diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php index 67ad016..d898cf9 100644 --- a/app/Http/Controllers/AuthController.php +++ b/app/Http/Controllers/AuthController.php @@ -8,7 +8,9 @@ use Illuminate\Support\Facades\Hash; use App\Models\User; use App\Models\Role; - +use Illuminate\Http\JsonResponse; +use Illuminate\Support\Facades\Password; +use Illuminate\Validation\ValidationException; class AuthController extends Controller { public function __construct() @@ -26,48 +28,65 @@ class AuthController extends Controller if(empty($username) || empty($password)) return response()->json(['status'=>'error','message'=>'You must fill all the fields'], 400); - $user = User::where('username', $username)->where('password', md5($password))->first(); - - if($is_mobile){ - $fcm_token = $request->fcm_token; - - if(!$fcm_token || $fcm_token=="") - return response()->json(['status'=>'error','message'=>'FCM Token is required'], 400); - - $dataUpdateFcm = array( - "fcm_token"=>$fcm_token - ); - - $hr = User::find($user->id); - - if($hr) - $hr->update($dataUpdateFcm); - } - - $dataRole = Role::find($user->role_id); - - if($dataRole) - $user->role = $dataRole; - - if (! $token =Auth::login($user)) - return response()->json(['error' => 'Unauthorized'], 401); - - $ttl = 60; - if($remember) - $ttl = 10080; - - // todo : change existing md5 hashed function to laravel's originally bcrypt - /* $token = auth()->setTTL($ttl)->attempt(['username' => $username, 'password' => Hash::make($password)]); */ - /* dd(response()->json(['code'=>'200', 'token' => $token, 'ttl' => $ttl])); */ - - return response()->json([ - 'code' => 200, - 'data' => array( - 'data_user' => $user, - 'access_token' => $token, - 'token_type' => 'bearer', - 'expires_in' => auth()->factory()->getTTL() * $ttl, - ), - ]); + $usernameCheck = false; + $passwordCheck = false; + + if (User::where('username', $username)->exist()) + $usernameCheck = true; + + if (User::where('password', md5($password))->exists()) + $passwordCheck = true; + + if ($usernameCheck & $passwordCheck){ + $user = User::where('username', $username)->where('password', md5($password))->first(); + if($is_mobile){ + $fcm_token = $request->fcm_token; + + if(!$fcm_token || $fcm_token=="") + return response()->json(['status'=>'error','message'=>'FCM Token is required'], 400); + + $dataUpdateFcm = array( + "fcm_token"=>$fcm_token + ); + + $hr = User::find($user->id); + + if($hr) + $hr->update($dataUpdateFcm); + } + + $dataRole = Role::find($user->role_id); + + if($dataRole) + $user->role = $dataRole; + + if (! $token =Auth::login($user)) + return response()->json(['error' => 'Unauthorized'], 401); + + $ttl = 60; + if($remember) + $ttl = 10080; + + // todo : change existing md5 hashed function to laravel's originally bcrypt + /* $token = auth()->setTTL($ttl)->attempt(['username' => $username, 'password' => Hash::make($password)]); */ + /* dd(response()->json(['code'=>'200', 'token' => $token, 'ttl' => $ttl])); */ + + return response()->json([ + 'code' => 200, + 'data' => array( + 'data_user' => $user, + 'access_token' => $token, + 'token_type' => 'bearer', + 'expires_in' => auth()->factory()->getTTL() * $ttl, + ), + ]); + }else { + if (!$usernameCheck && !$passwordCheck) + return response()->json(['code' => 201, 'message' => "username and password doesn't match"], 201); + if (!$passwordCheck) + return response()->json(['code' => 201, 'message' => "password doesn't match"], 201); + if (!$usernameCheck) + return response()->json(['code' => 201, 'message' => "username doesn't match"], 201); + } } }