Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * Created by PhpStorm.
- * Author: HuyDang
- */
- namespace Tacko\Users\Controllers\Api;
- use App\Http\Controllers\Api\ApiBaseController;
- use Illuminate\Http\Request;
- use Tacko\Users\Repositories\User\UserRepository;
- /*use Tacko\Users\Repositories\UserDevice\UserDeviceRepository;*/
- use Core\Push\Repositories\Userdevices\UserdevicesRepository;
- use Tacko\Countries\Repositories\Country\CountryRepository;
- use Mail;
- use Laravel\Passport\Http\Controllers\HandlesOAuthErrors;
- use Laravel\Passport\TokenRepository;
- use Laravel\Passport\Token;
- use Cartalyst\Sentinel\Laravel\Facades\Activation;
- use Cartalyst\Sentinel\Laravel\Facades\Sentinel;
- use Cartalyst\Sentinel\Laravel\Facades\Reminder;
- use Zend\Diactoros\Response as Psr7Response;
- use Psr\Http\Message\ServerRequestInterface;
- use League\OAuth2\Server\AuthorizationServer;
- use League\OAuth2\Server\Exception\OAuthServerException;
- use Tacko\Currencies\Repositories\Currency\CurrencyRepository;
- use Carbon\Carbon;
- /**
- * @SWG\Resource(
- * apiVersion="1.0.0",
- * swaggerVersion="1.2",
- * resourcePath="/Auth",
- * description="Auth Api",
- * produces="['application/json']"
- * )
- */
- class AuthController extends ApiBaseController
- {
- use HandlesOAuthErrors;
- /**
- * The authorization server.
- *
- * @var AuthorizationServer
- */
- protected $server;
- /**
- * The custom authorization server.
- *
- * @var CustomAuthorizationServer
- */
- protected $customServer;
- /**
- * The token repository instance.
- *
- * @var TokenRepository
- */
- protected $tokens;
- protected $countryRepository;
- protected $userDeviceRepository;
- protected $currencyRepository;
- public function __construct(Request $request,
- UserRepository $userRepository,
- CountryRepository $countryRepository,
- UserdevicesRepository $userDeviceRepository,
- AuthorizationServer $server,
- TokenRepository $tokens,
- ServerRequestInterface $requestHandle,
- CurrencyRepository $currencyRepository)
- {
- $this->request = $request;
- $this->server = $server;
- $this->tokens = $tokens;
- $this->requestHandle = $requestHandle;
- $this->modelRepository = $userRepository;
- $this->model = $userRepository->createModel();
- $this->countryRepository = $countryRepository;
- $this->userDeviceRepository = $userDeviceRepository;
- $this->currencyRepository = $currencyRepository;
- parent::__construct($request);
- $this->middleware('passport:api')->only('signOut');
- }
- /**
- * @SWG\Model(id="SignUpModel")
- * @SWG\Property(name="country_id", type="integer", required=true, defaultValue="229"),
- * @SWG\Property(name="phone_number", type="string", required=true, defaultValue="12345678"),
- * @SWG\Property(name="email", type="string", required=true, defaultValue="bss.team.dev@gmail.com"),
- * @SWG\Property(name="password", type="string", required=true, defaultValue="123456"),
- * @SWG\Property(name="username", type="string", required=true, defaultValue="bss.team.dev@gmail.com"),
- * @SWG\Property(name="name_of_user", type="string", required=true, defaultValue="BSSDev"),
- * @SWG\Property(name="grant_type", type="string", required=true, defaultValue="password"),
- * @SWG\Property(name="client_id", type="string", required=true, defaultValue="2"),
- * @SWG\Property(name="client_secret", type="string", required=true, defaultValue="4p5Ib4Kgx5Q9edW775c6eHJ7Kg2sRu0IjZeRE7oz"),
- * @SWG\Property(name="device_platform", type="string", required=true, defaultValue="ios"),
- * @SWG\Property(name="device_token", type="string", required=true, defaultValue="a437dd18254449779569cc1322a87791a426ad0c3e33aaf92379fac65d89758e"),
- * @SWG\Property(name="longitude", type="string", required=true, defaultValue="106.66033"),
- * @SWG\Property(name="latitude", type="string", required=true, defaultValue="10.7919413"),
- * @SWG\Api(
- * path="/api/auth/signUp",
- * @SWG\Operation(
- * method="POST",
- * summary="Sign Up",
- * nickname="signUp",
- * @SWG\Parameter(name="body", description="Request body", required=true, type="SignUpModel", paramType="body", allowMultiple=false),
- * @SWG\ResponseMessage(code=200, message="OK"),
- * @SWG\ResponseMessage(code=400, message="Invalid request params"),
- * @SWG\ResponseMessage(code=401, message="Caller is not authenticated"),
- * @SWG\ResponseMessage(code=404, message="Resource not found")
- * )
- * )
- */
- public function store()
- {
- try {
- $input = $this->getRequestInput();
- $country_id = $this->request->get('country_id');
- $phone_number = $this->request->get('phone_number');
- $username = $this->request->get('name_of_user');
- $password = $this->request->get('password');
- $checkUserWithPhone = $this->model->where('phone_number', $phone_number)->where('country_id', $country_id)->first();
- if(isset($checkUserWithPhone)){
- return $this->respondWithErrorKey('phone.exists', 409);
- }
- $validatorErrors = $this->getValidator($input, $this->model->rules['create']);
- if (!empty($validatorErrors)) {
- return $this->respondWithError($validatorErrors);
- }
- $result = Sentinel::register($input);
- $user = Sentinel::findById($result->id);
- //Update information miss when use Sentinel Register
- $user->username = $username;
- $user->phone_number = $phone_number;
- $user->country_id = $country_id;
- $user->save();
- //Activation Account
- $activation = Activation::create($user);
- Activation::complete($user, $activation->code);
- $role = Sentinel::findRoleByName('Registered');
- // Assign the group to the user
- $role->users()->attach($user);
- /*Send welcome email to user*/
- $dataView = array(
- "email" => $user->email,
- "password" => $password
- );
- Mail::send('tacko/users::emails.welcome', $dataView, function ($message) use ($dataView) {
- $message->to($dataView['email'])->subject('Welcome to Tacko!');
- });
- /*Sign In*/
- $signIn = $this->signIn($this->requestHandle);
- return $signIn;
- } catch (\Exception $e) {
- return $this->errorInternalError($e->getMessage());
- }
- }
- /**
- * @SWG\Api(
- * path="/api/auth/activate/{code}",
- * @SWG\Operation(
- * summary="Activate user",
- * method="GET",
- * nickname="activateUser",
- * @SWG\Parameter(name="code", description="Verify Code", required=true, type="string", paramType="path", allowMultiple=false),
- * @SWG\Parameter(name="device_platform", description="Device Platform", required=true, type="string", paramType="query", allowMultiple=false, defaultValue="ios"),
- * @SWG\Parameter(name="device_token", description="Device Token", required=true, type="string", paramType="query", allowMultiple=false, defaultValue="a437dd18254449779569cc1322a87791a426ad0c3e33aaf92379fac65d89758e"),
- * @SWG\Parameter(name="longitude", description="Longitude", required=true, type="string", paramType="query", allowMultiple=false, defaultValue="106.66033"),
- * @SWG\Parameter(name="latitude", description="Latitude", required=true, type="string", paramType="query", allowMultiple=false, defaultValue="10.7919413"),
- * @SWG\ResponseMessage(code=200, message="OK"),
- * @SWG\ResponseMessage(code=400, message="Invalid request params"),
- * @SWG\ResponseMessage(code=401, message="Caller is not authenticated"),
- * @SWG\ResponseMessage(code=404, message="Resource not found")
- * )
- * )
- */
- public function activate($code)
- {
- try {
- $userActivation = Activation::where('code', $code)->where('completed', 'false')->first();
- if(isset($userActivation)){
- $user_id = $userActivation->user_id;
- $user = Sentinel::findById($user_id);
- if (Activation::complete($user, $code)) {
- Sentinel::login($user);
- // get last persistences => the newest one for current login request
- $persistences = $user->persistences()->latest()->first();
- $response = $user->toArray();
- $response['last_login'] = $this->parseToDateTime($response['last_login']);
- $response['created_at'] = $this->parseToDateTime($response['created_at']);
- $response['updated_at'] = $this->parseToDateTime($response['updated_at']);
- $response[$this->apiKeyName] = $persistences->code;
- $response['country'] = $this->countryRepository->find($user->country_id);
- //Update longitude and latitude
- $longitude = $this->request->get('longitude');
- $latitude = $this->request->get('latitude');
- if($longitude && $latitude) {
- $user->longitude = $longitude;
- $user->latitude = $latitude;
- }
- $user->save();
- // Update devices
- $input = [
- 'device_type' => $this->request->get('device_platform'),
- 'device_token' => $this->request->get('device_token'),
- ];
- if ($input['device_type'] && $input['device_token']) {
- // Format input
- $input['device_type'] = strtolower($input['device_type']);
- //Create or update device
- $this->createOrUpdateDevice($input, $user);
- }
- return $this->respondWithSuccess($response);
- } else {
- return $this->respondWithErrorKey('users_activate_verify_failed', 400);
- }
- }else{
- return $this->respondWithErrorKey('users_activate_verify_failed', 409);
- }
- }catch (\Exception $e) {
- return $this->errorInternalError($e->getMessage());
- }
- }
- public function direct($code){
- echo ('<a href="tacko://activate/'.$code.'"> confirm </a><script> window.location.href = "tacko://activate/'.$code.'"; window.open("tacko://activate/'.$code.'");</script>');die();
- }
- /**
- * @SWG\Model(id="SignInModel")
- * @SWG\Property(name="username", type="string", required=true, defaultValue="bss.team.dev@gmail.com"),
- * @SWG\Property(name="password", type="string", required=true, defaultValue="123456"),
- * @SWG\Property(name="grant_type", type="string", required=true, defaultValue="password"),
- * @SWG\Property(name="client_id", type="string", required=true, defaultValue="2"),
- * @SWG\Property(name="client_secret", type="string", required=true, defaultValue="4p5Ib4Kgx5Q9edW775c6eHJ7Kg2sRu0IjZeRE7oz"),
- * @SWG\Property(name="email", type="string", required=true, defaultValue="bss.team.dev@gmail.com"),
- * @SWG\Property(name="device_platform", type="string", required=true, defaultValue="ios"),
- * @SWG\Property(name="device_token", type="string", required=true, defaultValue="a437dd18254449779569cc1322a87791a426ad0c3e33aaf92379fac65d89758e"),
- * @SWG\Property(name="longitude", type="string", required=true, defaultValue="106.66033"),
- * @SWG\Property(name="latitude", type="string", required=true, defaultValue="10.7919413"),
- * @SWG\Api(
- * path="/api/auth/signIn",
- * @SWG\Operation(
- * method="POST",
- * summary="Sign in",
- * nickname="signIn",
- * @SWG\Parameter(name="body", description="Request body", required=true, type="SignInModel", paramType="body", allowMultiple=false),
- * @SWG\ResponseMessage(code=200, message="OK"),
- * @SWG\ResponseMessage(code=400, message="Invalid request params"),
- * @SWG\ResponseMessage(code=401, message="Caller is not authenticated"),
- * @SWG\ResponseMessage(code=404, message="Resource not found")
- * )
- * )
- */
- public function signIn(ServerRequestInterface $request)
- {
- $email = $this->request->get('email');
- $password = $this->request->get('password');
- $credentials = [
- 'email' => $email,
- 'password' => $password
- ];
- $user = Sentinel::authenticate($credentials, $this->request->get('remember'));
- if (!$user) {
- //return $this->respondWithErrorKey('login.fail', 403);
- throw OAuthServerException::invalidCredentials();
- }
- $access_token = Token::where('user_id', $user->id)->where('revoked', 0)->first();
- if(isset($access_token)){
- $this->tokens->revokeAccessToken($access_token->id);
- }
- try {
- //login with passport begin
- $withErrorHandling = $this->withErrorHandling(function () use ($request) {
- $respondToAccessTokenRequest = $this->server->respondToAccessTokenRequest($request, new Psr7Response);
- return $respondToAccessTokenRequest;
- });
- }catch(\Exception $e){
- return $this->errorWrongArgs($e->getMessage());
- }
- //$withErrorHandling instanceof \Zend\Diactoros\Response''
- //login with passport end
- $token = json_decode((string)$withErrorHandling->getBody(), false);
- // get last persistences => the newest one for current login request
- $persistences = $user->persistences()->latest()->first();
- $response = $user->toArray();
- $response['last_login'] = $this->parseToDateTime($response['last_login']);
- $response['created_at'] = $this->parseToDateTime($response['created_at']);
- $response['updated_at'] = $this->parseToDateTime($response['updated_at']);
- $response[$this->apiKeyName] = $token;
- $response['country'] = $this->countryRepository->find($user->country_id);
- $response['is_notification'] = (boolean)$response['is_notification'];
- //Update longitude and latitude
- $longitude = $this->request->get('longitude');
- $latitude = $this->request->get('latitude');
- if($longitude && $latitude) {
- $user->longitude = $longitude;
- $user->latitude = $latitude;
- }
- $user->save();
- // Update devices
- $input = [
- 'device_type' => $this->request->get('device_platform'),
- 'device_token' => $this->request->get('device_token'),
- ];
- if ($input['device_type'] && $input['device_token']) {
- // Format input
- $input['device_type'] = strtolower($input['device_type']);
- //Create or update device
- $this->createOrUpdateDevice($input, $user);
- }
- /*Current User Currency*/
- $currency = $this->currencyRepository->createModel()->where('country_id', $user->country_id)->first();
- if(isset($currency)){
- $response['local_currency'] = $currency->code_iso;
- }else{
- $response['local_currency'] = 'USD';
- }
- return $this->respondWithSuccess($response);
- }
- public function createOrUpdateDevice($input, $user)
- {
- if ($device = $this->userDeviceRepository->createModel()->where('device_type', $input['device_type'])->where('device_token', $input['device_token'])->first()) {
- $device->user_id = $user->id;
- $device->last_active = $user->last_login;
- $device->save();
- } else {
- $checkUserIsset = $this->userDeviceRepository->createModel()->where('user_id', $user->id)->first();
- $input['user_id'] = $user->id;
- $input['last_active'] = $user->last_login;
- if(isset($checkUserIsset)){
- $this->userDeviceRepository->update($checkUserIsset->id, $input);
- }else{
- $this->userDeviceRepository->create($input);
- }
- }
- }
- /**
- * @SWG\Api(
- * path="/api/auth/signOut",
- * @SWG\Operation(
- * summary="Sign out",
- * method="POST",
- * nickname="signOut",
- * @SWG\ResponseMessage(code=200, message="OK"),
- * @SWG\ResponseMessage(code=400, message="Invalid request params"),
- * @SWG\ResponseMessage(code=401, message="Caller is not authenticated"),
- * @SWG\ResponseMessage(code=404, message="Resource not found")
- * )
- * )
- */
- public function signOut()
- {
- try {
- $user = $this->user()[0];
- $access_token_id = $user->token()->id;
- if ($device = $this->userDeviceRepository->createModel()->where('user_id', $user->id)->first()) {
- $this->userDeviceRepository->createModel()->where('device_token', $device->device_token)->delete();
- }
- if (Sentinel::logout($user, $this->request->get('force', false))) {
- $access_token = $this->tokens->find($access_token_id);
- $access_token->revoke();
- return $this->respondWithSuccess('Logout Successful!');
- } else {
- return $this->errorNotFound();
- }
- } catch (\Exception $e) {
- return $this->errorInternalError($e->getMessage());
- }
- }
- /**
- * @SWG\Model(
- * id="resendCodeModel",
- * @SWG\Property(name="email", type="string", required=true, defaultValue="bss.team.dev@gmail.com")
- * )
- */
- /**
- * @SWG\Api(
- * path="/api/auth/resend",
- * @SWG\Operation(
- * method="PUT",
- * summary="Resend Code Activate",
- * nickname="resendCodeActivate",
- * @SWG\Parameter(name="body", description="Request body", required=true, type="resendCodeModel", paramType="body", allowMultiple=false),
- * @SWG\ResponseMessage(code=200, message="OK"),
- * @SWG\ResponseMessage(code=400, message="Invalid request params"),
- * @SWG\ResponseMessage(code=401, message="Caller is not authenticated"),
- * @SWG\ResponseMessage(code=404, message="Resource not found")
- * )
- * )
- */
- public function resend()
- {
- try {
- $email = $this->request->get('email');
- $checkEmail = $this->model->where('email', $email)->first();
- if (isset($checkEmail)) {
- $user = Sentinel::findById($checkEmail->id);
- $checkActivation = Activation::completed($user);
- if (!$checkActivation) {
- $activation = Activation::exists($user);
- $random_hash = strtoupper(substr(md5(uniqid(rand(), true)), 4, 6));
- $activation->code = $random_hash;
- $activation->save();
- $dataView = array(
- "id" => $user->id,
- "email" => $user->email,
- "code" => $activation->code
- );
- Mail::send('tacko/users::emails.activeRegistration', $dataView, function ($message) use ($dataView) {
- $message->to($dataView['email'])->subject('Verify registration!');
- });
- return $this->respondWithSuccess(array(
- 'email' => $user->email,
- 'message' => "We have resent you activate code!"
- ));
- } else {
- return $this->respondWithErrorKey('users_activate_verify_completed', 400);
- }
- } else {
- return $this->respondWithErrorKey('users_code_exists_user', 400);
- }
- } catch (\Exception $e) {
- return $this->errorInternalError($e->getMessage());
- }
- }
- /**
- * @SWG\Model(
- * id="request_reset_password",
- * @SWG\Property(name="email", type="string", required=true, defaultValue="bss.team.dev@gmail.com"),
- * @SWG\Property(name="isWeb", type="boolean", required=false, defaultValue=false),
- * )
- */
- /**
- * @SWG\Api(
- * path="/api/auth/requestResetPassword",
- * @SWG\Operation(
- * method="POST",
- * summary="Confirm Request Password",
- * nickname="confirmRequestPassword",
- * @SWG\Parameter(name="body", description="Request body", required=true, type="request_reset_password", paramType="body", allowMultiple=false),
- * @SWG\ResponseMessage(code=200, message="OK"),
- * @SWG\ResponseMessage(code=400, message="Invalid request params"),
- * @SWG\ResponseMessage(code=401, message="Caller is not authenticated"),
- * @SWG\ResponseMessage(code=404, message="Resource not found")
- * )
- * )
- */
- public function requestResetPassword()
- {
- try {
- $isWeb = $this->request->get('isWeb');
- $input = $this->getRequestInput();
- $validatorErrors = $this->getValidator($input, $this->model->rules['reset_password']);
- if (!empty($validatorErrors)) {
- return $this->respondWithError($validatorErrors);
- }
- $checkUser = $this->model->where('email', $input['email'])->first();
- if (isset($checkUser)) {
- $userRecord = $this->model->where('email', $input['email'])
- ->select(
- 'id'
- )->first();
- $user = Sentinel::findById($userRecord->id);
- if ($activation = Activation::completed($user)) {
- $random_hash = strtoupper(substr(md5(uniqid(rand(), true)), 4, 6));
- $now = Carbon::createFromFormat('Y-m-d H:i:s', date('Y-m-d H:i:s'))->format('c');
- $reminderExist = Reminder::exists($user);
- if($reminderExist){
- $updated = Carbon::createFromFormat('Y-m-d H:i:s', $reminderExist->updated_at)->format('c');
- if(!$reminderExist->completed and (int)(strtotime($now) - strtotime($updated)) > 900){/*Expire after 15 minutes*/
- $reminderExist->code = $random_hash;
- $reminderExist->save();
- $results = $reminderExist;
- }else{
- $results = $reminderExist;
- }
- }else{
- $results = Reminder::create($user);
- $results->code = $random_hash;
- $results->save();
- }
- $reminder = array(
- "id" => $userRecord->id,
- "email" => $input['email'],
- "code" => $results->code
- );
- if ($isWeb === true) {
- $reminder = $results;
- Mail::send('tacko/users::password.requestResetPasswordFrontend', compact('user', 'reminder'), function ($message) use ($user) {
- $message->to($user->email)->subject('Request reset password!');
- });
- } else {
- Mail::send('tacko/users::password.requestResetPassword', $reminder, function ($message) use ($reminder) {
- $message->to($reminder['email'])->subject('Request reset password!');
- });
- }
- return $this->respondWithSuccess("We have sent you reset password code!");
- } else {
- return $this->respondWithErrorKey('users_activate_verify_failed', 403);
- }
- } else {
- return $this->respondWithErrorKey('user.deleted', 403);
- }
- } catch (\Exception $e) {
- return $this->errorInternalError($e->getMessage());
- }
- }
- public function resetPass($id, $code)
- {
- echo('<a href="tacko://reset?userId=' . $id . '&code=' . $code . '"> confirm </a><script> window.location.href = "tacko://reset?userId=' . $id . '&code=' . $code . '"; window.open("tacko://reset?userId=' . $id . '&code=' . $code . '");</script>');
- die();
- }
- /**
- * @SWG\Model(
- * id="activatePass",
- * @SWG\Property(name="email", type="string", required=true, defaultValue="bss.team.dev@gmail.com"),
- * @SWG\Property(name="code", type="string", required=true, defaultValue="uwTXhN"),
- * @SWG\Property(name="newPassword", type="string", required=true, defaultValue="hoanggia3116"),
- * @SWG\Property(name="newPassword_confirmation", type="string", required=true, defaultValue="hoanggia3116")
- * )
- */
- /**
- * @SWG\Api(
- * path="/api/auth/resetPassword",
- * @SWG\Operation(
- * summary="Reset Password",
- * method="PUT",
- * nickname="resetPassword",
- * @SWG\Parameter(name="body", description="Request body", required=true, type="activatePass", paramType="body", allowMultiple=false),
- * @SWG\ResponseMessage(code=200, message="OK"),
- * @SWG\ResponseMessage(code=400, message="Invalid request params"),
- * @SWG\ResponseMessage(code=401, message="Caller is not authenticated"),
- * @SWG\ResponseMessage(code=404, message="Resource not found")
- * )
- * )
- */
- public function resetPassword()
- {
- try {
- $data = $this->request->all();
- $email = $this->request->get('email');
- $validatorErrors = $this->getValidator($data, $this->model->rules['reset_password_active']);
- if (!empty($validatorErrors)) {
- return $this->respondWithError($validatorErrors);
- }
- $checkUserEmail = $this->model->where('email', $email)->first();
- if (isset($checkUserEmail)) {
- $userId = $checkUserEmail->id;
- $code = $this->request->get('code');
- $new_pass = $this->request->get('newPassword');
- $checkUser = $this->modelRepository->find($userId);
- if (isset($checkUser)) {
- $user = Sentinel::findById($userId);
- $now = Carbon::createFromFormat('Y-m-d H:i:s', date('Y-m-d H:i:s'))->format('c');
- $reminderExist = Reminder::exists($user);
- if(isset($reminderExist) and !$reminderExist->completed){
- $updated = Carbon::createFromFormat('Y-m-d H:i:s', $reminderExist->updated_at)->format('c');
- /*Expire after 15 minutes*/
- if((int)(strtotime($now) - strtotime($updated)) < 900){
- $reminder = Reminder::complete($user, $code, $new_pass);
- $data = array(
- 'email' => $user->email,
- 'password' => $new_pass
- );
- if ($reminder) {
- Mail::send('tacko/users::password.newPassword', $data, function ($message) use ($data) {
- $message->to($data['email'])->subject('Tacko Account New password!');
- });
- return $this->respondWithSuccess($data);
- } else {
- return $this->respondWithErrorKey('reset.pwd.sent.pwd.failed.or.expired', 403);
- }
- }else{
- return $this->respondWithErrorKey('reset.pwd.sent.pwd.failed.or.expired', 403);
- }
- }else{
- return $this->respondWithErrorKey('reset.fail', 403);
- }
- } else {
- return $this->respondWithErrorKey('user.deleted', 403);
- }
- }
- } catch (\Exception $e) {
- return $this->errorInternalError($e->getMessage());
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement