Trying to improve auth
This commit is contained in:
parent
5e1182184b
commit
800e2436ee
|
@ -39,7 +39,6 @@ class AuthController extends Controller
|
||||||
|
|
||||||
public function login(Request $request)
|
public function login(Request $request)
|
||||||
{
|
{
|
||||||
//TODO: https://stackoverflow.com/a/73980629
|
|
||||||
if (!Auth::attempt($request->only('username', 'password'))) {
|
if (!Auth::attempt($request->only('username', 'password'))) {
|
||||||
return response()->json([
|
return response()->json([
|
||||||
'message' => 'Invalid login details'
|
'message' => 'Invalid login details'
|
||||||
|
@ -60,9 +59,14 @@ class AuthController extends Controller
|
||||||
|
|
||||||
public function logout(Request $request)
|
public function logout(Request $request)
|
||||||
{
|
{
|
||||||
//TODO: https://stackoverflow.com/a/73980629
|
|
||||||
Logger::log("Logout");
|
Logger::log("Logout");
|
||||||
auth('web')->logout();
|
if(
|
||||||
|
method_exists(auth()->user(), 'currentAccessToken') &&
|
||||||
|
method_exists(auth()->user()->currentAccessToken(), 'delete')
|
||||||
|
) {
|
||||||
|
auth()->user()->currentAccessToken()->delete();
|
||||||
|
}
|
||||||
|
auth()->guard('api')->logout();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -81,6 +85,18 @@ class AuthController extends Controller
|
||||||
|
|
||||||
public function impersonate(Request $request, $user)
|
public function impersonate(Request $request, $user)
|
||||||
{
|
{
|
||||||
|
if(!$request->user()) {
|
||||||
|
return response()->json([
|
||||||
|
'message' => 'Unauthorized'
|
||||||
|
], 401);
|
||||||
|
}
|
||||||
|
$authUser = User::find($request->user()->id);
|
||||||
|
if(!$authUser->canImpersonate()) {
|
||||||
|
return response()->json([
|
||||||
|
'message' => 'Unauthorized'
|
||||||
|
], 401);
|
||||||
|
}
|
||||||
|
|
||||||
$impersonatedUser = User::find($user);
|
$impersonatedUser = User::find($user);
|
||||||
$request->user()->impersonate($impersonatedUser);
|
$request->user()->impersonate($impersonatedUser);
|
||||||
$token = $impersonatedUser->createToken('auth_token')->plainTextToken;
|
$token = $impersonatedUser->createToken('auth_token')->plainTextToken;
|
||||||
|
@ -93,6 +109,12 @@ class AuthController extends Controller
|
||||||
|
|
||||||
public function stopImpersonating(Request $request)
|
public function stopImpersonating(Request $request)
|
||||||
{
|
{
|
||||||
|
if(!$request->user()) {
|
||||||
|
return response()->json([
|
||||||
|
'message' => 'Unauthorized'
|
||||||
|
], 401);
|
||||||
|
}
|
||||||
|
|
||||||
$request->user()->leaveImpersonation();
|
$request->user()->leaveImpersonation();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
|
@ -39,9 +39,11 @@ class Kernel extends HttpKernel
|
||||||
],
|
],
|
||||||
|
|
||||||
'api' => [
|
'api' => [
|
||||||
|
\App\Http\Middleware\EncryptCookies::class,
|
||||||
\Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
|
\Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
|
||||||
\Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
|
\Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
|
||||||
\Illuminate\Routing\Middleware\SubstituteBindings::class,
|
\Illuminate\Routing\Middleware\SubstituteBindings::class,
|
||||||
|
\Illuminate\Session\Middleware\StartSession::class,
|
||||||
],
|
],
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -14,7 +14,7 @@ return [
|
||||||
*/
|
*/
|
||||||
|
|
||||||
'defaults' => [
|
'defaults' => [
|
||||||
'guard' => 'web',
|
'guard' => 'api',
|
||||||
'passwords' => 'users',
|
'passwords' => 'users',
|
||||||
],
|
],
|
||||||
|
|
||||||
|
@ -40,6 +40,11 @@ return [
|
||||||
'driver' => 'session',
|
'driver' => 'session',
|
||||||
'provider' => 'users',
|
'provider' => 'users',
|
||||||
],
|
],
|
||||||
|
'api' => [
|
||||||
|
'driver' => 'session',
|
||||||
|
'provider' => 'users',
|
||||||
|
'hash' => true,
|
||||||
|
]
|
||||||
],
|
],
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -299,7 +299,7 @@ return [
|
||||||
| These middleware will get attached onto each Laratrust panel route.
|
| These middleware will get attached onto each Laratrust panel route.
|
||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
'middleware' => ['web'],
|
'middleware' => ['api'],
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
@ -33,7 +33,7 @@ return [
|
||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
'guard' => ['web'],
|
'guard' => ['api'],
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
@ -25,15 +25,14 @@ use Illuminate\Support\Facades\Artisan;
|
||||||
*/
|
*/
|
||||||
|
|
||||||
Route::post('/login', [AuthController::class, 'login']);
|
Route::post('/login', [AuthController::class, 'login']);
|
||||||
|
Route::post('/impersonate/{user}', [AuthController::class, 'impersonate']);
|
||||||
|
Route::post('/stop_impersonating', [AuthController::class, 'stopImpersonating']);
|
||||||
|
|
||||||
Route::middleware('auth:web')->group( function () {
|
Route::middleware('auth:sanctum')->group( function () {
|
||||||
//Route::post('/register', [AuthController::class, 'register']); //TODO: replace with admin only route
|
//Route::post('/register', [AuthController::class, 'register']); //TODO: replace with admin only route
|
||||||
|
|
||||||
Route::get('/me', [AuthController::class, 'me']);
|
Route::get('/me', [AuthController::class, 'me']);
|
||||||
Route::post('/me', [AuthController::class, 'me']);
|
Route::post('/me', [AuthController::class, 'me']);
|
||||||
|
|
||||||
Route::post('/impersonate/{user}', [AuthController::class, 'impersonate']);
|
|
||||||
Route::post('/stop_impersonating', [AuthController::class, 'stopImpersonating']);
|
|
||||||
|
|
||||||
Route::get('/list', [UserController::class, 'index']);
|
Route::get('/list', [UserController::class, 'index']);
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue