|
@@ -7,6 +7,7 @@
|
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Http\JsonResponse;
|
|
|
use App\Http\Resources\AuthResource;
|
|
use App\Http\Resources\AuthResource;
|
|
|
use App\Services\AuthService;
|
|
use App\Services\AuthService;
|
|
|
|
|
+use Request;
|
|
|
|
|
|
|
|
class AuthController extends Controller
|
|
class AuthController extends Controller
|
|
|
{
|
|
{
|
|
@@ -25,12 +26,14 @@ public function login(AuthRequest $request): JsonResponse
|
|
|
return $this->errorResponse(message: __("auth.failed"), code: 401);
|
|
return $this->errorResponse(message: __("auth.failed"), code: 401);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
|
|
+ $cookieName = $this->getCookieName($request);
|
|
|
|
|
+
|
|
|
return $this->successResponse(
|
|
return $this->successResponse(
|
|
|
payload: new AuthResource($result["payload"]),
|
|
payload: new AuthResource($result["payload"]),
|
|
|
message: __("auth.logged_in"),
|
|
message: __("auth.logged_in"),
|
|
|
)->withCookie(
|
|
)->withCookie(
|
|
|
cookie(
|
|
cookie(
|
|
|
- "refresh_token",
|
|
|
|
|
|
|
+ $cookieName,
|
|
|
$result["refreshToken"],
|
|
$result["refreshToken"],
|
|
|
config("sanctum.rt_expiration") * 60,
|
|
config("sanctum.rt_expiration") * 60,
|
|
|
"/",
|
|
"/",
|
|
@@ -43,23 +46,26 @@ public function login(AuthRequest $request): JsonResponse
|
|
|
);
|
|
);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- public function logout(): JsonResponse
|
|
|
|
|
|
|
+ public function logout(Request $request): JsonResponse
|
|
|
{
|
|
{
|
|
|
$this->authService->logout();
|
|
$this->authService->logout();
|
|
|
|
|
|
|
|
|
|
+ $cookieName = $this->getCookieName($request);
|
|
|
|
|
+
|
|
|
return $this->successResponse(
|
|
return $this->successResponse(
|
|
|
message: __("auth.logout"),
|
|
message: __("auth.logout"),
|
|
|
- )->withoutCookie("refresh_token");
|
|
|
|
|
|
|
+ )->withoutCookie($cookieName);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
public function refresh(RefreshTokenRequest $request): JsonResponse
|
|
public function refresh(RefreshTokenRequest $request): JsonResponse
|
|
|
{
|
|
{
|
|
|
- $refresh_token = $request->cookie("refresh_token");
|
|
|
|
|
|
|
+ $cookieName = $this->getCookieName($request);
|
|
|
|
|
+ $refresh_token = $request->cookie($cookieName);
|
|
|
|
|
|
|
|
if (is_null($refresh_token)) {
|
|
if (is_null($refresh_token)) {
|
|
|
return $this->errorResponse(
|
|
return $this->errorResponse(
|
|
|
code: 403,
|
|
code: 403,
|
|
|
- )->withoutCookie("refresh_token");
|
|
|
|
|
|
|
+ )->withoutCookie($cookieName);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
$result = $this->authService->refresh(
|
|
$result = $this->authService->refresh(
|
|
@@ -70,14 +76,14 @@ public function refresh(RefreshTokenRequest $request): JsonResponse
|
|
|
return $this->errorResponse(
|
|
return $this->errorResponse(
|
|
|
message: __("auth.unauthorized"),
|
|
message: __("auth.unauthorized"),
|
|
|
code: 403,
|
|
code: 403,
|
|
|
- )->withoutCookie("refresh_token");
|
|
|
|
|
|
|
+ )->withoutCookie($cookieName);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
return $this->successResponse(
|
|
return $this->successResponse(
|
|
|
payload: new AuthResource($result["payload"]),
|
|
payload: new AuthResource($result["payload"]),
|
|
|
)->withCookie(
|
|
)->withCookie(
|
|
|
cookie(
|
|
cookie(
|
|
|
- "refresh_token",
|
|
|
|
|
|
|
+ $cookieName,
|
|
|
$result["refreshToken"],
|
|
$result["refreshToken"],
|
|
|
config("sanctum.rt_expiration") * 60,
|
|
config("sanctum.rt_expiration") * 60,
|
|
|
"/",
|
|
"/",
|
|
@@ -89,4 +95,13 @@ public function refresh(RefreshTokenRequest $request): JsonResponse
|
|
|
),
|
|
),
|
|
|
);
|
|
);
|
|
|
}
|
|
}
|
|
|
|
|
+
|
|
|
|
|
+ /**
|
|
|
|
|
+ * Resolves the dynamic cookie name based on the requesting application.
|
|
|
|
|
+ */
|
|
|
|
|
+ private function getCookieName(mixed $request): string
|
|
|
|
|
+ {
|
|
|
|
|
+ $appOrigin = $request->header("X-App-Origin", "default");
|
|
|
|
|
+ return "{$appOrigin}_refresh_token";
|
|
|
|
|
+ }
|
|
|
}
|
|
}
|
