| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157 |
- <?php
- namespace App\Http\Controllers;
- use App\Http\Requests\AuthRequest;
- use App\Http\Requests\ForgotPasswordRequest;
- use App\Http\Requests\RefreshTokenRequest;
- use App\Http\Requests\ResetPasswordRequest;
- use App\Http\Requests\VerifyPasswordCodeRequest;
- use Illuminate\Http\JsonResponse;
- use App\Http\Resources\AuthResource;
- use App\Services\AuthService;
- use Request;
- class AuthController extends Controller
- {
- public function __construct(protected AuthService $authService) {}
- public function login(AuthRequest $request): JsonResponse
- {
- $validated = $request->validated();
- $result = $this->authService->login(
- email: $validated["email"],
- password: $validated["password"],
- origem: $validated["origem"]
- );
- if (!$result) {
- return $this->errorResponse(message: __("auth.failed"), code: 401);
- }
- $cookieName = $this->getCookieName($request);
- return $this->successResponse(
- payload: new AuthResource($result["payload"]),
- message: __("auth.logged_in"),
- )->withCookie(
- cookie(
- $cookieName,
- $result["refreshToken"],
- config("sanctum.rt_expiration") * 60,
- "/",
- config("session.domain"),
- config("session.secure"),
- true,
- false,
- "Lax",
- ),
- );
- }
- public function forgotPassword(ForgotPasswordRequest $request): JsonResponse
- {
- $validated = $request->validated();
- $sent = $this->authService->forgotPassword(email: $validated['email']);
- if (!$sent) {
- return $this->errorResponse(message: __('auth.email_not_found'), code: 422);
- }
- return $this->successResponse(message: __('auth.password_reset_sent'));
- }
- public function verifyPasswordCode(VerifyPasswordCodeRequest $request): JsonResponse
- {
- $validated = $request->validated();
- $valid = $this->authService->verifyPasswordCode(
- email: $validated['email'],
- code: $validated['code'],
- );
- if (!$valid) {
- return $this->errorResponse(message: __('auth.invalid_code'), code: 422);
- }
- return $this->successResponse(message: __('auth.code_verified'));
- }
- public function resetPassword(ResetPasswordRequest $request): JsonResponse
- {
- $validated = $request->validated();
- $reset = $this->authService->resetPassword(
- email: $validated['email'],
- code: $validated['code'],
- password: $validated['password'],
- );
- if (!$reset) {
- return $this->errorResponse(message: __('auth.invalid_code'), code: 422);
- }
- return $this->successResponse(message: __('auth.password_reset_success'));
- }
- public function logout(Request $request): JsonResponse
- {
- $this->authService->logout();
- $cookieName = $this->getCookieName($request);
- return $this->successResponse(
- message: __("auth.logout"),
- )->withoutCookie($cookieName);
- }
- public function refresh(RefreshTokenRequest $request): JsonResponse
- {
- $cookieName = $this->getCookieName($request);
- $refresh_token = $request->cookie($cookieName);
- if (is_null($refresh_token)) {
- return $this->errorResponse(
- code: 403,
- )->withoutCookie($cookieName);
- }
- $result = $this->authService->refresh(
- $refresh_token
- );
- if (is_null($result)) {
- return $this->errorResponse(
- message: __("auth.unauthorized"),
- code: 403,
- )->withoutCookie($cookieName);
- }
- return $this->successResponse(
- payload: new AuthResource($result["payload"]),
- )->withCookie(
- cookie(
- $cookieName,
- $result["refreshToken"],
- config("sanctum.rt_expiration") * 60,
- "/",
- config("session.domain"),
- config("session.secure"),
- true,
- true,
- "Lax",
- ),
- );
- }
- /**
- * Resolves the dynamic cookie name based on the requesting application.
- */
- private function getCookieName(mixed $request): string
- {
- $appOrigin = $request->header("X-App-Origin", "default");
- return "{$appOrigin}_refresh_token";
- }
- }
|
