refactor login apps

app/Http/Controllers/AuthController.php

@@ -28,20 +28,11 @@ class AuthController extends Controller
     }
 
     return $this->successResponse(
-      payload: new AuthResource($result["payload"]),
+      payload: new AuthResource([
+        ...$result["payload"],
+        "refresh_token" => $result["refreshToken"],
+      ]),
       message: __("auth.logged_in"),
-    )->withCookie(
-      cookie(
-        "refresh_token",
-        $result["refreshToken"],
-        config("sanctum.rt_expiration") * 60,
-        "/",
-        config("session.domain"),
-        config("session.secure"),
-        true,
-        false,
-        "Lax",
-      ),
     );
   }
 
@@ -56,12 +47,10 @@ class AuthController extends Controller
 
   public function refresh(RefreshTokenRequest $request): JsonResponse
   {
-    $refresh_token = $request->cookie("refresh_token");
+    $refresh_token = $request->validated("refresh_token");
 
     if (is_null($refresh_token)) {
-      return $this->errorResponse(
-        code: 403,
-      )->withoutCookie("refresh_token");
+      return $this->errorResponse(code: 403);
     }
 
     $result = $this->authService->refresh(
@@ -72,23 +61,14 @@ class AuthController extends Controller
       return $this->errorResponse(
         message: __("auth.unauthorized"),
         code: 403,
-      )->withoutCookie("refresh_token");
+      );
     }
 
     return $this->successResponse(
-      payload: new AuthResource($result["payload"]),
-    )->withCookie(
-      cookie(
-        "refresh_token",
-        $result["refreshToken"],
-        config("sanctum.rt_expiration") * 60,
-        "/",
-        config("session.domain"),
-        config("session.secure"),
-        true,
-        true,
-        "Lax",
-      ),
+      payload: new AuthResource([
+        ...$result["payload"],
+        "refresh_token" => $result["refreshToken"],
+      ]),
     );
   }
 

app/Http/Controllers/ClientController.php

@@ -65,20 +65,11 @@ class ClientController extends Controller
     }
 
     return $this->successResponse(
-      payload: new AuthResource($result["payload"]),
+      payload: new AuthResource([
+        ...$result["payload"],
+        "refresh_token" => $result["refreshToken"],
+      ]),
       message: __("auth.logged_in"),
-    )->withCookie(
-      cookie(
-        "refresh_token",
-        $result["refreshToken"],
-        config("sanctum.rt_expiration") * 60,
-        "/",
-        config("session.domain"),
-        config("session.secure"),
-        true,
-        false,
-        "Lax",
-      ),
     );
   }
 }

app/Http/Controllers/ProviderController.php

@@ -64,20 +64,11 @@ class ProviderController extends Controller
       }
 
       return $this->successResponse(
-        payload: new AuthResource($result["payload"]),
+        payload: new AuthResource([
+          ...$result["payload"],
+          "refresh_token" => $result["refreshToken"],
+        ]),
         message: __("auth.logged_in"),
-      )->withCookie(
-        cookie(
-          "refresh_token",
-          $result["refreshToken"],
-          config("sanctum.rt_expiration") * 60,
-          "/",
-          config("session.domain"),
-          config("session.secure"),
-          true,
-          false,
-          "Lax",
-        ),
       );
     }
 }

app/Http/Requests/RefreshTokenRequest.php

@@ -13,14 +13,8 @@ class RefreshTokenRequest extends FormRequest
 
     public function rules(): array
     {
-        return [];
-    }
-
-    //This adds the cookie value to the request data.
-    protected function passedValidation(): void
-    {
-        $this->merge([
-            'refresh_token' => $this->cookie('refresh_token'),
-        ]);
+        return [
+            'refresh_token' => ['required', 'string'],
+        ];
     }
 }

app/Http/Resources/AuthResource.php

@@ -17,6 +17,7 @@ class AuthResource extends JsonResource
     {
         return [
             'access_token' => $this['access_token'],
+            'refresh_token' => $this['refresh_token'] ?? null,
             'token_type' => 'Bearer',
             'expires_in' => 900,
             'user' => new UserResource($this['user']),