|
|
|
<?php
|
|
|
|
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
|
|
|
|
use Illuminate\Support\Facades\Auth;
|
|
|
|
use Illuminate\Http\Request;
|
|
|
|
use Illuminate\Support\Facades\Hash;
|
|
|
|
|
|
|
|
use App\Models\User;
|
|
|
|
use App\Models\Role;
|
|
|
|
use Illuminate\Http\JsonResponse;
|
|
|
|
use Illuminate\Support\Facades\Password;
|
|
|
|
use Illuminate\Validation\ValidationException;
|
|
|
|
class AuthController extends Controller
|
|
|
|
{
|
|
|
|
public function __construct()
|
|
|
|
{
|
|
|
|
$this->middleware('auth:api', ['except' => ['login']]);
|
|
|
|
}
|
|
|
|
|
|
|
|
public function login(Request $request)
|
|
|
|
{
|
|
|
|
$username = $request->username;
|
|
|
|
$password = $request->password;
|
|
|
|
$remember = $request->remember;
|
|
|
|
$is_mobile = $request->is_mobile;
|
|
|
|
|
|
|
|
if(empty($username) || empty($password))
|
|
|
|
return response()->json(['status'=>'error','message'=>'You must fill all the fields'], 400);
|
|
|
|
|
|
|
|
$usernameCheck = false;
|
|
|
|
$passwordCheck = false;
|
|
|
|
|
|
|
|
if (User::where('username', $username)->exists())
|
|
|
|
$usernameCheck = true;
|
|
|
|
|
|
|
|
if (User::where('password', md5($password))->exists())
|
|
|
|
$passwordCheck = true;
|
|
|
|
|
|
|
|
if ($usernameCheck & $passwordCheck){
|
|
|
|
$user = User::where('username', $username)->where('password', md5($password))->first();
|
|
|
|
if($is_mobile){
|
|
|
|
$fcm_token = $request->fcm_token;
|
|
|
|
|
|
|
|
if(!$fcm_token || $fcm_token=="")
|
|
|
|
return response()->json(['status'=>'error','message'=>'FCM Token is required'], 400);
|
|
|
|
|
|
|
|
$dataUpdateFcm = array(
|
|
|
|
"fcm_token"=>$fcm_token
|
|
|
|
);
|
|
|
|
|
|
|
|
$hr = User::find($user->id);
|
|
|
|
|
|
|
|
if($hr)
|
|
|
|
$hr->update($dataUpdateFcm);
|
|
|
|
}
|
|
|
|
|
|
|
|
$dataRole = Role::find($user->role_id);
|
|
|
|
|
|
|
|
if($dataRole)
|
|
|
|
$user->role = $dataRole;
|
|
|
|
|
|
|
|
if (! $token =Auth::login($user))
|
|
|
|
return response()->json(['error' => 'Unauthorized'], 401);
|
|
|
|
|
|
|
|
$ttl = 60;
|
|
|
|
if($remember)
|
|
|
|
$ttl = 10080;
|
|
|
|
|
|
|
|
// todo : change existing md5 hashed function to laravel's originally bcrypt
|
|
|
|
/* $token = auth()->setTTL($ttl)->attempt(['username' => $username, 'password' => Hash::make($password)]); */
|
|
|
|
/* dd(response()->json(['code'=>'200', 'token' => $token, 'ttl' => $ttl])); */
|
|
|
|
|
|
|
|
return response()->json([
|
|
|
|
'code' => 200,
|
|
|
|
'data' => array(
|
|
|
|
'data_user' => $user,
|
|
|
|
'access_token' => $token,
|
|
|
|
'token_type' => 'bearer',
|
|
|
|
'expires_in' => auth()->factory()->getTTL() * $ttl,
|
|
|
|
),
|
|
|
|
]);
|
|
|
|
}else {
|
|
|
|
if (!$usernameCheck && !$passwordCheck)
|
|
|
|
return response()->json(['code' => 201, 'message' => "username and password doesn't match"], 201);
|
|
|
|
if (!$passwordCheck)
|
|
|
|
return response()->json(['code' => 201, 'message' => "password doesn't match"], 201);
|
|
|
|
if (!$usernameCheck)
|
|
|
|
return response()->json(['code' => 201, 'message' => "username doesn't match"], 201);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|