$request->input('name') ?? $request->input('username'), 'email' => $request->input('email'), 'password' => $request->input('password') ?? $request->input('plainPassword'), 'password_confirmation' => $request->input('password_confirmation') ?? $request->input('plainPassword'), ]; $user = $creator->create($input); $user->sendEmailVerificationNotification(); return response()->json([ 'user_id' => $user->id, 'email' => $user->email, 'message' => 'Verification email sent.', ]); } public function login(Request $request): JsonResponse { $request->validate([ 'email' => ['required', 'email'], 'password' => ['required', 'string'], ]); $user = User::where('email', $request->input('email'))->first(); if (!$user || !Hash::check($request->input('password'), $user->password)) { throw ValidationException::withMessages([ 'email' => ['Invalid credentials.'], ]); } if (!$user->hasVerifiedEmail()) { return response()->json([ 'message' => 'Email not verified.', ], 403); } $token = $user->createToken('api')->plainTextToken; return response()->json([ 'token' => $token, 'user_id' => $user->id, 'email' => $user->email, 'roles' => $user->roles()->pluck('name')->values(), ]); } public function logout(Request $request): JsonResponse { $request->user()?->currentAccessToken()?->delete(); return response()->json(null, 204); } }