Flycro/laravel-nuxt
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Init

Browse Source
This commit is contained in:
Flycro
2024-03-17 12:30:19 +01:00
commit c805b5ebaa
133 changed files with 24036 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
app/Http/Controllers/AccountController.php Normal file
View File

@@ -0,0 +1,84 @@
<?php
namespace App\Http\Controllers;
use App\Models\TemporaryUpload;
use App\Rules\TemporaryFileExists;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\Rule;
use Illuminate\Validation\ValidationException;
use Storage;
use Str;
class AccountController extends Controller
{
/**
* Update the user's profile information.
*/
public function update(Request $request): JsonResponse
{
$request->merge([
// Remove extra spaces and non-word characters
'name' => $request->name ? Str::squish(Str::onlyWords($request->name)) : '',
]);
$user = $request->user();
$request->validate([
'name' => ['required', 'string', 'min:3', 'max:100'],
'email' => ['required', 'email', 'unique:users,email,'.$user->id],
'avatar' => ['nullable', 'string', Rule::excludeIf($request->avatar === $user->avatar), 'regex:/^avatars\/[a-z0-9]{26}\.([a-z]++)$/i', new TemporaryFileExists],
]);
if ($user->avatar && Str::startsWith($user->avatar, 'avatars/') && $user->avatar !== $request->avatar) {
Storage::disk('public')->delete($user->avatar);
}
$email = $user->email;
$user->update($request->only(['name', 'email', 'avatar']));
if ($email !== $request->email) {
$user->email_verified_at = null;
$user->save(['timestamps' => false]);
$user->sendEmailVerificationNotification();
}
// Delete temporary upload record
TemporaryUpload::where('path', $request->avatar)->delete();
return response()->json([
'ok' => true,
]);
}
/**
* Update the user's password.
*/
public function password(Request $request): JsonResponse
{
$request->validate([
'current_password' => ['required', 'string', 'min:8', 'max:100'],
'password' => ['required', 'string', 'min:8', 'max:100', 'confirmed'],
]);
$user = $request->user();
abort_unless($user->has_password, 403, __('Access denied.'));
if (! Hash::check($request->current_password, $user->password)) {
throw ValidationException::withMessages([
'current_password' => __('auth.password'),
]);
}
$user->update([
'password' => Hash::make($request->password),
]);
return response()->json([
'ok' => true,
]);
}
}

355
app/Http/Controllers/AuthController.php Normal file
View File

@@ -0,0 +1,355 @@
<?php
namespace App\Http\Controllers;
use App\Http\Requests\Auth\LoginRequest;
use App\Models\User;
use App\Models\UserProvider;
use Browser;
use Illuminate\Auth\Events\PasswordReset;
use Illuminate\Auth\Events\Registered;
use Illuminate\Auth\Events\Verified;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Password;
use Illuminate\Support\Str;
use Illuminate\Validation\Rules;
use Illuminate\Validation\ValidationException;
use Illuminate\View\View;
use Laravel\Socialite\Facades\Socialite;
class AuthController extends Controller
{
/**
* Register new user
*/
public function register(Request $request): JsonResponse
{
$request->validate([
'name' => ['required', 'string', 'max:255'],
'email' => ['required', 'string', 'lowercase', 'email', 'max:255', 'unique:'.User::class],
'password' => ['required', 'confirmed', Rules\Password::defaults()],
]);
$user = User::create([
'name' => $request->name,
'email' => $request->email,
'password' => Hash::make($request->password),
]);
$user->ulid = Str::ulid()->toBase32();
$user->save();
$user->assignRole('user');
event(new Registered($user));
return response()->json([
'ok' => true,
], 201);
}
/**
* Redirect to provider for authentication
*/
public function redirect(Request $request, $provider)
{
return Socialite::driver($provider)->stateless()->redirect();
}
/**
* Handle callback from provider
*/
public function callback(Request $request, string $provider): View
{
$oAuthUser = Socialite::driver($provider)->stateless()->user();
if (! $oAuthUser?->token) {
return view('oauth', [
'message' => [
'ok' => false,
'message' => __('Unable to authenticate with :provider', ['provider' => $provider]),
],
]);
}
$userProvider = UserProvider::select('id', 'user_id')
->where('name', $provider)
->where('provider_id', $oAuthUser->id)
->first();
if (! $userProvider) {
if (User::where('email', $oAuthUser->email)->exists()) {
return view('oauth', [
'message' => [
'ok' => false,
'message' => __('Unable to authenticate with :provider. User with email :email already exists. To connect a new service to your account, you can go to your account settings and go through the process of linking your account.', [
'provider' => $provider,
'email' => $oAuthUser->email,
]),
],
]);
}
$user = new User();
$user->ulid = Str::ulid()->toBase32();
$user->avatar = $oAuthUser->picture ?? $oAuthUser->avatar_original ?? $oAuthUser->avatar;
$user->name = $oAuthUser->name;
$user->email = $oAuthUser->email;
$user->password = Hash::make(Str::random(32));
$user->has_password = false;
$user->email_verified_at = now();
$user->save();
$user->assignRole('user');
$user->userProviders()->create([
'provider_id' => $oAuthUser->id,
'name' => $provider,
]);
} else {
$user = $userProvider->user;
}
$browser = Browser::parse($request->userAgent());
$device = $browser->platformName() . ' / ' . $browser->browserName();
$sanctumToken = $user->createToken(
$device,
['*'],
now()->addMonth()
);
$sanctumToken->accessToken->ip = $request->ip();
$sanctumToken->accessToken->save();
return view('oauth', [
'message' => [
'ok' => true,
'provider' => $provider,
'token' => $sanctumToken->plainTextToken,
],
]);
}
/**
* Generate sanctum token on successful login
*/
public function login(LoginRequest $request): JsonResponse
{
$user = User::where('email', $request->email)->first();
$request->authenticate($user);
$browser = Browser::parse($request->userAgent());
$device = $browser->platformName() . ' / ' . $browser->browserName();
$sanctumToken = $user->createToken(
$device,
['*'],
$request->remember ?
now()->addMonth() :
now()->addDay()
);
$sanctumToken->accessToken->ip = $request->ip();
$sanctumToken->accessToken->save();
return response()->json([
'ok' => true,
'token' => $sanctumToken->plainTextToken,
]);
}
/**
* Revoke token; only remove token that is used to perform logout (i.e. will not revoke all tokens)
*/
public function logout(Request $request): JsonResponse
{
$request->user()->currentAccessToken()->delete();
return response()->json([
'ok' => true,
]);
}
/**
* Get authenticated user details
*/
public function user(Request $request): JsonResponse
{
$user = $request->user();
return response()->json([
'ok' => true,
'user' => [
...$user->toArray(),
'must_verify_email' => $user->mustVerifyEmail(),
'roles' => $user->roles()->select('name')->pluck('name'),
'providers' => $user->userProviders()->select('name')->pluck('name'),
],
]);
}
/**
* Handle an incoming password reset link request.
*/
public function sendResetPasswordLink(Request $request): JsonResponse
{
$request->validate([
'email' => ['required', 'email'],
]);
// We will send the password reset link to this user. Once we have attempted
// to send the link, we will examine the response then see the message we
// need to show to the user. Finally, we'll send out a proper response.
$status = Password::sendResetLink(
$request->only('email')
);
if ($status != Password::RESET_LINK_SENT) {
throw ValidationException::withMessages([
'email' => [__($status)],
]);
}
return response()->json([
'ok' => true,
'message' => __($status),
]);
}
/**
* Handle an incoming new password request.
*/
public function resetPassword(Request $request): JsonResponse
{
$request->validate([
'token' => ['required'],
'email' => ['required', 'email', 'exists:'.User::class],
'password' => ['required', 'confirmed', Rules\Password::defaults()],
]);
// Here we will attempt to reset the user's password. If it is successful we
// will update the password on an actual user model and persist it to the
// database. Otherwise we will parse the error and return the response.
$status = Password::reset(
$request->only('email', 'password', 'password_confirmation', 'token'),
function ($user) use ($request) {
$user->forceFill([
'password' => Hash::make($request->password),
'remember_token' => Str::random(60),
'has_password' => true,
])->save();
event(new PasswordReset($user));
}
);
if ($status != Password::PASSWORD_RESET) {
throw ValidationException::withMessages([
'email' => [__($status)],
]);
}
return response()->json([
'ok' => true,
'message' => __($status),
]);
}
/**
* Mark the authenticated user's email address as verified.
*/
public function verifyEmail(Request $request, $ulid, $hash): JsonResponse
{
$user = User::whereUlid($ulid)->first();
abort_unless(!!$user, 404);
abort_unless(hash_equals(sha1($user->getEmailForVerification()), $hash), 403, __('Invalid verification link'));
if (! $user->hasVerifiedEmail()) {
$user->markEmailAsVerified();
event(new Verified($user));
}
return response()->json([
'ok' => true,
]);
}
/**
* Send a new email verification notification.
*/
public function verificationNotification(Request $request): JsonResponse
{
$request->validate([
'email' => ['required', 'email'],
]);
$user = User::where('email', $request->email)->whereNull('email_verified_at')->first();
abort_unless(!!$user, 400);
$user->sendEmailVerificationNotification();
return response()->json([
'ok' => true,
'message' => __('Verification link sent!'),
]);
}
/**
* Get authenticated user devices
*/
public function devices(Request $request): JsonResponse
{
$user = $request->user();
$devices = $user->tokens()
->select('id', 'name', 'ip', 'last_used_at')
->orderBy('last_used_at', 'DESC')
->get();
$currentToken = $user->currentAccessToken();
foreach ($devices as $device) {
$device->hash = Crypt::encryptString($device->id);
if ($currentToken->id === $device->id) {
$device->is_current = true;
}
unset($device->id);
}
return response()->json([
'ok' => true,
'devices' => $devices,
]);
}
/**
* Revoke token by id
*/
public function deviceDisconnect(Request $request): JsonResponse
{
$request->validate([
'hash' => 'required',
]);
$user = $request->user();
$id = (int) Crypt::decryptString($request->hash);
if (!empty($id)) {
$user->tokens()->where('id', $id)->delete();
}
return response()->json([
'ok' => true,
]);
}
}

8
app/Http/Controllers/Controller.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
namespace App\Http\Controllers;
abstract class Controller
{
//
}

40
app/Http/Controllers/UploadController.php Normal file
View File

@@ -0,0 +1,40 @@
<?php
namespace App\Http\Controllers;
use App\Models\TemporaryUpload;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
class UploadController extends Controller
{
public function image(Request $request): JsonResponse
{
$request->validate([
'image' => ['required', 'image', 'max:5120'],
'entity' => ['required', 'string', 'in:avatars'],
'width' => 'nullable|integer|min:1|max:1920',
'height' => 'nullable|integer|min:1|max:1920',
]);
$extension = 'webp';
$path = $request->file('image')
->convert($request->width, $request->height, $extension)
->storeAs(
$request->entity,
implode('.', [Str::ulid()->toBase32(), $extension]),
['disk' => 'public']
);
TemporaryUpload::create([
'path' => $path,
]);
return response()->json([
'ok' => true,
'path' => $path,
]);
}
}

22
app/Http/Middleware/JsonResponse.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class JsonResponse
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
$request->headers->set('Accept', 'application/json');
return $next($request);
}
}

85
app/Http/Requests/Auth/LoginRequest.php Normal file
View File

@@ -0,0 +1,85 @@
<?php
namespace App\Http\Requests\Auth;
use Illuminate\Auth\Events\Lockout;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\Str;
use Illuminate\Validation\ValidationException;
class LoginRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return true;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, \Illuminate\Contracts\Validation\Rule|array|string>
*/
public function rules(): array
{
return [
'email' => ['required', 'string', 'email'],
'password' => ['required', 'string'],
];
}
/**
* Attempt to authenticate the request's credentials.
*
* @throws \Illuminate\Validation\ValidationException
*/
public function authenticate($user): void
{
$this->ensureIsNotRateLimited();
if (! $user || ! Hash::check($this->password, $user->password)) {
RateLimiter::hit($this->throttleKey());
throw ValidationException::withMessages([
'email' => __('auth.failed'),
]);
}
RateLimiter::clear($this->throttleKey());
}
/**
* Ensure the login request is not rate limited.
*
* @throws \Illuminate\Validation\ValidationException
*/
public function ensureIsNotRateLimited(): void
{
if (! RateLimiter::tooManyAttempts($this->throttleKey(), 5)) {
return;
}
event(new Lockout($this));
$seconds = RateLimiter::availableIn($this->throttleKey());
throw ValidationException::withMessages([
'email' => trans('auth.throttle', [
'seconds' => $seconds,
'minutes' => ceil($seconds / 60),
]),
]);
}
/**
* Get the rate limiting throttle key for the request.
*/
public function throttleKey(): string
{
return Str::transliterate(Str::lower($this->input('email')).'|'.$this->ip());
}
}