mirror of
https://github.com/sp-tarkov/forge.git
synced 2025-02-13 04:30:41 -05:00
50 lines
1.4 KiB
PHP
50 lines
1.4 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers\Api;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Http\Requests\Api\LoginUserRequest;
|
|
use App\Models\User;
|
|
use App\Traits\ApiResponses;
|
|
use Illuminate\Http\JsonResponse;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Auth;
|
|
|
|
class AuthController extends Controller
|
|
{
|
|
use ApiResponses;
|
|
|
|
public function login(LoginUserRequest $request): JsonResponse
|
|
{
|
|
$request->validated($request->all());
|
|
|
|
if (! Auth::attempt($request->only('email', 'password'))) {
|
|
return $this->error(__('Invalid credentials'), 401);
|
|
}
|
|
|
|
$user = User::firstWhere('email', $request->email);
|
|
$tokenName = $request->token_name ?? __('Dynamic API Token');
|
|
|
|
return $this->success(__('Authenticated'), [
|
|
// Only allowing the 'read' scope to be dynamically created. Can revisit later when writes are possible.
|
|
'token' => $user->createToken($tokenName, ['read'])->plainTextToken,
|
|
]);
|
|
}
|
|
|
|
public function logout(Request $request): JsonResponse
|
|
{
|
|
/** @var \Laravel\Sanctum\PersonalAccessToken $token */
|
|
$token = $request->user()->currentAccessToken();
|
|
$token->delete();
|
|
|
|
return $this->success(__('Revoked API token'));
|
|
}
|
|
|
|
public function logoutAll(Request $request): JsonResponse
|
|
{
|
|
$request->user()->tokens()->delete();
|
|
|
|
return $this->success(__('Revoked all API tokens'));
|
|
}
|
|
}
|