sfp_api_laravel_serprati/app/Http/Controllers/AuthController.php

<?php

namespace App\Http\Controllers;

use App\Http\Requests\AuthRequest;
use App\Http\Requests\RefreshTokenRequest;
use Illuminate\Http\JsonResponse;
use App\Http\Resources\AuthResource;
use App\Services\AuthService;
use Illuminate\Http\Request;

class AuthController extends Controller
{
    public function __construct(protected AuthService $authService) {}

    public function login(AuthRequest $request): JsonResponse
    {
        $validated = $request->validated();

        $result = $this->authService->login(
            email: $validated["email"],
            password: $validated["password"],
            tipo: $validated["tipo"],
        );

        if (!$result) {
            return $this->errorResponse(message: __("auth.failed"), code: 401);
        }

        if (isset($result["error"]) && $result["error"] === "wrong_type") {
            return $this->errorResponse(message: __("auth.wrong_type"), code: 403);
        }

        $cookieName = $this->getCookieName($request);

        return $this->successResponse(
            payload: new AuthResource($result["payload"]),
            message: __("auth.logged_in"),
        )->withCookie(
            cookie(
                $cookieName,
                $result["refreshToken"],
                config("sanctum.rt_expiration") * 60,
                "/",
                config("session.domain"),
                config("session.secure"),
                true,
                false,
                "Lax",
            ),
        );
    }

    public function logout(Request $request): JsonResponse
    {
        $this->authService->logout();

        $cookieName = $this->getCookieName($request);

        return $this->successResponse(
            message: __("auth.logout"),
        )->withoutCookie($cookieName);
    }

    public function refresh(RefreshTokenRequest $request): JsonResponse
    {
        $cookieName = $this->getCookieName($request);
        $refresh_token = $request->cookie($cookieName);

        if (is_null($refresh_token)) {
            return $this->errorResponse(
                code: 403,
            )->withoutCookie($cookieName);
        }

        $result = $this->authService->refresh(
            $refresh_token
        );

        if (is_null($result)) {
            return $this->errorResponse(
                message: __("auth.unauthorized"),
                code: 403,
            )->withoutCookie($cookieName);
        }

        return $this->successResponse(
            payload: new AuthResource($result["payload"]),
        )->withCookie(
            cookie(
                $cookieName,
                $result["refreshToken"],
                config("sanctum.rt_expiration") * 60,
                "/",
                config("session.domain"),
                config("session.secure"),
                true,
                true,
                "Lax",
            ),
        );
    }

}