JWT Auth

1. <?php
2.  
3. namespace App\Http\Controllers\Api;
4.  
5. use Validator;
6. use DB;
7. use Auth;
8. use JWTAuth;
9. use App\Models\User;
10. use App\Http\Controllers\Controller;
11. use App\Notifications\UserRegistrationConfirm;
12. use App\Notifications\UserResetPasswordConfirm;
13. use App\Transformers\PikTransformer;
14. use App\Transformers\UserTransformer;
15. use Illuminate\Http\Request;
16. use Illuminate\Validation\Rule;
17. use Dingo\Api\Routing\Helpers;
18. use Dingo\Api\Exception\StoreResourceFailedException;
19.  
20. class UserController extends Controller
21. {
22.     use Helpers;
23.  
24.     public function __construct()
25.     {
26.         config(['auth.defaults.guard' => 'api']);
27.         $this->middleware('api.auth', ['only' => ['showProfile', 'updateProfile', 'logout']]);
28.     }
29.  
30.     public function register(Request $request)
31.     {
32.         $validator = Validator::make($request->all(), [
33.             'name' => 'required',
34.             'email' => 'required|email|unique:users',
35.             'password' => 'required',
36.             'phone' => 'required|numeric',
37.             'province_id' => 'required|numeric',
38.             'regency_id' => 'required|numeric',
39.             'district_id' => 'required|numeric',
40.             'village_id' => 'numeric',
41.             'description' => 'required'
42.         ]);
43.  
44.         if ($validator->fails()) {
45.             throw new StoreResourceFailedException('Registrasi gagal.', $validator->errors());
46.         }
47.  
48.         $token = bcrypt(str_random(5));
49.         $email_data = [
50.             'name' => $request->input('name'),
51.             'email' => $request->input('email'),
52.             'password' => bcrypt($request->input('password')),
53.             'phone' => $request->input('phone'),
54.             'province_id' => $request->input('province_id'),
55.             'regency_id' => $request->input('regency_id'),
56.             'district_id' => $request->input('district_id'),
57.             'village_id' => $request->input('village_id'),
58.             'description' => $request->input('description'),
59.             'token' => $token
60.         ];
61.  
62.         DB::transaction(function () use ($request, $email_data, $token) {
63.             DB::table('password_resets')->insert([
64.                 'email' => $request->input('email'),
65.                 'token' => $token
66.             ]);
67.  
68.             $user = User::create($email_data);
69.             $user->notify(new UserRegistrationConfirm($email_data));
70.         });
71.  
72.         return response()->json([
73.             'message' => 'Registrasi berhasil. Silahkan cek email anda.',
74.             'status_code' => 201
75.         ], 201);
76.     }
77.  
78.     /**
79.      * Show the form for creating a new resource.
80.      *
81.      * @return \Illuminate\Http\Response
82.      */
83.     public function authenticate(Request $request)
84.     {
85.         $credentials = $request->only('email', 'password');
86.         $user = User::where('email', $request->input('email'))->first();
87.  
88.         if (is_null($user)) {
89.             return $this->response->errorUnauthorized('Email belum terdaftar di sistem. Silahkan registrasi terlebih dahulu.');
90.         }
91.  
92.         if ($user->status == 1) {
93.             if (Auth::attempt($credentials)) {
94.                 $token = JWTAuth::fromUser($user);
95.             } else {
96.                 return $this->response->errorUnauthorized('Password salah. Silahkan masukkan password anda dengan benar.');
97.             }
98.         } elseif ($user->status == 0) {
99.             return $this->response->errorUnauthorized('Akun anda belum aktif. Silahkan aktifasi akun anda terlebih dahulu.');
100.         } else {
101.             return $this->response->errorUnauthorized('Akun anda diblokir. Silahkan hubungi admin untuk info lebih lanjut.');
102.         }
103.  
104.         return response()->json([
105.             'message' => 'Login berhasil',
106.             'status_code' => 200,
107.             'token' => $token
108.         ]);
109.     }
110.  
111.     public function showProfile()
112.     {
113.         return $this->response->item($this->auth->user(), new UserTransformer);
114.     }
115.  
116.     public function show($id)
117.     {
118.         return $this->response->item(User::findOrFail($id), new UserTransformer);
119.     }
120.  
121.     public function updateProfile(Request $request)
122.     {
123.         $user = $this->auth->user();
124.  
125.         $validator = Validator::make($request->all(), [
126.             'name' => 'required',
127.             'email' => [
128.                 'required',
129.                 'email',
130.                 Rule::unique('users')->ignore($user->id)
131.             ],
132.             'password_confirm' => 'required_with:password|same:password',
133.             'phone' => 'required|numeric',
134.             'province_id' => 'required|numeric',
135.             'regency_id' => 'required|numeric',
136.             'district_id' => 'required|numeric',
137.             'village_id' => 'numeric',
138.             'description' => 'required',
139.             'profile_picture' => 'image'
140.         ]);
141.  
142.         if ($validator->fails()) {
143.             throw new StoreResourceFailedException('Update profil gagal.', $validator->errors());
144.         }
145.  
146.         $user->name = $request->name;
147.         $user->email = $request->email;
148.         $user->phone = $request->phone;
149.         $user->regency_id = $request->regency_id;
150.         $user->province_id = $request->province_id;
151.         $user->district_id = $request->district_id;
152.         $user->village_id = $request->village_id;
153.         $user->description = $request->description;
154.  
155.         if ($request->has('password')) {
156.             $user->password = bcrypt($request->password);
157.         }
158.  
159.         if ($request->hasFile('profile_picture')) {
160.             $image = $request->file('profile_picture');
161.             if ($image->isValid()) {
162.                 $file_name = str_slug($user->name, '-').'.'.$image->getClientOriginalExtension();
163.                 $image->move('img/users', $file_name);
164.                 $user->profile_picture = $file_name;
165.             } else {
166.                 return $this->response->errorBadRequest('Upload foto gagal.');
167.             }
168.         }
169.  
170.         $user->save();
171.  
172.         return response()->json([
173.             'message' => 'Update profil berhasil',
174.             'status_code' => 200
175.         ]);
176.     }
177.  
178.     public function logout()
179.     {
180.         JWTAuth::invalidate(JWTAuth::getToken());
181.         return response()->json(['message' => 'Berhasil logout.', 'status_code' => 200]);
182.     }
183.  
184.     public function passwordReset(Request $request)
185.     {
186.         $user = User::where('email', $request->input('email'))->first();
187.         if (is_null($user)) {
188.             return $this->response->errorNotFound('Email tidak terdaftar di sistem.');
189.         }
190.  
191.         $token = bcrypt(str_random(5));
192.         $email_data = [
193.             'token' => $token,
194.             'name' => $user->name,
195.             'email' => $request->input('email')
196.         ];
197.  
198.         DB::table('password_resets')->insert([
199.             'email' => $request->input('email'),
200.             'token' => $token
201.         ]);
202.  
203.         $user->notify(new UserResetPasswordConfirm($email_data));
204.  
205.         return response()->json([
206.             'message' => 'Silahkan cek email anda untuk mereset password anda.',
207.             'status_code' => 201
208.         ], 201);
209.     }
210. }