mirror of https://github.com/Devoalda/LaDo.git
feature(Laravel Sanctum): Added Laraval Sanctum for API auth
Added: - Laravel Sanctum Module and Configs - Modified Personal access token table to support UUID Modified: - Project View to use API auth
This commit is contained in:
parent
2266976361
commit
1cf52e32ed
|
|
@ -0,0 +1,67 @@
|
|||
<?php
|
||||
|
||||
namespace App\Http\Controllers\Auth;
|
||||
|
||||
use App\Http\Controllers\Controller;
|
||||
use App\Models\User;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Hash;
|
||||
use Illuminate\Support\Facades\Validator;
|
||||
|
||||
class ApiAuthController extends Controller
|
||||
{
|
||||
public function register(Request $request)
|
||||
{
|
||||
// Validate request data
|
||||
$validator = Validator::make($request->all(), [
|
||||
'name' => 'required|string|max:255',
|
||||
'email' => 'required|email|unique:users|max:255',
|
||||
'password' => 'required|min:10',
|
||||
]);
|
||||
// Return errors if validation error occur.
|
||||
if ($validator->fails()) {
|
||||
$errors = $validator->errors();
|
||||
return response()->json([
|
||||
'error' => $errors
|
||||
], 400);
|
||||
}
|
||||
// Check if validation pass then create user and auth token. Return the auth token
|
||||
if ($validator->passes()) {
|
||||
$user = User::create([
|
||||
'name' => $request->name,
|
||||
'email' => $request->email,
|
||||
'password' => Hash::make($request->password)
|
||||
]);
|
||||
$token = $user->createToken('auth_token')->plainTextToken;
|
||||
|
||||
return response()->json([
|
||||
'access_token' => $token,
|
||||
'token_type' => 'Bearer',
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
||||
public function login(Request $request)
|
||||
{
|
||||
if (!Auth::attempt($request->only('email', 'password'))) {
|
||||
return response()->json([
|
||||
'message' => 'Invalid login details'
|
||||
], 401);
|
||||
}
|
||||
|
||||
$user = User::where('email', $request['email'])->firstOrFail();
|
||||
|
||||
$token = $user->createToken('auth_token')->plainTextToken;
|
||||
|
||||
return response()->json([
|
||||
'access_token' => $token,
|
||||
'token_type' => 'Bearer',
|
||||
]);
|
||||
}
|
||||
|
||||
public function me(Request $request)
|
||||
{
|
||||
return $request->user();
|
||||
}
|
||||
}
|
||||
|
|
@ -46,6 +46,8 @@ class RegisteredUserController extends Controller
|
|||
|
||||
Auth::login($user);
|
||||
|
||||
$user->createToken('auth-token');
|
||||
|
||||
return redirect(RouteServiceProvider::HOME);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ use Illuminate\Contracts\View\View;
|
|||
use Illuminate\Http\JsonResponse;
|
||||
use Illuminate\Http\RedirectResponse;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Illuminate\Support\Facades\Response;
|
||||
|
||||
|
||||
|
|
@ -28,8 +29,7 @@ class ProjectController extends Controller
|
|||
{
|
||||
// Check if API Call, get userID from request
|
||||
if ($request->is('api/*')) {
|
||||
$user = User::find($request->user_id);
|
||||
$this->authorize('viewAny', $user);
|
||||
$user = Auth::user();
|
||||
|
||||
$projects = $user->projects()->paginate(4);
|
||||
return new ProjectResource($projects);
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ class Kernel extends HttpKernel
|
|||
],
|
||||
|
||||
'api' => [
|
||||
// \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
|
||||
\Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
|
||||
\Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
|
||||
\Illuminate\Routing\Middleware\SubstituteBindings::class,
|
||||
],
|
||||
|
|
|
|||
|
|
@ -19,6 +19,7 @@ class User extends Authenticatable
|
|||
use HasApiTokens, HasFactory, Notifiable, UuidTrait;
|
||||
|
||||
protected $table = 'users';
|
||||
public $incrementing = false;
|
||||
|
||||
/**
|
||||
* The attributes that are mass assignable.
|
||||
|
|
@ -47,6 +48,7 @@ class User extends Authenticatable
|
|||
* @var array<string, string>
|
||||
*/
|
||||
protected $casts = [
|
||||
'id' => 'string',
|
||||
'email_verified_at' => 'datetime',
|
||||
'password' => 'hashed',
|
||||
];
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ return [
|
|||
'defaults' => [
|
||||
'guard' => 'web',
|
||||
'passwords' => 'users',
|
||||
|
||||
],
|
||||
|
||||
/*
|
||||
|
|
@ -40,6 +41,11 @@ return [
|
|||
'driver' => 'session',
|
||||
'provider' => 'users',
|
||||
],
|
||||
'api' => [
|
||||
'driver' => 'sanctum',
|
||||
'provider' => 'users',
|
||||
'hash' => false,
|
||||
],
|
||||
],
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ return new class extends Migration
|
|||
{
|
||||
Schema::create('personal_access_tokens', function (Blueprint $table) {
|
||||
$table->id();
|
||||
$table->morphs('tokenable');
|
||||
$table->uuidMorphs('tokenable');
|
||||
$table->string('name');
|
||||
$table->string('token', 64)->unique();
|
||||
$table->text('abilities')->nullable();
|
||||
|
|
|
|||
|
|
@ -0,0 +1,31 @@
|
|||
<?php
|
||||
|
||||
use Illuminate\Database\Migrations\Migration;
|
||||
use Illuminate\Database\Schema\Blueprint;
|
||||
use Illuminate\Support\Facades\Schema;
|
||||
|
||||
return new class extends Migration
|
||||
{
|
||||
/**
|
||||
* Run the migrations.
|
||||
*/
|
||||
public function up(): void
|
||||
{
|
||||
Schema::table('personal_access_tokens', function (Blueprint $table) {
|
||||
// Replace tokenable_id to uuid
|
||||
$table->uuid('tokenable_id')->change();
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Reverse the migrations.
|
||||
*/
|
||||
public function down(): void
|
||||
{
|
||||
Schema::table('personal_access_tokens', function (Blueprint $table) {
|
||||
// Replace tokenable_id to uuid
|
||||
$table->bigInteger('tokenable_id')->unsigned()->change();
|
||||
|
||||
});
|
||||
}
|
||||
};
|
||||
|
|
@ -1,6 +1,7 @@
|
|||
<?php
|
||||
|
||||
use App\Http\Controllers\ProjectController;
|
||||
use App\Http\Controllers\Auth\ApiAuthController;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Route;
|
||||
|
||||
|
|
@ -19,5 +20,13 @@ Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
|
|||
return $request->user();
|
||||
});
|
||||
|
||||
Route::post('/register', [ApiAuthController::class, 'register']);
|
||||
|
||||
Route::post('/login', [ApiAuthController::class, 'login']);
|
||||
|
||||
|
||||
// Resources route to /api/projects
|
||||
Route::apiResource('projects', ProjectController::class);
|
||||
Route::middleware('auth:sanctum')->group( function () {
|
||||
Route::get('/me', [ApiAuthController::class, 'me']);
|
||||
Route::apiResource('projects', ProjectController::class);
|
||||
});
|
||||
|
|
|
|||
Loading…
Reference in New Issue