root/New-Thanasoft
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
New-Thanasoft/thanasoft-back/app/Http/Controllers/Api/AuthController.php
nyavokevin 56b0c50111 feat(auth): add employee user linking and password setup flow 
Add user management endpoints and link employees to existing users
through `user_id`, including API resources, validation, repository
support, and database migrations.

Introduce a two-step login flow that checks email first and lets users
without a password create one before signing in.

Update the employee detail UI with a dedicated user tab and refresh the
employee and intervention side navigation to support the new account
management flow.
2026-04-08 13:31:57 +03:00

198 lines
6.4 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\Rules\Password;
use App\Http\Controllers\Api\BaseController as BaseController;
use Illuminate\Validation\ValidationException;
class AuthController extends BaseController
{
public function register(Request $request): JsonResponse
{
try {
$data = $request->validate([
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users,email'],
'password' => ['required', Password::min(8)],
]);
$user = User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => $data['password'], // hashed via User model cast
]);
$token = $user->createToken('api')->plainTextToken;
return $this->sendResponse([
'user' => $user,
'token' => $token,
], 'User registered successfully.');
} catch (ValidationException $e) {
return $this->sendError('Validation Error.', $e->errors(), 422);
} catch (\Exception $e) {
return $this->sendError('Registration failed.', ['error' => $e->getMessage()], 500);
}
}
public function login(Request $request): JsonResponse
{
try {
$credentials = $request->validate([
'email' => ['required', 'email'],
'password' => ['required', 'string'],
]);
/** @var User|null $user */
$user = User::where('email', $credentials['email'])->first();
if (! $user || ! Hash::check($credentials['password'], $user->password)) {
return $this->sendError('Invalid credentials.', ['email' => ['The provided credentials are incorrect.']], 401);
}
$token = $user->createToken('api')->plainTextToken;
return $this->sendResponse([
'user' => $user,
'token' => $token,
], 'Login successful.');
} catch (ValidationException $e) {
return $this->sendError('Validation Error.', $e->errors(), 422);
} catch (\Exception $e) {
return $this->sendError('Login failed.', ['error' => $e->getMessage()], 500);
}
}
public function checkEmail(Request $request): JsonResponse
{
try {
$data = $request->validate([
'email' => ['required', 'email'],
]);
$user = User::where('email', $data['email'])->first();
if (! $user) {
return $this->sendError('Utilisateur introuvable.', [
'email' => ['Aucun utilisateur ne correspond a cet email.'],
], 404);
}
return $this->sendResponse([
'user' => [
'id' => $user->id,
'name' => $user->name,
'email' => $user->email,
],
'has_password' => ! empty($user->getRawOriginal('password')),
], 'Email verifie avec succes.');
} catch (ValidationException $e) {
return $this->sendError('Validation Error.', $e->errors(), 422);
} catch (\Exception $e) {
return $this->sendError('Email check failed.', ['error' => $e->getMessage()], 500);
}
}
public function createPasswordAndLogin(Request $request): JsonResponse
{
try {
$data = $request->validate([
'email' => ['required', 'email'],
'password' => ['required', 'confirmed', Password::min(8)],
]);
/** @var User|null $user */
$user = User::where('email', $data['email'])->first();
if (! $user) {
return $this->sendError('Utilisateur introuvable.', [
'email' => ['Aucun utilisateur ne correspond a cet email.'],
], 404);
}
if (! empty($user->getRawOriginal('password'))) {
return $this->sendError('Mot de passe deja defini.', [
'password' => ['Cet utilisateur a deja un mot de passe.'],
], 422);
}
$user->password = $data['password'];
$user->save();
$token = $user->createToken('api')->plainTextToken;
return $this->sendResponse([
'user' => $user,
'token' => $token,
], 'Mot de passe cree et connexion reussie.');
} catch (ValidationException $e) {
return $this->sendError('Validation Error.', $e->errors(), 422);
} catch (\Exception $e) {
return $this->sendError('Password creation failed.', ['error' => $e->getMessage()], 500);
}
}
public function me(Request $request): JsonResponse
{
try {
$user = $request->user();
if (!$user) {
return $this->sendError('Unauthenticated.', [], 401);
}
return $this->sendResponse($user, 'User retrieved successfully.');
} catch (\Exception $e) {
return $this->sendError('Failed to retrieve user.', ['error' => $e->getMessage()], 500);
}
}
public function logout(Request $request): JsonResponse
{
try {
$user = $request->user();
if (!$user) {
return $this->sendError('Unauthenticated.', [], 401);
}
if ($user->currentAccessToken()) {
$user->currentAccessToken()->delete();
}
return $this->sendResponse([], 'Logged out successfully.');
} catch (\Exception $e) {
return $this->sendError('Logout failed.', ['error' => $e->getMessage()], 500);
}
}
public function logoutAll(Request $request): JsonResponse
{
try {
$user = $request->user();
if (!$user) {
return $this->sendError('Unauthenticated.', [], 401);
}
$user->tokens()->delete();
return $this->sendResponse([], 'Logged out from all devices successfully.');
} catch (\Exception $e) {
return $this->sendError('Logout failed.', ['error' => $e->getMessage()], 500);
}
}
}
Reference in New Issue View Git Blame Copy Permalink