some change in auth method, add verification link, document auth methods

app/Http/Controllers/AuthController.php

@@ -20,11 +20,22 @@ use Symfony\Component\HttpFoundation\Response;
 
 class AuthController extends Controller
 {
+    /**
+     * Redirect user to google auth procedure
+     *
+     * @return mixed
+     */
     public function redirectToGoogle()
     {
         return Socialite::driver('google')->stateless()->redirect();
     }
 
+    /**
+     * Complete user authenticated when return from google auth
+     *
+     * @param Request $request
+     * @return \Illuminate\Contracts\Foundation\Application|\Illuminate\Http\RedirectResponse|\Illuminate\Routing\Redirector
+     */
     public function handleGoogleCallback(Request $request)
     {
         try {
@@ -55,6 +66,13 @@ class AuthController extends Controller
         }
     }
 
+    /**
+     * Check email for guidance user state in the app
+     *
+     * @param Request $request
+     * @return JsonResponse
+     * @throws \Illuminate\Validation\ValidationException
+     */
     public function emailChecking(Request $request)
     {
         $this->validate($request, [
@@ -66,29 +84,42 @@ class AuthController extends Controller
         if ($user && $user->has_password) {
             // email exists in db
             // user before set a password
-            return response()->json(['message' => 'User exists must be login'], 200);
+            return response()->json(['message' => 'user.exists'], 200);
         }
 
         if ($user && !$user->has_password) {
             // email exists in db
             // user hasn't password (we set password for user)
             $this->sendVerification($request->email, 'google');
-            return response()->json(['message' => 'Send email for validation'], 200);
+            return response()->json(['message' => 'google'], 200);
         }
 
-        if (Cache::has($request->email)) {
-            // email exists in cache
-            $this->sendVerification($request->email, Cache::get($request->email)['type']);
-            return response()->json(['message' => 'Send email for validation'], 200);
-        }
-
-        if (!$user && !Cache::has($request->email)) {
-            // user not exists in db and cache
+        if (!$user) {
+            // user not exists in db
             $this->sendVerification($request->email, 'register');
-            return response()->json(['message' => 'Send email for validation'], 200);
+            return response()->json(['message' => 'register'], 200);
         }
+
+//        if (Cache::has($request->email)) {
+//            // email exists in cache
+//            $this->sendVerification($request->email, Cache::get($request->email)['type']);
+//            return response()->json(['message' => 'Send email for validation'], 200);
+//        }
+//
+//        if (!$user && !Cache::has($request->email)) {
+//            // user not exists in db and cache
+//            $this->sendVerification($request->email, 'register');
+//            return response()->json(['message' => 'Send email for validation'], 200);
+//        }
     }
 
+    /**
+     * Login existing user and notify him/her when login from new device
+     *
+     * @param Request $request
+     * @return array|JsonResponse
+     * @throws \Illuminate\Validation\ValidationException
+     */
     public function login(Request $request)
     {
         // todo: Logging in from a new device will result in sending a notification
@@ -116,6 +147,14 @@ class AuthController extends Controller
         ], Response::HTTP_NOT_FOUND);
     }
 
+    /**
+     * Verify link When user click on verification link that before send for user
+     * In this case user before login with google and now haven't password
+     *
+     * @param Request $request
+     * @return array
+     * @throws \Illuminate\Validation\ValidationException
+     */
     public function verification(Request $request)
     {
         $this->validate($request, [
@@ -134,6 +173,13 @@ class AuthController extends Controller
 
     }
 
+    /**
+     * Send verification email for user
+     * Used by method in this class
+     *
+     * @param $email
+     * @param $type
+     */
     public function sendVerification($email, $type)
     {
         $signature = Str::random(30);
@@ -152,6 +198,14 @@ class AuthController extends Controller
         ]));
     }
 
+    /**
+     * This function used by some method in this class for check validation of signature
+     *
+     * @param $email
+     * @param $type
+     * @param $signature
+     * @return JsonResponse
+     */
     public function checkValidation($email, $type, $signature)
     {
         if (!Cache::has($email) || Cache::get($email)['type'] !== $type || Cache::get($email)['signature'] != $signature)
@@ -161,6 +215,13 @@ class AuthController extends Controller
         Cache::forget($email);
     }
 
+    /**
+     * User request for forget password if before exists we send email for user
+     *
+     * @param Request $request
+     * @return JsonResponse
+     * @throws \Illuminate\Validation\ValidationException
+     */
     public function forgetPassword(Request $request)
     {
         $this->validate($request, [
@@ -172,6 +233,13 @@ class AuthController extends Controller
         return response()->json(['message' => 'Send email for validation'], 200);
     }
 
+    /**
+     * If user verified in this step we update user password
+     *
+     * @param Request $request
+     * @return JsonResponse
+     * @throws \Illuminate\Validation\ValidationException
+     */
     public function updatePassword(Request $request)
     {
         $this->validate($request, [
@@ -189,13 +257,20 @@ class AuthController extends Controller
             'has_password' => true
         ]);
 
-        Auth::setUser($user);
-
-        $this->createFingerPrint();
+//        Auth::setUser($user);
+//
+//        $this->createFingerPrint();
 
         return response()->json(['message' => 'Update successfully you must be login.'], 200);
     }
 
+    /**
+     * If user verified we register user and login user
+     *
+     * @param Request $request
+     * @return array
+     * @throws \Illuminate\Validation\ValidationException
+     */
     public function register(Request $request)
     {
         $this->validate($request, [
@@ -216,11 +291,19 @@ class AuthController extends Controller
 
         Auth::setUser($user);
 
-        $this->createFingerPrint();
-
-        return response()->json(['message' => 'Register successfully you must be login.'], 200);
+        return [
+            'auth' => $this->createFingerPrint(),
+            'businesses' => Auth::user()->businesses->keyBy('id')->map(fn($b, $bid) => Business::info($bid))
+        ];
     }
 
+    /**
+     * Resend email for user (only one email per minute)
+     *
+     * @param Request $request
+     * @return JsonResponse
+     * @throws \Illuminate\Validation\ValidationException
+     */
     public function resendLink(Request $request)
     {
         $this->validate($request, [
@@ -239,6 +322,28 @@ class AuthController extends Controller
         abort(403);
     }
 
+    /**
+     * This function just used by front for checking validation of link whit signature
+     *
+     * @param $email
+     * @param $type
+     * @param $signature
+     * @return JsonResponse
+     */
+    public function linkVerification($email, $type, $signature)
+    {
+        if (!Cache::has($email) || Cache::get($email)['type'] !== $type || Cache::get($email)['signature'] != $signature)
+        {
+            abort(403, 'Validation failed');
+        }
+        return response()->json(['message' => 'Verified successfully. go on'], 200);
+    }
+
+    /**
+     * Create new token finger print when user login from new device or register
+     *
+     * @return mixed
+     */
     public function createFingerPrint()
     {
         $attributes = [
@@ -256,6 +361,12 @@ class AuthController extends Controller
         return Auth::user()->fingerprints()->firstOrCreate($attributes, $attributes + $values);
     }
 
+    /**
+     * Check user login from new device or not
+     * Used by some methode in this class
+     *
+     * @return mixed
+     */
     public function firstOrNot()
     {
         return Auth::user()->fingerprints()->where([
@@ -267,6 +378,11 @@ class AuthController extends Controller
         ])->exists();
     }
 
+    /**
+     * Send notification for user that login from new device
+     *
+     * @param $send
+     */
     public function loginNotif($send)
     {
         if ($send) {
@@ -281,11 +397,21 @@ class AuthController extends Controller
         }
     }
 
+    /**
+     * Return authenticated user
+     *
+     * @return UserResource
+     */
     public function auth()
     {
         return new UserResource(Auth::user());
     }
 
+    /**
+     * Return authenticated user with business info
+     *
+     * @return array
+     */
     public function authWithInfo()
     {
         return [
@@ -294,6 +420,13 @@ class AuthController extends Controller
         ];
     }
 
+    /**
+     * When user accept google fcm push notification, google grant token to user
+     * This token save in user finger print for push notification
+     *
+     * @param Request $request
+     * @return array
+     */
     public function updateFcmToken(Request $request)
     {
         Auth::user()->fingerprints()->where(

routes/api.php

@@ -33,6 +33,7 @@ $router->group(['prefix' => 'auth'], function () use ($router) {
     $router->post('verification', 'AuthController@verification')->name('verification');
 
     $router->post('resend', 'AuthController@resendLink')->middleware('throttle:1'); // one request per min
+    $router->post('link-verification', 'AuthController@linkVerification');
 
     $router->get('google/redirect', 'AuthController@redirectToGoogle')->name('google.redirect');
     $router->get('google/callback', 'AuthController@handleGoogleCallback')->name('google.callback');