203 lines
5.5 KiB
PHP
203 lines
5.5 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Models\User;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Support\Facades\Hash;
|
|
|
|
class AuthController extends Controller
|
|
{
|
|
/**
|
|
* Register a new user
|
|
*
|
|
* @param Request $request
|
|
* @return JsonResponse
|
|
*/
|
|
public function register(Request $request): JsonResponse
|
|
{
|
|
$request->validate([
|
|
'name' => 'required|string|max:255',
|
|
'email' => 'required|string|email|max:255|unique:users',
|
|
'password' => 'required|string|min:8',
|
|
]);
|
|
|
|
$user = User::create([
|
|
'name' => $request->name,
|
|
'email' => $request->email,
|
|
'password' => Hash::make($request->password),
|
|
]);
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'message' => 'User created successfully',
|
|
'data' => $user
|
|
], 201);
|
|
}
|
|
|
|
public function getAllUsers(Request $request): JsonResponse
|
|
{
|
|
$user = $request->user();
|
|
|
|
// Optional: Ensure only users with 'admin' ability can access this
|
|
if (!$user || !$request->user()->tokenCan('admin')) {
|
|
return response()->json([
|
|
'success' => false,
|
|
'message' => 'Unauthorized'
|
|
], 403);
|
|
}
|
|
|
|
$users = User::all();
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'data' => $users
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Login and generate token
|
|
*
|
|
* @param Request $request
|
|
* @return JsonResponse
|
|
*/
|
|
public function login(Request $request): JsonResponse
|
|
{
|
|
$request->headers->set('Accept', 'application/json');
|
|
|
|
$request->validate([
|
|
'email' => 'required|email',
|
|
'password' => 'required',
|
|
'device_name' => 'nullable|string',
|
|
]);
|
|
|
|
$user = User::where('email', $request->email)->first();
|
|
|
|
if (!$user || !Hash::check($request->password, $user->password)) {
|
|
return response()->json([
|
|
'success' => false,
|
|
'message' => 'Invalid credentials',
|
|
], 401);
|
|
}
|
|
|
|
// Delete existing tokens for the same device name
|
|
if ($request->device_name) {
|
|
$user->tokens()->where('name', $request->device_name)->delete();
|
|
}
|
|
|
|
// All users will get the same 'admin' ability (since dashboard is admin-only)
|
|
$token = $user->createToken($request->device_name ?? 'api_token', ['admin']);
|
|
|
|
$tokenExpiration = null;
|
|
$expirationMinutes = config('sanctum.expiration');
|
|
if ($expirationMinutes) {
|
|
$tokenExpiration = now()->addMinutes($expirationMinutes)->toDateTimeString();
|
|
}
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'message' => 'User signed in successfully',
|
|
'token' => $token->plainTextToken,
|
|
'token_type' => 'Bearer',
|
|
'expires_at' => $tokenExpiration,
|
|
'user' => [
|
|
'id' => $user->id,
|
|
'name' => $user->name,
|
|
'email' => $user->email,
|
|
'abilities' => ['admin']
|
|
]
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Update authenticated user's account
|
|
*
|
|
* @param Request $request
|
|
* @return JsonResponse
|
|
*/
|
|
public function update(Request $request)
|
|
{
|
|
$user = $request->user();
|
|
|
|
// Validate incoming request
|
|
$request->validate([
|
|
'name' => 'required|string|max:255',
|
|
'email' => 'required|email|unique:users,email,' . $user->id,
|
|
'current_password' => 'required|string',
|
|
'password' => 'nullable|string|confirmed|min:6',
|
|
]);
|
|
|
|
// Check if current password is correct
|
|
if (!\Hash::check($request->current_password, $user->password)) {
|
|
return response()->json([
|
|
'success' => false,
|
|
'message' => 'Current password is incorrect',
|
|
], 422);
|
|
}
|
|
|
|
// Update user data
|
|
$user->name = $request->name;
|
|
$user->email = $request->email;
|
|
|
|
if ($request->filled('password')) {
|
|
$user->password = bcrypt($request->password);
|
|
}
|
|
|
|
$user->save();
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'message' => 'Account updated successfully',
|
|
'user' => $user,
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Logout (revoke token)
|
|
*
|
|
* @param Request $request
|
|
* @return JsonResponse
|
|
*/
|
|
public function logout(Request $request): JsonResponse
|
|
{
|
|
$request->user()->currentAccessToken()->delete();
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'message' => 'Logged out successfully'
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Get the authenticated user
|
|
*
|
|
* @param Request $request
|
|
* @return JsonResponse
|
|
*/
|
|
public function me(Request $request): JsonResponse
|
|
{
|
|
$user = $request->user();
|
|
|
|
if (!$user) {
|
|
return response()->json([
|
|
'success' => false,
|
|
'message' => 'User not authenticated',
|
|
], 401);
|
|
}
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'data' => [
|
|
'user' => [
|
|
'id' => $user->id,
|
|
'name' => $user->name,
|
|
'email' => $user->email,
|
|
],
|
|
'abilities' => $request->user()->currentAccessToken()?->abilities ?? [],
|
|
]
|
|
]);
|
|
}
|
|
|
|
}
|