authRepository->attemptLogin(credentials: $credentials)) { return null; } $user = $this->authRepository->findUserByEmail(email: $credentials->email); $deviceId = Str::uuid()->toString(); $accessToken = $this->authRepository->createAccessToken(user: $user, deviceId: $deviceId); $refreshToken = $this->authRepository->createRefreshToken(user: $user, deviceId: $deviceId); return [ 'payload' => [ 'access_token' => $accessToken, 'user' => $user, ], 'refreshToken' => $refreshToken ]; } public function refresh(RefreshTokenDTO $refreshTokenDto): ?array { if (!$refreshTokenDto->refresh_token) { return null; } $tokenModel = $this->authRepository->findToken($refreshTokenDto->refresh_token); if (!$tokenModel || !in_array('refresh', $tokenModel->abilities) || $tokenModel->expires_at < now()) { return null; } $user = $tokenModel->tokenable; if (!$user) { return null; } $deviceId = Str::afterLast($tokenModel->name, '_'); $tokens = $this->authRepository->refreshToken($tokenModel, $user, $deviceId); return [ 'payload' => [ 'access_token' => $tokens['access_token'], 'user' => $user, ], 'refreshToken' => $tokens['refresh_token'] ]; } public function logout(): void { $user = Auth::user(); if (!$user) { return; } $tokenName = $user->currentAccessToken()->name; $deviceId = Str::afterLast($tokenName, '_'); $this->authRepository->deleteUserTokensByDevice(user: $user, deviceId: $deviceId); } }