Route::group(array('prefix'=>'Api/v1/admin'),function() { Route::post('l

1. Route::group(array('prefix'=>'Api/v1/admin'),function()
2. {
3. Route::post('login','AdminController@login');
4. });
5.  
6. Route::group(['middleware'=>'admin.csrf','prefix'=>'Api/v1/admin'],function($router){
7. Route::get('getAdminDetails','AdminController@ Route::get('getAdminDetails','AdminController@login'); //Call Rest all routes after admin login
8. ');
9. /*Call Rest all routes after admin login like this and this request
10. goes through the VerifyAdminCsrfToken.php handle request.*/
11. });
12.  
13. <?php namespace AppHttpMiddleware;
14.  
15. class VerifyAdminCsrfToken {
16.  
17. public function handle($request, Closure $next)
18. {
19. $token = Request::header('X-Admin-Csrf-Token');
20. $id_admin = Request::header('X-Id-Admin');
21.  
22. $adminObject=new AppModelsAdmin();
23. $adminDetails = $adminObject->checkAdminToken($id_admin,$token); // function to identify the admin in admin model based on id_admin and token.
24.  
25. // echo Session::token() .'==='. $csrfToken; //exit();
26. if(!$adminDetails&&count($adminDetails)==0)
27. {
28. return Response::json(array('error'=>true,'message'=>'Unauthorized
29. Request'),401);
30. }
31. else{
32. $userDet = array();
33. $userDet['id_admin'] = $adminDetails->id_admin;
34. $userDet['name'] = $adminDetails->name;
35.  
36. $request->userDet=$userDet;
37.  
38. return $next($request);
39. }
40. }
41.  
42. <?php
43.  
44. namespace AppHttpControllers;
45. class AdminController extends Controller
46. {
47. public function login(Request $request){
48. $admin_email = $request->input('email');
49. $password = $request->input('password');
50. $adminObj = new AppModelsAdmin();
51. $loginCheck=$adminObj->checkAdminLogin($admin_email,$password);// function to identify the admin in admin model based in admin_email and password.
52. if($loginCheck&&count($loginCheck)>0){
53. return response()->json(['message'=>'Successfully logged
54. in','user_detail'=>$userDet,'csrf_token'=>$token],200);
55. }else{
56. return response()->json(array('message'=>'These credentials did not
57. match our record'),403);
58. }
59. }