first commit
This commit is contained in:
@@ -0,0 +1,88 @@
|
||||
<?php
|
||||
|
||||
namespace Vanguard\Http\Controllers\Api\Auth;
|
||||
|
||||
use Illuminate\Contracts\Container\BindingResolutionException;
|
||||
use Illuminate\Http\JsonResponse;
|
||||
use Illuminate\Http\Response;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
use Illuminate\Validation\ValidationException;
|
||||
use Vanguard\Events\User\LoggedIn;
|
||||
use Vanguard\Events\User\LoggedOut;
|
||||
use Vanguard\Http\Controllers\Api\ApiController;
|
||||
use Vanguard\Http\Requests\Auth\ApiLoginRequest;
|
||||
use Vanguard\User;
|
||||
|
||||
/**
|
||||
* Class LoginController
|
||||
* @package Vanguard\Http\Controllers\Api\Auth
|
||||
*/
|
||||
class AuthController extends ApiController
|
||||
{
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware('guest')->only('login');
|
||||
$this->middleware('auth')->only('logout');
|
||||
}
|
||||
|
||||
/**
|
||||
* Attempt to log the user in and generate unique
|
||||
* JWT token on successful authentication.
|
||||
*
|
||||
* @param ApiLoginRequest $request
|
||||
* @return JsonResponse|Response
|
||||
* @throws BindingResolutionException
|
||||
* @throws ValidationException
|
||||
*/
|
||||
public function token(ApiLoginRequest $request)
|
||||
{
|
||||
$user = $this->findUser($request);
|
||||
|
||||
if ($user->isBanned()) {
|
||||
return $this->errorUnauthorized(__('Your account is banned by administrators.'));
|
||||
}
|
||||
|
||||
Auth::setUser($user);
|
||||
|
||||
event(new LoggedIn);
|
||||
|
||||
return $this->respondWithArray([
|
||||
'token' => $user->createToken($request->device_name)->plainTextToken
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Find the user instance from the API request.
|
||||
*
|
||||
* @param ApiLoginRequest $request
|
||||
* @return mixed
|
||||
* @throws BindingResolutionException
|
||||
* @throws ValidationException
|
||||
*/
|
||||
private function findUser(ApiLoginRequest $request)
|
||||
{
|
||||
$user = User::where($request->getCredentials())->first();
|
||||
|
||||
if (! $user || ! Hash::check($request->password, $user->password)) {
|
||||
throw ValidationException::withMessages([
|
||||
'username' => [trans('auth.failed')],
|
||||
]);
|
||||
}
|
||||
|
||||
return $user;
|
||||
}
|
||||
|
||||
/**
|
||||
* Logout user and invalidate token.
|
||||
* @return JsonResponse
|
||||
*/
|
||||
public function logout()
|
||||
{
|
||||
event(new LoggedOut);
|
||||
|
||||
auth()->user()->currentAccessToken()->delete();
|
||||
|
||||
return $this->respondWithSuccess();
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,33 @@
|
||||
<?php
|
||||
|
||||
namespace Vanguard\Http\Controllers\Api\Auth\Password;
|
||||
|
||||
use Password;
|
||||
use Vanguard\Events\User\RequestedPasswordResetEmail;
|
||||
use Vanguard\Http\Controllers\Api\ApiController;
|
||||
use Vanguard\Http\Requests\Auth\PasswordRemindRequest;
|
||||
use Vanguard\Mail\ResetPassword;
|
||||
use Vanguard\Repositories\User\UserRepository;
|
||||
|
||||
class RemindController extends ApiController
|
||||
{
|
||||
/**
|
||||
* Send a reset link to the given user.
|
||||
*
|
||||
* @param PasswordRemindRequest $request
|
||||
* @param UserRepository $users
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
public function index(PasswordRemindRequest $request, UserRepository $users)
|
||||
{
|
||||
$user = $users->findByEmail($request->email);
|
||||
|
||||
$token = Password::getRepository()->create($user);
|
||||
|
||||
\Mail::to($user)->send(new ResetPassword($token));
|
||||
|
||||
event(new RequestedPasswordResetEmail($user));
|
||||
|
||||
return $this->respondWithSuccess();
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,48 @@
|
||||
<?php
|
||||
|
||||
namespace Vanguard\Http\Controllers\Api\Auth\Password;
|
||||
|
||||
use Illuminate\Auth\Events\PasswordReset;
|
||||
use Password;
|
||||
use Vanguard\Http\Controllers\Api\ApiController;
|
||||
use Vanguard\Http\Requests\Auth\PasswordResetRequest;
|
||||
|
||||
class ResetController extends ApiController
|
||||
{
|
||||
/**
|
||||
* Reset the given user's password.
|
||||
*
|
||||
* @param PasswordResetRequest $request
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
public function index(PasswordResetRequest $request)
|
||||
{
|
||||
$response = Password::reset($request->credentials(), function ($user, $password) {
|
||||
$this->resetPassword($user, $password);
|
||||
});
|
||||
|
||||
switch ($response) {
|
||||
case Password::PASSWORD_RESET:
|
||||
return $this->respondWithSuccess();
|
||||
|
||||
default:
|
||||
return $this->setStatusCode(400)
|
||||
->respondWithError(trans($response));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Reset the given user's password.
|
||||
*
|
||||
* @param \Illuminate\Contracts\Auth\CanResetPassword $user
|
||||
* @param string $password
|
||||
* @return void
|
||||
*/
|
||||
protected function resetPassword($user, $password)
|
||||
{
|
||||
$user->password = $password;
|
||||
$user->save();
|
||||
|
||||
event(new PasswordReset($user));
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,61 @@
|
||||
<?php
|
||||
|
||||
namespace Vanguard\Http\Controllers\Api\Auth;
|
||||
|
||||
use Illuminate\Auth\Events\Registered;
|
||||
use Vanguard\Http\Controllers\Api\ApiController;
|
||||
use Vanguard\Http\Requests\Auth\RegisterRequest;
|
||||
use Vanguard\Repositories\Role\RoleRepository;
|
||||
use Vanguard\Repositories\User\UserRepository;
|
||||
use Vanguard\Support\Enum\UserStatus;
|
||||
|
||||
class RegistrationController extends ApiController
|
||||
{
|
||||
public function __construct(private UserRepository $users, private RoleRepository $roles)
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* @param RegisterRequest $request
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
public function index(RegisterRequest $request)
|
||||
{
|
||||
$role = $this->roles->findByName('User');
|
||||
|
||||
$user = $this->users->create(
|
||||
array_merge($request->validFormData(), ['role_id' => $role->id])
|
||||
);
|
||||
|
||||
event(new Registered($user));
|
||||
|
||||
return $this->setStatusCode(201)
|
||||
->respondWithArray([
|
||||
'requires_email_confirmation' => !! setting('reg_email_confirmation')
|
||||
]);
|
||||
}
|
||||
|
||||
/**
|
||||
* Verify email via email confirmation token.
|
||||
* @param $token
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
public function verifyEmail($token)
|
||||
{
|
||||
if (! setting('reg_email_confirmation')) {
|
||||
return $this->errorNotFound();
|
||||
}
|
||||
|
||||
if ($user = $this->users->findByConfirmationToken($token)) {
|
||||
$this->users->update($user->id, [
|
||||
'status' => UserStatus::ACTIVE,
|
||||
'confirmation_token' => null
|
||||
]);
|
||||
|
||||
return $this->respondWithSuccess();
|
||||
}
|
||||
|
||||
return $this->setStatusCode(400)
|
||||
->respondWithError("Invalid confirmation token.");
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,53 @@
|
||||
<?php
|
||||
|
||||
namespace Vanguard\Http\Controllers\Api\Auth;
|
||||
|
||||
use Auth;
|
||||
use Exception;
|
||||
use Socialite;
|
||||
use Vanguard\Events\User\LoggedIn;
|
||||
use Vanguard\Http\Controllers\Api\ApiController;
|
||||
use Vanguard\Http\Requests\Auth\Social\ApiAuthenticateRequest;
|
||||
use Vanguard\Repositories\User\UserRepository;
|
||||
use Vanguard\Services\Auth\Social\SocialManager;
|
||||
|
||||
class SocialLoginController extends ApiController
|
||||
{
|
||||
public function __construct(private UserRepository $users, private SocialManager $socialManager)
|
||||
{
|
||||
}
|
||||
|
||||
public function index(ApiAuthenticateRequest $request)
|
||||
{
|
||||
try {
|
||||
$socialUser = Socialite::driver($request->network)->userFromToken($request->social_token);
|
||||
} catch (Exception $e) {
|
||||
return $this->errorInternalError("Could not connect to specified social network.");
|
||||
}
|
||||
|
||||
$user = $this->users->findBySocialId(
|
||||
$request->network,
|
||||
$socialUser->getId()
|
||||
);
|
||||
|
||||
if (! $user) {
|
||||
if (! setting('reg_enabled')) {
|
||||
return $this->errorForbidden("Only users who already created an account can log in.");
|
||||
}
|
||||
|
||||
$user = $this->socialManager->associate($socialUser, $request->network);
|
||||
}
|
||||
|
||||
if ($user->isBanned()) {
|
||||
return $this->errorForbidden(__("Your account is banned by administrators."));
|
||||
}
|
||||
|
||||
Auth::setUser($user);
|
||||
|
||||
event(new LoggedIn);
|
||||
|
||||
return $this->respondWithArray([
|
||||
'token' => $user->createToken($request->device_name)->plainTextToken
|
||||
]);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,104 @@
|
||||
<?php
|
||||
|
||||
namespace Vanguard\Http\Controllers\Api\Auth;
|
||||
|
||||
use Illuminate\Auth\Access\AuthorizationException;
|
||||
use Illuminate\Auth\Events\Verified;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Http\Response;
|
||||
use Illuminate\Routing\Exceptions\InvalidSignatureException;
|
||||
use Vanguard\Http\Controllers\Api\ApiController;
|
||||
use Vanguard\Http\Requests\Auth\ApiVerifyEmailRequest;
|
||||
|
||||
class VerificationController extends ApiController
|
||||
{
|
||||
/**
|
||||
* Create a new controller instance.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function __construct()
|
||||
{
|
||||
$this->middleware('throttle:6,1')->only('resend');
|
||||
}
|
||||
|
||||
/**
|
||||
* Mark the authenticated user's email address as verified.
|
||||
*
|
||||
* @param ApiVerifyEmailRequest $request
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*
|
||||
* @throws AuthorizationException
|
||||
*/
|
||||
public function verify(ApiVerifyEmailRequest $request)
|
||||
{
|
||||
if (! setting('reg_email_confirmation')) {
|
||||
return $this->errorNotFound();
|
||||
}
|
||||
|
||||
$this->verifySignature($request);
|
||||
|
||||
if ($request->user()->hasVerifiedEmail()) {
|
||||
return $this->emailAlreadyVerifiedResponse();
|
||||
}
|
||||
|
||||
if ($request->user()->markEmailAsVerified()) {
|
||||
event(new Verified($request->user()));
|
||||
}
|
||||
|
||||
return $this->respondWithSuccess();
|
||||
}
|
||||
|
||||
/**
|
||||
* Verify request signature.
|
||||
*
|
||||
* @param ApiVerifyEmailRequest $baseRequest
|
||||
* @throws AuthorizationException
|
||||
*/
|
||||
private function verifySignature(ApiVerifyEmailRequest $baseRequest)
|
||||
{
|
||||
$request = Request::create(
|
||||
route('verification.verify', $baseRequest->only('id', 'hash')),
|
||||
Request::METHOD_GET,
|
||||
$baseRequest->only('expires', 'signature')
|
||||
);
|
||||
|
||||
if (! $request->hasValidSignature()) {
|
||||
throw new InvalidSignatureException;
|
||||
}
|
||||
|
||||
if (! hash_equals((string) $baseRequest->id, (string) auth()->user()->getKey())) {
|
||||
throw new AuthorizationException;
|
||||
}
|
||||
|
||||
if (! hash_equals((string) $baseRequest->hash, sha1(auth()->user()->getEmailForVerification()))) {
|
||||
throw new AuthorizationException;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
protected function emailAlreadyVerifiedResponse()
|
||||
{
|
||||
return $this->setStatusCode(Response::HTTP_BAD_REQUEST)
|
||||
->respondWithError(__('E-Mail already verified.'));
|
||||
}
|
||||
|
||||
/**
|
||||
* Resend the email verification notification.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @return \Illuminate\Http\JsonResponse
|
||||
*/
|
||||
public function resend(Request $request)
|
||||
{
|
||||
if ($request->user()->hasVerifiedEmail()) {
|
||||
return $this->emailAlreadyVerifiedResponse();
|
||||
}
|
||||
|
||||
$request->user()->sendEmailVerificationNotification();
|
||||
|
||||
return $this->respondWithSuccess(Response::HTTP_ACCEPTED);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user