|
|
@@ -2,9 +2,15 @@
|
|
|
|
|
|
namespace App\Http\Controllers\Auth;
|
|
|
|
|
|
+use Illuminate\Http\Request;
|
|
|
+use Illuminate\Http\Response;
|
|
|
use App\Http\Controllers\Controller;
|
|
|
+use Illuminate\Support\Facades\Auth;
|
|
|
+use Illuminate\Support\Facades\Lang;
|
|
|
+use Illuminate\Validation\ValidationException;
|
|
|
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
|
|
|
|
|
+
|
|
|
class LoginController extends Controller
|
|
|
{
|
|
|
/*
|
|
|
@@ -12,28 +18,118 @@ class LoginController extends Controller
|
|
|
| Login Controller
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
|
|
- | This controller handles authenticating users for the application and
|
|
|
- | redirecting them to your home screen. The controller uses a trait
|
|
|
- | to conveniently provide its functionality to your applications.
|
|
|
+ | This controller handles authenticating users for the application.
|
|
|
+ | The controller uses a trait to conveniently provide its functionality
|
|
|
+ | to your applications.
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
use AuthenticatesUsers;
|
|
|
|
|
|
/**
|
|
|
- * Where to redirect users after login.
|
|
|
+ * Handle a login request to the application.
|
|
|
+ *
|
|
|
+ * @param \Illuminate\Http\Request $request
|
|
|
+ * @return \Illuminate\Http\JsonResponse
|
|
|
+ *
|
|
|
+ * @throws \Illuminate\Validation\ValidationException
|
|
|
+ */
|
|
|
+ public function login(Request $request)
|
|
|
+ {
|
|
|
+ $this->validateLogin($request);
|
|
|
+
|
|
|
+ // If the class is using the ThrottlesLogins trait, we can automatically throttle
|
|
|
+ // the login attempts for this application. We'll key this by the username and
|
|
|
+ // the IP address of the client making these requests into this application.
|
|
|
+ if (method_exists($this, 'hasTooManyLoginAttempts') &&
|
|
|
+ $this->hasTooManyLoginAttempts($request)) {
|
|
|
+ $this->fireLockoutEvent($request);
|
|
|
+
|
|
|
+ return $this->sendLockoutResponse($request);
|
|
|
+ }
|
|
|
+
|
|
|
+ if ($this->attemptLogin($request)) {
|
|
|
+ return $this->sendLoginResponse($request);
|
|
|
+ }
|
|
|
+
|
|
|
+ // If the login attempt was unsuccessful we will increment the number of attempts
|
|
|
+ // to login and redirect the user back to the login form. Of course, when this
|
|
|
+ // user surpasses their maximum number of attempts they will get locked out.
|
|
|
+ $this->incrementLoginAttempts($request);
|
|
|
+
|
|
|
+ return $this->sendFailedLoginResponse($request);
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Send the response after the user was authenticated.
|
|
|
+ *
|
|
|
+ * @param \Illuminate\Http\Request $request
|
|
|
+ * @return \Illuminate\Http\JsonResponse
|
|
|
+ */
|
|
|
+ protected function sendLoginResponse(Request $request)
|
|
|
+ {
|
|
|
+ $this->clearLoginAttempts($request);
|
|
|
+
|
|
|
+ $success['token'] = $this->guard()->user()->createToken('2FAuth')->accessToken;
|
|
|
+ $success['name'] = $this->guard()->user()->name;
|
|
|
+
|
|
|
+ return response()->json(['message' => $success], Response::HTTP_OK);
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Get the failed login response instance.
|
|
|
+ *
|
|
|
+ * @param \Illuminate\Http\Request $request
|
|
|
+ * @return \Illuminate\Http\JsonResponse
|
|
|
+ */
|
|
|
+ protected function sendFailedLoginResponse(Request $request)
|
|
|
+ {
|
|
|
+ return response()->json(['message' => 'unauthorised'], Response::HTTP_UNAUTHORIZED);
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Redirect the user after determining they are locked out.
|
|
|
*
|
|
|
- * @var string
|
|
|
+ * @param \Illuminate\Http\Request $request
|
|
|
+ * @return \Illuminate\Http\JsonResponse
|
|
|
*/
|
|
|
- protected $redirectTo = '/home';
|
|
|
+ protected function sendLockoutResponse(Request $request)
|
|
|
+ {
|
|
|
+ $seconds = $this->limiter()->availableIn(
|
|
|
+ $this->throttleKey($request)
|
|
|
+ );
|
|
|
+
|
|
|
+ return response()->json(['message' => Lang::get('auth.throttle', ['seconds' => $seconds])], Response::HTTP_TOO_MANY_REQUESTS);
|
|
|
+ }
|
|
|
+
|
|
|
|
|
|
/**
|
|
|
- * Create a new controller instance.
|
|
|
+ * Validate the user login request.
|
|
|
*
|
|
|
+ * @param \Illuminate\Http\Request $request
|
|
|
* @return void
|
|
|
+ *
|
|
|
+ * @throws \Illuminate\Validation\ValidationException
|
|
|
+ */
|
|
|
+ protected function validateLogin(Request $request)
|
|
|
+ {
|
|
|
+ $request->validate([
|
|
|
+ $this->username() => 'required|string|exists:users,email',
|
|
|
+ 'password' => 'required|string',
|
|
|
+ ]);
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ /**
|
|
|
+ * log out current user
|
|
|
+ * @param Request $request
|
|
|
+ * @return \Illuminate\Http\JsonResponse
|
|
|
*/
|
|
|
- public function __construct()
|
|
|
+ public function logout(Request $request)
|
|
|
{
|
|
|
- $this->middleware('guest')->except('logout');
|
|
|
+ $this->guard()->logout();
|
|
|
+
|
|
|
+ return response()->json(['message' => 'signed out'], Response::HTTP_OK);
|
|
|
}
|
|
|
-}
|
|
|
+
|
|
|
+}
|
Bubka