authRepository->attemptLogin(credentials: $credentials)) { return null; } $user = $this->authRepository->findUserByEmail(email: $credentials->email); $deviceId = Str::uuid()->toString(); $accessToken = $this->authRepository->createAccessToken(user: $user, deviceId: $deviceId); $refreshToken = $this->authRepository->createRefreshToken(user: $user, deviceId: $deviceId); return [ 'access_token' => $accessToken, 'refresh_token' => $refreshToken, 'user' => $user, 'device_id' => $deviceId, ]; } public function refresh(RefreshTokenDTO $refreshToken): ?array { $tokenModel = $this->authRepository->findToken($refreshToken->refresh_token); if (!$tokenModel || !in_array(needle: 'refresh', haystack: $tokenModel->abilities) || $tokenModel->expires_at < now()) { return null; } $user = $tokenModel->tokenable; if (!$user) { return null; } $deviceId = Str::afterLast(subject: $tokenModel->name, search: '_'); $tokens = $this->authRepository->refreshToken($tokenModel, $user, $deviceId); return array_merge($tokens, [ 'user' => $user, 'device_id' => $deviceId, ]); } public function logout(): void { $user = Auth::user(); $tokenName = $user->currentAccessToken()->name; $deviceId = Str::afterLast($tokenName, '_'); if (!$user) { return; } $this->authRepository->deleteUserTokensByDevice(user: $user, deviceId: $deviceId); } }