<?phpnamespace App\Http\Controllers\Core;use App\Helpers\ResponseHelper;

1. <?php
2.  
3. namespace App\Http\Controllers\Core;
4.  
5. use App\Helpers\ResponseHelper;
6. use App\Http\Controllers\Controller;
7. use App\Mail\AccountCreated;
8. use App\Mail\ForgottenPassword;
9. use App\Models\User;
10. use http\Exception;
11. use JWTAuth;
12. use Validator;
13. use Tymon\JWTAuth\Exceptions\JWTException;
14. use Illuminate\Http\Request;
15. use DB;
16. use Illuminate\Support\Facades\Mail;
17.  
18. class AuthenticateController extends Controller {
19. public function activateAccount(Request $request) {
20. $v = Validator::make($request->all(), [
21. 'email' => 'required|email',
22. 'email_key' => 'required|min:16'
23. ]);
24.  
25. if ($v->fails()) {
26. return ResponseHelper::genericError();
27. }
28.  
29. $user = User::where('email', '=', $request->get('email'))->first();
30.  
31. if ($user === null) {
32. return ResponseHelper::buildResponse(false, null, 'User does not exist', 'INCORRECT_USER');
33. } else if ($user->email_key !== $request->get('email_key')) {
34. return ResponseHelper::buildResponse(false, null, 'Incorrect email key', 'INCORRECT_EMAIL_KEY');
35. } else if ($user->activated === true) {
36. return ResponseHelper::buildResponse(false, null, 'Account already activated', 'ACCOUNT_ALREADY_ACTIVATED');
37. }
38.  
39. $user->activated = true;
40. $user->save();
41.  
42. LogController::logEvent('USER_ACTIVATED',
43. 'Id: ' . $user->id,
44. $user->id, $request->ip());
45.  
46. return ResponseHelper::buildResponse(true, null, null, null);
47. }
48.  
49. public function resetPassword(Request $request) {
50. $v = Validator::make($request->all(), [
51. 'email' => 'required|email',
52. 'email_key' => 'required|min:16',
53. 'password' => 'required|string|min:6|max:50|regex:/^(?=.{6,32}$)(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9]).*/'
54. ]);
55.  
56. if ($v->fails()) {
57. $failedRules = $v->failed();
58.  
59. if (isset($failedRules['password']['Min']) || isset($failedRules['password']['Max'])) {
60. return ResponseHelper::buildResponse(false, null, 'Password must be between 6 and 50 characters', 'REGISTRATION_PASSWORD_INVALID_LENGTH');
61. } else if (isset($failedRules['password']['Regex'])) {
62. return ResponseHelper::buildResponse(false, null, 'Invalid password.', 'REGISTRATION_PASSWORD_INVALID_REGEX');
63. } else {
64. return ResponseHelper::genericError();
65. }
66. }
67.  
68. $email = $request->get('email');
69. $user = User::where('email', '=', $email)->first();
70.  
71. if ($user === null) {
72. return ResponseHelper::buildResponse(false, null, 'User does not exist', 'INCORRECT_USER');
73. } else if ($user->email_key !== $request->get('email_key')) {
74. return ResponseHelper::buildResponse(false, null, 'Incorrect email key', 'INCORRECT_EMAIL_KEY');
75. }
76.  
77. $user->password = bcrypt($request->get('password'));
78. $user->email_key = ResponseHelper::getKey();
79. $user->save();
80.  
81. return ResponseHelper::buildResponse(true, null, null, null);
82. }
83.  
84. public function forgottenPassword(Request $request) {
85. $v = Validator::make($request->all(), [
86. 'email' => 'required|email'
87. ]);
88.  
89. if ($v->fails()) {
90. return ResponseHelper::genericError();
91. }
92.  
93. $email = $request->get('email');
94. $user = User::where('email', '=', $email)->first();
95.  
96. if ($user === null) {
97. return ResponseHelper::buildResponse(false, null, 'User does not exist', 'INCORRECT_USER');
98. }
99.  
100. Mail::to($email)->send(new ForgottenPassword($user));
101.  
102. return ResponseHelper::buildResponse(true, null, null, null);
103. }
104.  
105. public function register(Request $request) {
106. $v = Validator::make($request->all(), [
107. 'username' => 'required|string|min:3|max:15|unique:users',
108. 'email' => 'required|string|max:255|email|unique:users',
109. 'password' => 'required|string|min:6|max:50|regex:/^(?=.{6,32}$)(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9]).*/'
110. ]);
111.  
112. if ($v->fails()) {
113. $failedRules = $v->failed();
114.  
115. if (isset($failedRules['email']['Unique'])) {
116. return ResponseHelper::buildResponse(false, null, 'Email is already taken', 'REGISTRATION_EMAIL_ALREADY_EXISTS');
117. } else if (isset($failedRules['email']['Email'])) {
118. return ResponseHelper::buildResponse(false, null, 'Email format is invalid', 'REGISTRATION_EMAIL_INVALID_REGEX');
119. } else if (isset($failedRules['username']['Unique'])) {
120. return ResponseHelper::buildResponse(false, null, 'Username is already taken', 'REGISTRATION_USERNAME_ALREADY_EXISTS');
121. } else if (isset($failedRules['username']['Max'])) {
122. return ResponseHelper::buildResponse(false, null, 'Username must be at most 15 characters', 'REGISTRATION_USERNAME_TOO_LONG');
123. } else if (isset($failedRules['username']['Min'])) {
124. return ResponseHelper::buildResponse(false, null, 'Username must be at least 3 characters', 'REGISTRATION_USERNAME_TOO_SHORT');
125. } else if (isset($failedRules['password']['Min']) || isset($failedRules['password']['Max'])) {
126. return ResponseHelper::buildResponse(false, null, 'Password must be between 6 and 50 characters', 'REGISTRATION_PASSWORD_INVALID_LENGTH');
127. } else if (isset($failedRules['password']['Regex'])) {
128. return ResponseHelper::buildResponse(false, null, 'Password should contain at least 3 of the following: uppercases, lowercases, numbers, special characters.', 'REGISTRATION_PASSWORD_INVALID_REGEX');
129. } else {
130. return ResponseHelper::genericError();
131. }
132. }
133.  
134. $username = $request->input('username');
135. $first_name = 'DEFAULT_VALUE';
136. $last_name = 'DEFAULT_VALUE';
137. $email = $request->input('email');
138. $password = bcrypt($request->input('password'));
139. $activated = !config('app.email_confirmation_enabled');
140.  
141. DB::beginTransaction();
142.  
143. try {
144. $createdUser = User::create([
145. 'level' => 'USER',
146. 'username' => $username,
147. 'first_name' => $first_name,
148. 'last_name' => $last_name,
149. 'email' => $email,
150. 'password' => $password,
151. 'email_key' => ResponseHelper::getKey(),
152. 'activated' => $activated
153. ]);
154.  
155. Mail::to($email)->send(new AccountCreated($createdUser));
156. DB::commit();
157. } catch (Exception $e) {
158. DB::rollBack();
159. return ResponseHelper::genericError();
160. }
161.  
162. LogController::logEvent('USER_REGISTERED',
163. 'Id: ' . $createdUser->id,
164. $createdUser->id, $request->ip());
165.  
166. $data = [
167. 'user' => $createdUser
168. ];
169.  
170. return ResponseHelper::buildResponse(true, $data, null, null);
171. }
172.  
173. public function login(Request $request) {
174. $v = Validator::make($request->all(), [
175. 'email' => 'required|string',
176. 'password' => 'required|string',
177. ]);
178.  
179. if ($v->fails()) {
180. return ResponseHelper::genericError();
181. }
182.  
183. $credentials = $request->only('email', 'password');
184.  
185. try {
186. $token = JWTAuth::attempt($credentials);
187.  
188. // verify the credentials and create a token for the user
189. if (!$token) {
190. return ResponseHelper::buildResponse(false, null, 'Invalid credentials', 'INVALID_CREDENTIALS');
191. }
192. } catch (JWTException $e) {
193. // something went wrong
194. return ResponseHelper::genericError();
195. }
196.  
197. JWTAuth::setToken($token);
198. $user = JWTAuth::authenticate();
199.  
200. if ($user->activated === false) {
201. return ResponseHelper::buildResponse(false, null, 'Account is not activated', 'ACCOUNT_NOT_ACTIVATED');
202. }
203.  
204. LogController::logEvent('USER_LOGIN',
205. 'Id: ' . $user->id,
206. $user->id, $request->ip());
207.  
208. $data = [
209. 'level' => $user->level,
210. 'token' => $token
211. ];
212.  
213. return ResponseHelper::buildResponse(true, $data, null, null);
214. }
215. }