TPS
/
birzha-legalizasia
5
0
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Wiki Activity
birzha-legalizasia/app/Http/Controllers/AuthController.php

499 lines
15 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Controllers;
use App\Http\Requests\API\LoginRequest;
use App\Http\Requests\API\RegisterRequest;
use App\Http\Requests\API\UpdateClientRequest;
use App\Http\Resources\ClientResource;
use App\Mail\EmailVerification;
use App\Mail\ResetPassword;
use App\Models\Client;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\Config;
/**
* @OA\Info(
* title="Legalization API",
* version="1.0.0"
* )
* @OA\SecurityScheme(
* securityScheme="bearerAuth",
* in="header",
* name="bearerAuth",
* type="http",
* scheme="bearer",
* bearerFormat="JWT",
* ),
*/
//controller where all auth process for client happens
class AuthController extends Controller
{
// protected $maxAttempts = 5;
// protected $decayMinutes = 30;
// /**
// * Get the maximum number of attempts to allow.
// *
// * @return int
// */
// public function maxAttempts()
// {
// return property_exists($this, 'maxAttempts') ? $this->maxAttempts : 5;
// }
// /**
// * Get the number of minutes to throttle for.
// *
// * @return int
// */
// public function decayMinutes()
// {
// return property_exists($this, 'decayMinutes') ? $this->decayMinutes : 1;
// }
/**
* @OA\POST(
* path="/api/login",
* summary=" - Login user",
* tags = {"Authorization"},
*
* @OA\RequestBody(
* @OA\MediaType(
* mediaType="application/json",
* @OA\Schema(
* @OA\Property(
* property="email",
* type="string",
* ),
* @OA\Property(
* property="password",
* type="string",
* ),
* example={"email": "ilmedovamahri@gmail.com", "password": 12345678}
* )
* )
* ),
* @OA\Response(
* response="200",
* description="OK",
* @OA\JsonContent(type="object")
* ),
* @OA\Response(
* response="401",
* description="Unauthorized",
* @OA\JsonContent(type="object")
* )
* )
*/
public function login(LoginRequest $request){
$client = Client::where('email', $request->input('email'))->first();
if($client){
if (!Hash::check(request()->password, $client->password)){
return response()->json([
'message' => 'Unauthorized'
], 401);
}
$credentials = $request->only('email', 'password');
Auth::attempt($credentials);
//Auth::login($client);
$client->tokens()->delete();
$client->token = $client->createToken('auth_token')->plainTextToken;
return ClientResource::make($client);
}
return response()->json(['message' => 'email not found'], 404);
}
/**
* @OA\POST(
* path="/api/register",
* summary=" - Register user",
* tags = {"Authorization"},
* @OA\RequestBody(
* @OA\MediaType(
* mediaType="application/json",
* @OA\Schema(
* @OA\Property(
* property="firstname",
* type="string",
* ),
* @OA\Property(
* property="lastname",
* type="string",
* ),
* @OA\Property(
* property="email",
* type="string",
* ),
* @OA\Property(
* property="password",
* type="string",
* ),
*
* example={"firstname":"Mahri", "lastname":"Ilmedova" ,"email": "ilmedovamahri@gmail.com", "password": 12345678}
* )
* )
* ),
* @OA\Response(
* response="201",
* description="OK",
* @OA\JsonContent(
* type="object",
* @OA\Property(property="token", type="string"),
* @OA\Property(property="client", type="object",
* @OA\Property(property="id", type="integer"),
* @OA\Property(property="firstname", type="string"),
* @OA\Property(property="lastname", type="string"),
* @OA\Property(property="email", type="string"),
* @OA\Property(property="is_verified", type="boolean"),
* )
* )
* ),
* @OA\Response(
* response="422",
* description="Validation Error",
* @OA\JsonContent(type="object",
* @OA\Property(property="message", type="string"),
* @OA\Property(property="errors", type="object"),
* )
* )
* )
*/
public function register(RegisterRequest $request){
$data = $request->only(['email','firstname','lastname']);
$data['password'] = Hash::make($request->input('password'));
$email_verification = (bool) Config::get('settings.email_verification');
$data['is_verified'] = ! $email_verification;
$data['verification_token'] = rand(10000, 99999);
$client = Client::create($data);
if($email_verification)
{
Mail::to($request->email)->queue(new EmailVerification($request->firstname, $client->verification_token));
}
else{
Auth::login($client);
$client->token = $client->createToken('auth_token')->plainTextToken;
}
return ClientResource::make($client);
}
/**
* @OA\POST(
* path="/api/verify-email",
* summary=" - Verify email of client",
* tags = {"Authorization"},
* @OA\RequestBody(
* @OA\MediaType(
* mediaType="application/json",
* @OA\Schema(
* @OA\Property(
* property="email",
* type="string",
* ),
* @OA\Property(
* property="token",
* type="string",
* ),
* example={"email": "ilmedovamahri@gmail.com", "token": "4515"}
* )
* )
* ),
* @OA\Response(
* response="200",
* description="OK"
* ),
* @OA\Response(
* response="400",
* description="Missing fields (email or token)"
* ),
* @OA\Response(
* response="404",
* description="Client not found"
* ),
* @OA\Response(
* response="401",
* description="Unauthorised. Tokens do not match"
* )
* )
*/
public function verifyEmail(Request $request){
$request->validate([
'email' => 'required|email',
'token' => 'required'
]);
$client = Client::where('email', $request->email)->first();
if($client){
if($client->verification_token === $request->token){
$client->is_verified = 1;
$client->save();
Auth::login($client);
$client->token = $client->createToken('auth_token')->plainTextToken;
return ClientResource::make($client);
}
else{
return response()->json(['message' => 'tokens don\'t match'], 401);
}
}
else{
return response()->json([
'message' => 'no such client'
], 404);
}
}
/**
* @OA\GET(
* path="/api/client",
* summary=" - Get user",
* tags = {"Authorization"},
* security={
* {"bearerAuth": {}}
* },
* @OA\Response(
* response="200",
* description="OK"
* ),
* @OA\Response(
* response="401",
* description="Unauthorized"
* )
* )
*/
public function client(Request $request) {
if($client = $request->user()){
return ClientResource::make($client);
}
return response()->json([
'message' => 'token_expired'
], 401);
}
/**
* @OA\POST(
* path="/api/logout",
* summary=" - Logout user",
* tags = {"Authorization"},
* security={
* {"bearerAuth": {}}
* },
* @OA\Response(
* response="200",
* description="OK"
* ),
* @OA\Response(
* response="401",
* description="Unauthorized"
* )
* )
*/
public function logout(Request $request) {
$request->user()->currentAccessToken()->delete();
return response()->json([
'message' => 'ok'
], 200);
}
/**
* @OA\POST(
* path="/api/forgot-password",
* summary=" - Send a user password reset link",
* tags = {"Authorization"},
* @OA\RequestBody(
* @OA\MediaType(
* mediaType="application/json",
* @OA\Schema(
* @OA\Property(
* property="email",
* type="string",
* ),
* example={"email": "ilmedovamahri@gmail.com"}
* )
* )
* ),
* @OA\Response(
* response="200",
* description="OK"
* )
* )
*/
public function sendPasswordResetLinkEmail(Request $request) {
try{
$request->validate(['email' => 'required|email']);
$user = Client::where('email', $request->email)->first();
if (!$user) {
return response()->json([
'message' => 'user with provided email not found'
], 404);
}
$token = rand(1000, 9999);
$user['verification_token'] = $token;
$user->save();
Mail::to($request->email)->queue(new ResetPassword($user->firstname, $token));
return response()->json([
'message' => 'sent reset code'
], 200);
}
catch(\Exception $e){
return response()->json([
'message' => $e->getMessage()
], 200);
}
}
/**
* @OA\POST(
* path="/api/reset-password",
* summary=" - Reset client password and enter new",
* tags = {"Authorization"},
* @OA\RequestBody(
* @OA\MediaType(
* mediaType="application/json",
* @OA\Schema(
* @OA\Property(
* property="email",
* type="string",
* ),
* @OA\Property(
* property="token",
* type="string",
* ),
* @OA\Property(
* property="password",
* type="string",
* ),
* @OA\Property(
* property="confirm_password",
* type="string",
* ),
* example={"email": "ilmedovamahri@gmail.com", "token":"2546", "password":"Hello001!", "confirm_password":"Hello001!"}
* )
* )
* ),
* @OA\Response(
* response="200",
* description="OK"
* )
* )
*/
public function updatePassword(Request $request) {
try{
$this->validate($request, [
'token' => 'required',
'email' => 'required|email',
'password' => 'required',
'confirm_password' => 'required|same:password'
]);
$user = Client::where('email', $request->email)->first();
if($user && $request->token == $user->token){
$user['password'] = Hash::make($request->password);
$user->save();
return response()->json([
'message' => 'OK'
], 200);
}
return response()->json([
'message' => 'not_found'
], 404);
}
catch(\Exception $e){
return response()->json([
'message' => $e->getMessage()
], 500);
}
}
/**
* @OA\POST(
* path="/api/update-client",
* summary=" - Update client account",
* tags = {"Authorization"},
* description = "Every field is required, except password. Password field is optional",
* security={
* {"bearerAuth": {}}
* },
* @OA\RequestBody(
* @OA\MediaType(
* mediaType="application/json",
* @OA\Schema(
* @OA\Property(
* property="firstname",
* type="string",
* ),
* @OA\Property(
* property="lastname",
* type="string",
* ),
* @OA\Property(
* property="password",
* type="string",
* ),
* example={"firstname":"Mahri","lastname":"Ilmedova","email": "ilmedovamahri@gmail.com", "password":"Hello001!"}
* )
* )
* ),
* @OA\Response(
* response="200",
* description="OK"
* )
* )
*/
public function updateClient(UpdateClientRequest $request){
$client = $request->user();
$data = $request->only('firstname', 'lastname', 'password');
if (!isset($data['password']) || !$data['password']) {
unset($data['password']);
}
else {
$data['password'] = bcrypt($data['password']);
}
if($client->fill($data)->save()){
return ClientResource::make($client);
}
return response()->json([
'message' => 'Your account has not been updated.',
],500);
}
}
Reference in New Issue View Git Blame Copy Permalink