Untitled

<?php

/** @var Dingo\Api\Routing\Router $api */
$api = app('Dingo\Api\Routing\Router');

$api->version('v1', function ($api) {

    /** @var Dingo\Api\Routing\Router $api */
    $api->group([
        'namespace' => 'App\Http\Controllers',
        'middleware' => '\Barryvdh\Cors\HandleCors::class',
        'domain' => 'test-api.jashka'], function ($api) {
        /** @var Dingo\Api\Routing\Router $api */

        $api->post('login', 'Auth\AuthController@authenticate');
        $api->post('register', 'Auth\AuthController@register');
        $api->post('check-email', 'Auth\PasswordController@checkEmail');
        $api->post('reset-password', 'Auth\PasswordController@resetPassword');

        $api->post('/user/create', 'UserController@store');

        $api->group(['middleware' => 'jwt.auth','providers' => ['basic', 'jwt']], function (
            $api) {
            /** @var Dingo\Api\Routing\Router $api */

            $api->resource('user', 'UserController');
            $api->get('user/me', 'UserController@me');
        });

    });
});


<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Validator;
use Illuminate\Http\Request;
use App\User;
use Session;
use Hash;
use Mail;

class PasswordController extends Controller
{
    public function resetPassword (Request $request) {

        $email = $request->get('email');
        $password = $request->get('password');
        $token = $request->get('token');

        $user = User::where('email', '=', $email)
                    ->where('remember_token', '=', $token)
                    ->first();

        if ( $user ) {
            $user->password = Hash::make($password);
            $user->remember_token = '';
            if ($user->save()) {
                return $this->message('changed');
            }
        }

        return response()->json(['error' => trans('auth.access_denied')], 403);
    }

    protected function validRequest ($request) {
        $validator = Validator::make($request, User::$validatorRules);
        return $validator->fails() === true ? false : true;
    }

    protected function message ($status, $httpCode = 200) {
        return response()->json([
                    'data' => [
                        'status' => $status
                        ]
                ], $httpCode);
    }

    protected function sendUserMessage ($data) {
        Mail::send('email.reminder', ['user' => $data['user'], 'token' => $data['token'] ],
            function ($message) use ($data) {
            $message->to($data['user']->email, $data['user']->name . ' ' . $data['user']->lastname)
                ->subject('Reset your password');
        });

    }

    public function checkEmail (Request $request) {
        $email = $request->get('email');

        if (!$this->validRequest($request->all())) {
            return response()->json(['error' => trans('auth.not_valid_email')], 400);
        }

        $user = User::where('email', '=', $email)->first();
        if ( $user ) {
            $token = bin2hex(random_bytes(50));

            if (strlen($user->remember_token) > 10) {
                return response()->json(['error' => trans('passwords.reset_password_was_send')], 417);
            }

            /*$user->remember_token = $token;
            // не буду слать письма пока, что бы в спам лист не попасть, все работает
            $user->save();

            $this->sendUserMessage([
                'user' => $user,
                'token' => $token
            ]);*/

            return $this->message($user->email);
        }

        return response()->json(['error' => trans('passwords.user')], 500);
    }
}


<?php

namespace App\Http\Controllers\Auth;

use App\User;
use Dingo\Api\Facade\API;
use Illuminate\Validation\Validator;
use Illuminate\Http\Request;
use Tymon\JWTAuth\Facades\JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
use App\Http\Controllers\Controller;
use DB;
use Hash;
use Illuminate\Foundation;

class AuthController extends Controller
{
    protected function validator(array $data) {
        return Validator::make($data, [
            'name' => 'required|max:255',
            'email' => 'required|email|max:255|unique:users',
            'password' => 'required|min:6|confirmed',
            ]);
    }

    protected function create(array $data) {
        return User::create([
                'name' => $data['name'],
                'email' => $data['email'],
                'password' => bcrypt($data['password']),
            ]);
    }

    protected function isActivated ($credentials) {
        $user = DB::table('users')->select(['is_activated', 'password'])
            ->where('email', '=', $credentials['email'])
            ->first();
        if ($user) {
            if (Hash::check($credentials['password'], $user->password)) {
                return $user->is_activated ?? false;
            }
        }
    }

    public function authenticate(Request $request) {
        $credentials = $request->only('email', 'password');

        try {
            if (! $token = JWTAuth::attempt($credentials)) {
                return response()->json(['error' => trans('auth.failed')], 401);
            }
        } catch (JWTException $e) {
            return response()->json(['error' => trans('auth.could_not_create_token')], 500);
        }

        if (!$this->isActivated($credentials)) {
            return response()->json(['error' => trans('auth.account_not_activated')], 403);
        }

        return response()->json(compact('token'));
    }

    public function validateToken() {
        return API::response()->array(['status' => trans('auth.success')])->statusCode(200);
    }

    public function register(Request $request) {
        $newUser = [
            'name' => $request->get('name'),
            'email' => $request->get('email'),
            'password' => bcrypt($request->get('password')),
        ];
        $user = User::create($newUser);
        $token = JWTAuth::fromUser($user);
        return response()->json(compact('token'));
    }
}