diff --git a/backend/.env.example b/backend/.env.example index 478972c..def93c9 100644 --- a/backend/.env.example +++ b/backend/.env.example @@ -4,6 +4,8 @@ APP_KEY= APP_DEBUG=true APP_URL=http://localhost +SANCTUM_STATEFUL_DOMAINS=localhost:4200,allertavvf.test + LOG_CHANNEL=stack LOG_DEPRECATIONS_CHANNEL=null LOG_LEVEL=debug diff --git a/backend/.gitignore b/backend/.gitignore index 3cb7c77..92c6761 100644 --- a/backend/.gitignore +++ b/backend/.gitignore @@ -5,6 +5,7 @@ /public/storage /storage/*.key /vendor +/dist-frontend .env .env.backup .env.production diff --git a/backend/app/Http/Controllers/AuthController.php b/backend/app/Http/Controllers/AuthController.php index e2ea4b4..9b338f5 100644 --- a/backend/app/Http/Controllers/AuthController.php +++ b/backend/app/Http/Controllers/AuthController.php @@ -36,6 +36,7 @@ class AuthController extends Controller public function login(Request $request) { + //TODO: https://stackoverflow.com/a/73980629 if (!Auth::attempt($request->only('username', 'password'))) { return response()->json([ 'message' => 'Invalid login details' @@ -52,6 +53,13 @@ class AuthController extends Controller ]); } + public function logout(Request $request) + { + //TODO: https://stackoverflow.com/a/73980629 + auth('web')->logout(); + return; + } + public function me(Request $request) { return $request->user(); diff --git a/backend/app/Http/Kernel.php b/backend/app/Http/Kernel.php index 4ee7ba0..b6ea116 100644 --- a/backend/app/Http/Kernel.php +++ b/backend/app/Http/Kernel.php @@ -29,6 +29,15 @@ class Kernel extends HttpKernel * @var array> */ protected $middlewareGroups = [ + 'web' => [ + \App\Http\Middleware\EncryptCookies::class, + \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, + \Illuminate\Session\Middleware\StartSession::class, + \Illuminate\View\Middleware\ShareErrorsFromSession::class, + \App\Http\Middleware\VerifyCsrfToken::class, + \Illuminate\Routing\Middleware\SubstituteBindings::class, + ], + 'api' => [ \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class, \Illuminate\Routing\Middleware\ThrottleRequests::class.':api', diff --git a/backend/app/Providers/RouteServiceProvider.php b/backend/app/Providers/RouteServiceProvider.php index e0c01f8..bc49109 100644 --- a/backend/app/Providers/RouteServiceProvider.php +++ b/backend/app/Providers/RouteServiceProvider.php @@ -30,6 +30,9 @@ class RouteServiceProvider extends ServiceProvider Route::middleware('api') ->prefix('api') ->group(base_path('routes/api.php')); + + Route::middleware('web') + ->group(base_path('routes/web.php')); }); } diff --git a/backend/config/cors.php b/backend/config/cors.php index 8a39e6d..70f8a47 100644 --- a/backend/config/cors.php +++ b/backend/config/cors.php @@ -15,7 +15,7 @@ return [ | */ - 'paths' => ['api/*', 'sanctum/csrf-cookie'], + 'paths' => ['api/*'], 'allowed_methods' => ['*'], @@ -29,6 +29,6 @@ return [ 'max_age' => 0, - 'supports_credentials' => false, + 'supports_credentials' => true, ]; diff --git a/backend/routes/api.php b/backend/routes/api.php index 8e954a0..d9e0401 100644 --- a/backend/routes/api.php +++ b/backend/routes/api.php @@ -18,6 +18,9 @@ use App\Http\Controllers\AuthController; Route::post('/register', [AuthController::class, 'register']); Route::post('/login', [AuthController::class, 'login']); -Route::middleware('auth:sanctum')->get('/me', function (Request $request) { - return $request->user(); +Route::middleware('auth:sanctum')->group( function () { + Route::get('/me', [AuthController::class, 'me']); + Route::post('/me', [AuthController::class, 'me']); + + Route::post('/logout', [AuthController::class, 'logout']); }); diff --git a/backend/routes/web.php b/backend/routes/web.php new file mode 100644 index 0000000..c47328c --- /dev/null +++ b/backend/routes/web.php @@ -0,0 +1,18 @@ +