Fix auth backend and add TODOs

2023-02-23 00:23:56 +01:00 · 2023-02-23 00:23:56 +01:00 · 7397819c00
parent 74dec44135
commit 7397819c00
8 changed files with 48 additions and 4 deletions
--- a/backend/.env.example
+++ b/backend/.env.example
@ -4,6 +4,8 @@ APP_KEY=
 APP_DEBUG=true
 APP_URL=http://localhost
 SANCTUM_STATEFUL_DOMAINS=localhost:4200,allertavvf.test
 LOG_CHANNEL=stack
 LOG_DEPRECATIONS_CHANNEL=null
 LOG_LEVEL=debug
--- a/backend/.gitignore
+++ b/backend/.gitignore
@ -5,6 +5,7 @@
 /public/storage
 /storage/*.key
 /vendor
 /dist-frontend
 .env
 .env.backup
 .env.production
--- a/backend/app/Http/Controllers/AuthController.php
+++ b/backend/app/Http/Controllers/AuthController.php
@ -36,6 +36,7 @@ class AuthController extends Controller
    public function login(Request $request)
    {
        //TODO: https://stackoverflow.com/a/73980629
        if (!Auth::attempt($request->only('username', 'password'))) {
            return response()->json([
                'message' => 'Invalid login details'
@ -52,6 +53,13 @@ class AuthController extends Controller
        ]);
    }
    public function logout(Request $request)
    {
        //TODO: https://stackoverflow.com/a/73980629
        auth('web')->logout();
        return;
    }
    public function me(Request $request)
    {
        return $request->user();
--- a/backend/app/Http/Kernel.php
+++ b/backend/app/Http/Kernel.php
@ -29,6 +29,15 @@ class Kernel extends HttpKernel
     * @var array<string, array<int, class-string|string>>
     */
    protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
        'api' => [
            \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
            \Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
--- a/backend/app/Providers/RouteServiceProvider.php
+++ b/backend/app/Providers/RouteServiceProvider.php
@ -30,6 +30,9 @@ class RouteServiceProvider extends ServiceProvider
            Route::middleware('api')
                ->prefix('api')
                ->group(base_path('routes/api.php'));
            Route::middleware('web')
                ->group(base_path('routes/web.php'));
        });
    }
--- a/backend/config/cors.php
+++ b/backend/config/cors.php
@ -15,7 +15,7 @@ return [
    |
    */
-    'paths' => ['api/*', 'sanctum/csrf-cookie'],
+    'paths' => ['api/*'],
    'allowed_methods' => ['*'],
@ -29,6 +29,6 @@ return [
    'max_age' => 0,
-    'supports_credentials' => false,
+    'supports_credentials' => true,
 ];
--- a/backend/routes/api.php
+++ b/backend/routes/api.php
@ -18,6 +18,9 @@ use App\Http\Controllers\AuthController;
 Route::post('/register', [AuthController::class, 'register']);
 Route::post('/login', [AuthController::class, 'login']);
-Route::middleware('auth:sanctum')->get('/me', function (Request $request) {
+Route::middleware('auth:sanctum')->group( function () {
-    return $request->user();
+    Route::get('/me', [AuthController::class, 'me']);
    Route::post('/me', [AuthController::class, 'me']);
    Route::post('/logout', [AuthController::class, 'logout']);
 });
--- a/backend/routes/web.php
+++ b/backend/routes/web.php
@ -0,0 +1,18 @@
 <?php
 use Illuminate\Support\Facades\Route;
 /*
 |--------------------------------------------------------------------------
 | API Routes
 |--------------------------------------------------------------------------
 |
 | Here is where you can register API routes for your application. These
 | routes are loaded by the RouteServiceProvider and all of them will
 | be assigned to the "api" middleware group. Make something great!
 |
 */
 Route::get('/', function() {
    return '';
 });