Custom Backend OSPRO Surveyor Indonesia
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

205 lines
6.0 KiB

<?php
namespace App\Http\Controllers;
use App\Models\Role;
use App\Models\User;
use App\Models\Company;
use Illuminate\Support\Str;
use Illuminate\Http\Request;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Password;
use Illuminate\Validation\ValidationException;
const URL_EMAIL = 'https://notifapp.odm-iu.com/service-mail/notif_mail.php';
class AuthController extends Controller
{
public function __construct()
{
$this->middleware('auth:api', ['except' => ['login','sendEmail']]);
}
public function login(Request $request)
{
$username = $request->username;
$password = $request->password;
$remember = $request->remember;
$is_mobile = $request->is_mobile;
$usernameCheck = false;
$passwordCheck = false;
if (empty($username) || empty($password)) {
return response()->json(['status' => 'error', 'message' => 'You must fill all the fields'], 400);
}
$userQuery = User::query()
->where('username',$username);
if ($userQuery->exists()) {
$usernameCheck = true;
$passwordValue = $userQuery->first()->password;
if($passwordValue === md5($password)) {
$passwordCheck = true;
}
}
if ($usernameCheck && $passwordCheck) {
$user = User::where([['username', $username],['password', md5($password)]])->first();
$checkExpiredOspro = $this->setExpiredTimeOspro($user['company_id']);
10 months ago
if($checkExpiredOspro === false && $user['company_id'] != null) {
return response()->json(['status' => 'error', 'message' => 'Expired! Please update license!'], 201);
}
if ($is_mobile) {
$fcm_token = $request->fcm_token;
if (!$fcm_token || $fcm_token == "") {
return response()->json(['status' => 'error', 'message' => 'FCM Token is required'], 400);
}
$dataUpdateFcm = array(
"fcm_token" => $fcm_token
);
$hr = User::find($user->id);
if ($hr) {
$hr->update($dataUpdateFcm);
}
}
$dataRole = Role::find($user->role_id);
$dataHierarchy = $this->getDataHierarchy($user->divisi_id, $user->id);
$configApp = Company::where('id', $user->company_id)->first();
if ($configApp) {
$logoLogin = json_decode($configApp->logo_login, true);
$favicon = json_decode($configApp->favicon_image, true);
$logoHeader = json_decode($configApp->logo_header, true);
$configApp->logo_login = $logoLogin;
$configApp->favicon_image = $favicon;
$configApp->logo_header = $logoHeader;
}
if ($configApp) {
$user->configApp = $configApp;
}
if ($dataRole) {
$user->role = $dataRole;
}
if ($dataHierarchy) {
$user->hierarchy = $dataHierarchy;
}
if (!$token = Auth::login($user)) {
return response()->json(['error' => 'Unauthorized'], 401);
}
$ttl = 60;
if ($remember) {
$ttl = 10080;
}
// todo : change existing md5 hashed function to laravel's originally bcrypt
/* $token = auth()->setTTL($ttl)->attempt(['username' => $username, 'password' => Hash::make($password)]); */
/* dd(response()->json(['code'=>'200', 'token' => $token, 'ttl' => $ttl])); */
return response()->json([
'code' => 200,
'data' => array(
'data_user' => $user,
'access_token' => $token,
'token_type' => 'bearer',
'expires_in' => auth()->factory()->getTTL() * $ttl,
),
]);
} else {
if (!$usernameCheck || !$passwordCheck) {
return response()->json(['code' => 201, 'message' => "Username or password doesn't match"], 201);
} else {
return response()->json(['code' => 500, 'message' => "Server error"], 500);
}
}
}
public function sendEmail(Request $request)
{
if (empty($request->password)) {
$hashed = Str::random(15);
} else {
$hashed = $request->password;
}
$email = $request->email;
$user = User::select('email', 'name', 'username')->where('email', $email)->first();
if (!$user || empty($email)) {
return response()->json(['status' => 'error', 'message' => 'e-mail not found'], 400);
} else {
if($request->username) {
$username = $request->username;
$name = $request->username;
} else {
$username = $user->username;
$name = $user->name;
}
$this->reqHttpCurl($email, $hashed, $username, $name);
if(empty($request->password)) {
if (User::where('email', $email)->update(['password' => md5($hashed)])) {
return response()->json(['status' => 'success', 'code' => 200, 'message' => 'Password already sent to mail'], 200);
}
} else {
return response()->json(['status' => 'success', 'code' => 200, 'message' => 'Password already sent to mail'], 200);
}
}
}
private function reqHttpCurl($email, $password, $username, $name)
{
$postData = [
"to" => $email,
"name" => $name,
"username" => $username,
"password" => $password,
"from" => "app.integrasia@integrasiautama.com",
"alias_from" => "OSPRO",
"subject" => "Registration OSPRO",
"body" => "registration-ospro"
];
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => URL_EMAIL, // your preferred url
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30000,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode($postData),
CURLOPT_HTTPHEADER => array(
// Set here requred headers
"accept: */*",
"accept-language: en-US,en;q=0.8",
"content-type: application/json",
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
print_r(json_decode($response));
}
}
}