Softpar
/
sfp_api_laravel_serprati


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107
							<?php

namespace App\Http\Controllers;

use App\Http\Requests\AuthRequest;
use App\Http\Requests\RefreshTokenRequest;
use Illuminate\Http\JsonResponse;
use App\Http\Resources\AuthResource;
use App\Services\AuthService;
use Request;

class AuthController extends Controller
{
    public function __construct(protected AuthService $authService) {}

    public function login(AuthRequest $request): JsonResponse
    {
        $validated = $request->validated();

        $result = $this->authService->login(
            email: $validated["email"],
            password: $validated["password"],
        );

        if (!$result) {
            return $this->errorResponse(message: __("auth.failed"), code: 401);
        }

        $cookieName = $this->getCookieName($request);

        return $this->successResponse(
            payload: new AuthResource($result["payload"]),
            message: __("auth.logged_in"),
        )->withCookie(
            cookie(
                $cookieName,
                $result["refreshToken"],
                config("sanctum.rt_expiration") * 60,
                "/",
                config("session.domain"),
                config("session.secure"),
                true,
                false,
                "Lax",
            ),
        );
    }

    public function logout(Request $request): JsonResponse
    {
        $this->authService->logout();

        $cookieName = $this->getCookieName($request);

        return $this->successResponse(
            message: __("auth.logout"),
        )->withoutCookie($cookieName);
    }

    public function refresh(RefreshTokenRequest $request): JsonResponse
    {
        $cookieName = $this->getCookieName($request);
        $refresh_token = $request->cookie($cookieName);

        if (is_null($refresh_token)) {
            return $this->errorResponse(
                code: 403,
            )->withoutCookie($cookieName);
        }

        $result = $this->authService->refresh(
            $refresh_token
        );

        if (is_null($result)) {
            return $this->errorResponse(
                message: __("auth.unauthorized"),
                code: 403,
            )->withoutCookie($cookieName);
        }

        return $this->successResponse(
            payload: new AuthResource($result["payload"]),
        )->withCookie(
            cookie(
                $cookieName,
                $result["refreshToken"],
                config("sanctum.rt_expiration") * 60,
                "/",
                config("session.domain"),
                config("session.secure"),
                true,
                true,
                "Lax",
            ),
        );
    }

    /**
     * Resolves the dynamic cookie name based on the requesting application.
     */
    private function getCookieName(mixed $request): string
    {
        $appOrigin = $request->header("X-App-Origin", "default");
        return "{$appOrigin}_refresh_token";
    }
}