182 lines
5.6 KiB
PHP
182 lines
5.6 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Actions\Fortify\CreateNewUser;
|
|
use App\Actions\Fortify\PasswordValidationRules;
|
|
use App\Models\User;
|
|
use Illuminate\Auth\Events\Verified;
|
|
use Illuminate\Auth\Events\PasswordReset;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Http\RedirectResponse;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Illuminate\Support\Facades\Password;
|
|
use Illuminate\Support\Str;
|
|
use Illuminate\Validation\ValidationException;
|
|
|
|
class AuthController extends Controller
|
|
{
|
|
use PasswordValidationRules;
|
|
|
|
public function register(Request $request, CreateNewUser $creator): JsonResponse
|
|
{
|
|
$input = [
|
|
'name' => $request->input(key: 'name') ?? $request->input(key: 'username'),
|
|
'email' => $request->input(key: 'email'),
|
|
'password' => $request->input(key: 'password') ?? $request->input(key: 'plainPassword'),
|
|
'password_confirmation' => $request->input(key: 'password_confirmation')
|
|
?? $request->input(key: 'plainPassword'),
|
|
];
|
|
|
|
$user = $creator->create(input: $input);
|
|
|
|
$user->sendEmailVerificationNotification();
|
|
|
|
return response()->json(data: [
|
|
'user_id' => $user->id,
|
|
'email' => $user->email,
|
|
'message' => 'Verification email sent.',
|
|
]);
|
|
}
|
|
|
|
public function login(Request $request): JsonResponse
|
|
{
|
|
$request->merge(input: [
|
|
'login' => $request->input(key: 'login', default: $request->input(key: 'email')),
|
|
]);
|
|
|
|
$request->validate(rules: [
|
|
'login' => ['required', 'string'],
|
|
'password' => ['required', 'string'],
|
|
]);
|
|
|
|
$login = trim(string: (string) $request->input(key: 'login'));
|
|
$loginNormalized = Str::lower(value: $login);
|
|
$userQuery = User::query();
|
|
|
|
if (filter_var(value: $login, filter: FILTER_VALIDATE_EMAIL)) {
|
|
$userQuery->whereRaw(sql: 'lower(email) = ?', bindings: [$loginNormalized]);
|
|
} else {
|
|
$userQuery->where(column: 'name_canonical', operator: $loginNormalized);
|
|
}
|
|
|
|
$user = $userQuery->first();
|
|
|
|
if (!$user || !Hash::check(value: $request->input(key: 'password'), hashedValue: $user->password)) {
|
|
throw ValidationException::withMessages(messages: [
|
|
'login' => ['Invalid credentials.'],
|
|
]);
|
|
}
|
|
|
|
if (!$user->hasVerifiedEmail()) {
|
|
return response()->json(data : [
|
|
'message' => 'Email not verified.',
|
|
], status: 403);
|
|
}
|
|
|
|
$token = $user->createToken(name: 'api')->plainTextToken;
|
|
|
|
return response()->json(data: [
|
|
'token' => $token,
|
|
'user_id' => $user->id,
|
|
'email' => $user->email,
|
|
'roles' => $user->roles()->pluck(column: 'name')->values(),
|
|
]);
|
|
}
|
|
|
|
public function verifyEmail(Request $request, string $id, string $hash): RedirectResponse
|
|
{
|
|
$user = User::findOrFail($id);
|
|
|
|
if (!hash_equals(known_string: $hash, user_string: sha1(string: $user->getEmailForVerification()))) {
|
|
abort(code: 403);
|
|
}
|
|
|
|
if (!$user->hasVerifiedEmail()) {
|
|
$user->markEmailAsVerified();
|
|
event(new Verified(user: $user));
|
|
}
|
|
|
|
return redirect('/login');
|
|
}
|
|
|
|
public function forgotPassword(Request $request): JsonResponse
|
|
{
|
|
$request->validate([
|
|
'email' => ['required', 'email'],
|
|
]);
|
|
|
|
$status = Password::sendResetLink(
|
|
$request->only('email')
|
|
);
|
|
|
|
if ($status !== Password::RESET_LINK_SENT) {
|
|
throw ValidationException::withMessages([
|
|
'email' => [__($status)],
|
|
]);
|
|
}
|
|
|
|
return response()->json(['message' => __($status)]);
|
|
}
|
|
|
|
public function resetPassword(Request $request): JsonResponse
|
|
{
|
|
$request->validate([
|
|
'token' => ['required'],
|
|
'email' => ['required', 'email'],
|
|
'password' => $this->passwordRules(),
|
|
]);
|
|
|
|
$status = Password::reset(
|
|
$request->only('email', 'password', 'password_confirmation', 'token'),
|
|
function (User $user, string $password) {
|
|
$user->forceFill([
|
|
'password' => Hash::make($password),
|
|
'remember_token' => Str::random(60),
|
|
])->save();
|
|
|
|
event(new PasswordReset($user));
|
|
}
|
|
);
|
|
|
|
if ($status !== Password::PASSWORD_RESET) {
|
|
throw ValidationException::withMessages([
|
|
'email' => [__($status)],
|
|
]);
|
|
}
|
|
|
|
return response()->json(['message' => __($status)]);
|
|
}
|
|
|
|
public function updatePassword(Request $request): JsonResponse
|
|
{
|
|
$request->validate([
|
|
'current_password' => ['required'],
|
|
'password' => $this->passwordRules(),
|
|
]);
|
|
|
|
$user = $request->user();
|
|
|
|
if (!$user || !Hash::check($request->input('current_password'), $user->password)) {
|
|
throw ValidationException::withMessages([
|
|
'current_password' => ['Invalid current password.'],
|
|
]);
|
|
}
|
|
|
|
$user->forceFill([
|
|
'password' => Hash::make($request->input('password')),
|
|
'remember_token' => Str::random(60),
|
|
])->save();
|
|
|
|
return response()->json(['message' => 'Password updated.']);
|
|
}
|
|
|
|
public function logout(Request $request): JsonResponse
|
|
{
|
|
$request->user()?->currentAccessToken()?->delete();
|
|
|
|
return response()->json(null, 204);
|
|
}
|
|
}
|