authRepository->attemptLogin($credentials)) { return null; } $user = $this->authRepository->findUserByEmail($credentials->email); $deviceId = Str::uuid()->toString(); $accessToken = $this->authRepository->createAccessToken($user, $deviceId); $refreshToken = $this->authRepository->createRefreshToken($user, $deviceId); return [ 'access_token' => $accessToken, 'refresh_token' => $refreshToken, 'user' => $user, 'device_id' => $deviceId, ]; } public function refresh(RefreshTokenDto $refreshToken): ?array { $tokenModel = $this->authRepository->findToken($refreshToken->token); if (!$tokenModel || !in_array('refresh', $tokenModel->abilities) || $tokenModel->expires_at < now()) { return null; } $user = $tokenModel->tokenable; if (!$user) { return null; } $deviceId = Str::afterLast($tokenModel->name, '_'); $tokens = $this->authRepository->refreshToken($tokenModel, $user, $deviceId); return array_merge($tokens, [ 'user' => $user, 'device_id' => $deviceId, ]); } public function logout(): void { $user = Auth::user(); $tokenName = $user->currentAccessToken()->name; $deviceId = Str::afterLast($tokenName, '_'); if (!$user) { return; } $this->authRepository->deleteUserTokensByDevice($user, $deviceId); } }