|
return response()->json(['success' => ['token' => $tokenResult]], 200);
|
|
}
|
|
|
|
/**
|
|
* @OA\GET(
|
|
* path="/api/client",
|
|
* summary=" - Get user",
|
|
* tags = {"Authorization"},
|
|
* security={
|
|
* {"bearerAuth": {}}
|
|
* },
|
|
* @OA\Response(
|
|
* response="200",
|
|
* description="OK"
|
|
* ),
|
|
* @OA\Response(
|
|
* response="401",
|
|
* description="Unauthorized"
|
|
* )
|
|
* )
|
|
*/
|
|
public function client(Request $request) {
|
|
$user = $request->user();
|
|
if($user){
|
|
return response()->json($request->user(),200);
|
|
}
|
|
return response()->json([
|
|
'message' => 'token_expired'
|
|
], 401);
|
|
}
|
|
|
|
/**
|
|
* @OA\POST(
|
|
* path="/api/logout",
|
|
* summary=" - Logout user",
|
|
* tags = {"Authorization"},
|
|
* security={
|
|
* {"bearerAuth": {}}
|
|
* },
|
|
* @OA\Response(
|
|
* response="200",
|
|
* description="OK"
|
|
* ),
|
|
* @OA\Response(
|
|
* response="401",
|
|
* description="Unauthorized"
|
|
* )
|
|
* )
|
|
*/
|
|
public function logout(Request $request) {
|
|
// Revoke the token that was used to authenticate the current request
|
|
$request->user()->currentAccessToken()->delete();
|
|
//$request->user->tokens()->delete(); // use this to revoke all tokens (logout from all devices)
|
|
return response()->json([
|
|
'message' => 'ok'
|
|
], 200);
|
|
}
|
|
|
|
/**
|
|
* @OA\POST(
|
|
* path="/api/forgot-password",
|
|
* summary=" - Send a user password reset link",
|
|
* tags = {"Authorization"},
|
|
* @OA\RequestBody(
|
|
* @OA\MediaType(
|
|
* mediaType="application/json",
|
|
* @OA\Schema(
|
|
* @OA\Property(
|
|
* property="email",
|
|
* type="string",
|
|
* ),
|
|
* example={"email": "ilmedovamahri@gmail.com"}
|
|
* )
|
|
* )
|
|
* ),
|
|
* @OA\Response(
|
|
* response="200",
|
|
* description="OK"
|
|
* )
|
|
* )
|
|
*/
|
|
public function sendPasswordResetLinkEmail(Request $request) {
|
|
$request->validate(['email' => 'required|email']);
|
|
|
|
$user = Client::where('email', $request->email)->first();
|
|
if (!$user) {
|
|
return back()->with('failed', 'Failed! email is not registered.');
|
|
}
|
|
|
|
$token = Str::random(60);
|
|
|
|
$user['token'] = $token;
|
|
$user['is_verified'] = 0;
|
|
$user->save();
|
|
|
|
Mail::to($request->email)->send(new ResetPassword($user->name, $token));
|
|
|
|
return response()->json([
|
|
'message' => 'OK'
|
|
], 200);
|
|
}
|
|
|
|
//password reset link redirection from email
|
|
public function forgotPasswordValidate($token){
|
|
$user = Client::where('token', $token)->where('is_verified', 0)->first();
|
|
if ($user) {
|
|
$email = $user->email;
|
|
return view('auth.change-password', compact('email'));
|
|
}
|
|
return response()->json([
|
|
'message' => 'token_expired'
|
|
], 419);
|
|
}
|
|
|
|
//update password - WEB
|
|
public function updatePassword(Request $request) {
|
|
$this->validate($request, [
|
|
'email' => 'required',
|
|
'password' => 'required|min:6',
|
|
'confirm_password' => 'required|same:password'
|
|
]);
|
|
|
|
$user = Client::where('email', $request->email)->first();
|
|
if ($user) {
|
|
$user['is_verified'] = 0;
|
|
$user['token'] = '';
|
|
$user['password'] = Hash::make($request->password);
|
|
$user->save();
|
|
return response()->json([
|
|
'message' => 'OK'
|
|
], 200);
|
|
}
|
|
return response()->json([
|
|
'message' => 'not_found'
|
|
], 404);
|
|
}
|
|
|
|
}
|