middleware('auth:api', ['except' => ['login','sendEmail']]); } public function login(Request $request) { $username = $request->username; $password = $request->password; $remember = $request->remember; $is_mobile = $request->is_mobile; $usernameCheck = false; $passwordCheck = false; if (empty($username) || empty($password)) { return response()->json(['status' => 'error', 'message' => 'You must fill all the fields'], 400); } if (User::where('username', $username)->exists()) { $usernameCheck = true; } if (User::where('password', md5($password))->exists()) { $passwordCheck = true; } if ($usernameCheck & $passwordCheck) { $user = User::where([['username', $username],['password', md5($password)]])->first(); $checkExpiredOspro = $this->setExpiredTimeOspro($user['company_id']); if($checkExpiredOspro === false) { return response()->json(['status' => 'error', 'message' => 'Expired! Please update license!'], 201); } if ($is_mobile) { $fcm_token = $request->fcm_token; if (!$fcm_token || $fcm_token == "") { return response()->json(['status' => 'error', 'message' => 'FCM Token is required'], 400); } $dataUpdateFcm = array( "fcm_token" => $fcm_token ); $hr = User::find($user->id); if ($hr) { $hr->update($dataUpdateFcm); } } $dataRole = Role::find($user->role_id); $dataHierarchy = $this->getDataHierarchy($user->divisi_id, $user->id); $configApp = Company::where('id', $user->company_id)->first(); if ($configApp) { $logoLogin = json_decode($configApp->logo_login, true); $favicon = json_decode($configApp->favicon_image, true); $logoHeader = json_decode($configApp->logo_header, true); $configApp->logo_login = $logoLogin; $configApp->favicon_image = $favicon; $configApp->logo_header = $logoHeader; } if ($configApp) { $user->configApp = $configApp; } if ($dataRole) { $user->role = $dataRole; } if ($dataHierarchy) { $user->hierarchy = $dataHierarchy; } if (!$token = Auth::login($user)) { return response()->json(['error' => 'Unauthorized'], 401); } $ttl = 60; if ($remember) { $ttl = 10080; } // todo : change existing md5 hashed function to laravel's originally bcrypt /* $token = auth()->setTTL($ttl)->attempt(['username' => $username, 'password' => Hash::make($password)]); */ /* dd(response()->json(['code'=>'200', 'token' => $token, 'ttl' => $ttl])); */ return response()->json([ 'code' => 200, 'data' => array( 'data_user' => $user, 'access_token' => $token, 'token_type' => 'bearer', 'expires_in' => auth()->factory()->getTTL() * $ttl, ), ]); } else { if (!$usernameCheck && !$passwordCheck) { return response()->json(['code' => 201, 'message' => "Username and password doesn't match"], 201); } if (!$passwordCheck) { return response()->json(['code' => 201, 'message' => "Password doesn't match"], 201); } if (!$usernameCheck) { return response()->json(['code' => 201, 'message' => "Username doesn't match"], 201); } } } public function sendEmail(Request $request) { if (empty($request->password)) { $hashed = Str::random(15); } else { $hashed = $request->password; } $email = $request->email; $user = User::select('email', 'name', 'username')->where('email', $email)->first(); if (!$user || empty($email)) { return response()->json(['status' => 'error', 'message' => 'e-mail not found'], 400); } else { if($request->username) { $username = $request->username; $name = $request->username; } else { $username = $user->username; $name = $user->name; } $this->reqHttpCurl($email, $hashed, $username, $name); if(empty($request->password)) { if (User::where('email', $email)->update(['password' => md5($hashed)])) { return response()->json(['status' => 'success', 'code' => 200, 'message' => 'Password already sent to mail'], 200); } } else { return response()->json(['status' => 'success', 'code' => 200, 'message' => 'Password already sent to mail'], 200); } } } private function reqHttpCurl($email, $password, $username, $name) { $postData = [ "to" => $email, "name" => $name, "username" => $username, "password" => $password, "from" => "app.integrasia@integrasiautama.com", "alias_from" => "OSPRO", "subject" => "Registration OSPRO", "body" => "registration-ospro" ]; $curl = curl_init(); curl_setopt_array($curl, array( CURLOPT_URL => URL_EMAIL, // your preferred url CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => "", CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30000, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_POSTFIELDS => json_encode($postData), CURLOPT_HTTPHEADER => array( // Set here requred headers "accept: */*", "accept-language: en-US,en;q=0.8", "content-type: application/json", ), )); $response = curl_exec($curl); $err = curl_error($curl); curl_close($curl); if ($err) { echo "cURL Error #:" . $err; } else { print_r(json_decode($response)); } } }