middleware('auth:api', ['except' => ['login']]); } public function login(Request $request) { $username = $request->username; $password = $request->password; $remember = $request->remember; $is_mobile = $request->is_mobile; if (empty($username) || empty($password)) return response()->json(['status' => 'error', 'message' => 'You must fill all the fields'], 400); $usernameCheck = false; $passwordCheck = false; if (User::where('username', $username)->exists()) $usernameCheck = true; if (User::where('password', md5($password))->exists()) $passwordCheck = true; if ($usernameCheck & $passwordCheck) { $user = User::where('username', $username)->where('password', md5($password))->first(); if ($is_mobile) { $fcm_token = $request->fcm_token; if (!$fcm_token || $fcm_token == "") return response()->json(['status' => 'error', 'message' => 'FCM Token is required'], 400); $dataUpdateFcm = array( "fcm_token" => $fcm_token ); $hr = User::find($user->id); if ($hr) $hr->update($dataUpdateFcm); } $dataRole = Role::find($user->role_id); $dataHierarchy = $this->getDataHierarchy($user->divisi_id, $user->id); $configApp = Company::where('id', $user->company_id)->first(); if ($configApp) { $logoLogin = json_decode($configApp->logo_login, true); $favicon = json_decode($configApp->favicon_image, true); $logoHeader = json_decode($configApp->logo_header, true); $configApp->logo_login = $logoLogin; $configApp->favicon_image = $favicon; $configApp->logo_header = $logoHeader; } if ($configApp) $user->configApp = $configApp; if ($dataRole) $user->role = $dataRole; if ($dataHierarchy) $user->hierarchy = $dataHierarchy; if (!$token = Auth::login($user)) return response()->json(['error' => 'Unauthorized'], 401); $ttl = 60; if ($remember) $ttl = 10080; // todo : change existing md5 hashed function to laravel's originally bcrypt /* $token = auth()->setTTL($ttl)->attempt(['username' => $username, 'password' => Hash::make($password)]); */ /* dd(response()->json(['code'=>'200', 'token' => $token, 'ttl' => $ttl])); */ return response()->json([ 'code' => 200, 'data' => array( 'data_user' => $user, 'access_token' => $token, 'token_type' => 'bearer', 'expires_in' => auth()->factory()->getTTL() * $ttl, ), ]); } else { if (!$usernameCheck && !$passwordCheck) return response()->json(['code' => 201, 'message' => "username and password doesn't match"], 201); if (!$passwordCheck) return response()->json(['code' => 201, 'message' => "password doesn't match"], 201); if (!$usernameCheck) return response()->json(['code' => 201, 'message' => "username doesn't match"], 201); } } }