|
|
<?php
namespace App\Http\Controllers;
use App\Models\User;use App\Models\Business;use App\Models\Fingerprint;use Illuminate\Support\Str;use Illuminate\Http\Request;use Illuminate\Validation\Rule;use Illuminate\Http\JsonResponse;use App\Http\Resources\UserResource;use Illuminate\Support\Facades\Auth;use Illuminate\Support\Facades\Hash;use Illuminate\Support\Facades\Cache;use Laravel\Lumen\Routing\Controller;use Laravel\Socialite\Facades\Socialite;use Illuminate\Session\TokenMismatchException;use Symfony\Component\HttpFoundation\Response;
class AuthController extends Controller{ public function redirectToGoogle() { return Socialite::driver('google')->stateless()->redirect(); }
public function handleGoogleCallback(Request $request) { try {
$user = Socialite::driver('google')->stateless()->user(); $find_user = User::where('email', $user->email)->first();
if ($find_user) {
$find_user->update([ 'active' => true ]);
Auth::setUser($find_user);
} else {
$user = User::create($user->user + [ 'password' => Hash::make('google-login-user'), 'username' => $user->email, 'active' => true ]);
Auth::setUser($user);
} $finger_print = $this->createFingerPrint(); return redirect('http://localhost:3000/login?token='.$finger_print->token);
} catch (Exception $e) { dd($e->getMessage()); } }
public function login(Request $request) { // todo: Logging in from a new device will result in sending a notification
$this->validate($request, [ 'email' => 'required|email|exists:users,email', 'password' => 'required|string|min:6' ]);
$user = User::where('email', $request->email)->first(); if ($user && Hash::check($request->password, $user->password)) { Auth::setUser($user);
return [ 'auth' => $this->createFingerPrint(), 'businesses' => Auth::user()->businesses->keyBy('id')->map(fn($b, $bid) => Business::info($bid)) ]; }
return new JsonResponse([ 'message' => trans('auth.failed'), 'status' => Response::HTTP_NOT_FOUND, ], Response::HTTP_NOT_FOUND); }
public function register(Request $request) { $this->validate($request, [ 'name' => 'required|string|max:225|min:2', 'username' => ['required', Rule::unique('users', 'username')], 'email' => ['required', 'email', Rule::unique('users', 'email')], 'password' => 'required|string|min:8' ]);
$request->merge(['password' => Hash::make($request->password)]);
$code_data = ['verification_code' => $this->sendVerificationCode()]; $method_data = ['method' => 'registerMain'];
Cache::put($request->email, $request->all() + $code_data + $method_data, 3600); // remain one hour
return \response()->json([ 'message' => 'Code send for user and user must be verified.'], Response::HTTP_OK);
}
public function registerMain($user_info) { $user = User::create($user_info);
Auth::setUser($user);
return $this->createFingerPrint(); }
public function sendVerificationCode($contact_way = null) { $verification_code = 1234; // rand(10001, 99999)
//send code for user with contact way
return $verification_code; }
public function verification(Request $request) { if (!Cache::has($request->email)) { return \response()->json(['message' => 'Code expired.'], Response::HTTP_BAD_REQUEST); }
$user_info = Cache::get($request->email);
$this->validate($request, [ 'email' => 'required|email', 'verification_code' => 'required|string|min:4|max:4|in:'.$user_info['verification_code'] ]);
Cache::forget($request->email);
return isset($user_info['method']) ? call_user_func('self::'.$user_info['method'], $user_info) : \response()->json(['message' => 'Code verified successfully.'], Response::HTTP_OK,); }
public function forgetPassword(Request $request) { $this->validate($request, [ 'email' => 'required|email|exists:users,email' ]);
$code_data = ['verification_code' => $this->sendVerificationCode()];
Cache::put($request->email, $request->all() + $code_data, 3600); // remain one hour
return \response()->json([ 'message' => 'Code send for user and user must be verified.'], Response::HTTP_OK); }
public function updatePassword(Request $request) { if (!Cache::has($request->email)) { return \response()->json(['message' => 'Code expired.'], Response::HTTP_BAD_REQUEST); }
$this->validate($request, [ 'email' => 'required|email', 'password' => 'required|string|min:8|confirmed', 'verification_code' => 'required|string|min:4|max:4|in:'.Cache::get($request->email)['verification_code'] ]);
$user = User::where('email', $request->email)->first();
$user->update([ 'password' => Hash::make($request->password) ]);
Auth::setUser($user);
return $this->createFingerPrint(); }
/** * @param Request $request * @return mixed * @throws TokenMismatchException */ public function logout(Request $request) { $token = $request->bearerToken();
if (blank($token)) { return new JsonResponse([ 'message' => 'Not authorized request.', 'status' => Response::HTTP_UNAUTHORIZED ]); }
/** @var Fingerprint $token */ $token = Auth::user()->fingerprints()->firstWhere([ 'token' => $token, ]);
if ($token) { return $token->delete(); }
throw new TokenMismatchException('Invalid token!'); }
/** * @param string $token * @throws TokenMismatchException */ public function revoke(string $token) { /** @var Fingerprint $token */ $token = Fingerprint::firstWhere([ 'token' => $token, ]);
if ($token) { return $token->delete(); }
throw new TokenMismatchException(); }
public function auth() { return new UserResource(Auth::user()); }
public function authWithInfo() { return [ 'auth' => new UserResource(Auth::user()), 'businesses' => Auth::user()->businesses->keyBy('id') ->map(fn($b, $bid) => Business::info($bid)) ]; }
public function delete(Request $request) { Auth::user()->fingerprints()->delete(); unset(Auth::user()->token); Auth::user()->delete();
return 'success'; }
public function createFingerPrint() { $attributes = [ 'agent' => request()->getAgent(), 'ip' => request()->getClientIp(), 'os' => request()->getOS(), 'latitude' => \request()->getLocation()->getAttribute('lat'), 'longitude' => \request()->getLocation()->getAttribute('lon'), ];
$values = [ 'token' => Str::random(60) ];
return Auth::user()->fingerprints()->firstOrCreate($attributes, $attributes + $values); }}
|
