middleware('auth:api', ['except' => ['login','sendEmail']]); } public function login(Request $request) { $username = $request->username; $password = $request->password; $remember = $request->remember; $is_mobile = $request->is_mobile; if (empty($username) || empty($password)) return response()->json(['status' => 'error', 'message' => 'You must fill all the fields'], 400); $usernameCheck = false; $passwordCheck = false; if (User::where('username', $username)->exists()) $usernameCheck = true; if (User::where('password', md5($password))->exists()) $passwordCheck = true; if ($usernameCheck & $passwordCheck) { $user = User::where('username', $username)->where('password', md5($password))->first(); if ($is_mobile) { $fcm_token = $request->fcm_token; if (!$fcm_token || $fcm_token == "") return response()->json(['status' => 'error', 'message' => 'FCM Token is required'], 400); $dataUpdateFcm = array( "fcm_token" => $fcm_token ); $hr = User::find($user->id); if ($hr) $hr->update($dataUpdateFcm); } $dataRole = Role::find($user->role_id); $dataHierarchy = $this->getDataHierarchy($user->divisi_id, $user->id); $configApp = Company::where('id', $user->company_id)->first(); if ($configApp) { $logoLogin = json_decode($configApp->logo_login, true); $favicon = json_decode($configApp->favicon_image, true); $logoHeader = json_decode($configApp->logo_header, true); $configApp->logo_login = $logoLogin; $configApp->favicon_image = $favicon; $configApp->logo_header = $logoHeader; } if ($configApp) $user->configApp = $configApp; if ($dataRole) $user->role = $dataRole; if ($dataHierarchy) $user->hierarchy = $dataHierarchy; if (!$token = Auth::login($user)) return response()->json(['error' => 'Unauthorized'], 401); $ttl = 60; if ($remember) $ttl = 10080; // todo : change existing md5 hashed function to laravel's originally bcrypt /* $token = auth()->setTTL($ttl)->attempt(['username' => $username, 'password' => Hash::make($password)]); */ /* dd(response()->json(['code'=>'200', 'token' => $token, 'ttl' => $ttl])); */ return response()->json([ 'code' => 200, 'data' => array( 'data_user' => $user, 'access_token' => $token, 'token_type' => 'bearer', 'expires_in' => auth()->factory()->getTTL() * $ttl, ), ]); } else { if (!$usernameCheck && !$passwordCheck) return response()->json(['code' => 201, 'message' => "username and password doesn't match"], 201); if (!$passwordCheck) return response()->json(['code' => 201, 'message' => "password doesn't match"], 201); if (!$usernameCheck) return response()->json(['code' => 201, 'message' => "username doesn't match"], 201); } } public function sendEmail(Request $request) { $hashed = Str::random(15); $email = $request->email; $user = User::select('email', 'name', 'username')->where('email', $email)->first(); if (!$user || empty($email)) { return response()->json(['status' => 'error', 'message' => 'e-mail not found '], 400); } else { $this->reqHttpCurl($email, $hashed, $user->username, $user->name); if (User::where('email', $email)->update(['password' => md5($hashed)])) return response()->json(['status' => 'success', 'code' => 200, 'message' => 'Password already sent to mail'], 200); return response()->json(['status' => 'error', 'code' => 400, 'message' => 'e-mail not found '], 400); } } private function reqHttpCurl($email, $password, $username, $name) { $postData = [ "to" => $email, "username" => $name, "username" => $username, "password" => $password, "from" => "app.integrasia@integrasiautama.com", "alias_from" => "OSPRO", "subject" => "Registration OSPRO", "body" => "registration-ospro" ]; $curl = curl_init(); curl_setopt_array($curl, array( CURLOPT_URL => URL_EMAIL, // your preferred url CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => "", CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30000, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_POSTFIELDS => json_encode($postData), CURLOPT_HTTPHEADER => array( // Set here requred headers "accept: */*", "accept-language: en-US,en;q=0.8", "content-type: application/json", ), )); $response = curl_exec($curl); $err = curl_error($curl); curl_close($curl); if ($err) { echo "cURL Error #:" . $err; } else { print_r(json_decode($response)); } } }