tbfajri/aso
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Add Middlewhere

Browse Source
This commit is contained in:
ivan-sim
2026-02-20 10:01:20 +07:00
parent 3534818c60
commit 8eb82a171c
3 changed files with 431 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

295
Modules/Primaya/Http/Controllers/Api/AuthController.php Normal file
View File

@@ -0,0 +1,295 @@
<?php
namespace Modules\Primaya\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\Models\User;
use Crypt;
use Error;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Mail;
use Modules\Internal\Emails\SendVerifyEmail;
use Modules\Internal\Events\ForgetPassword;
use Illuminate\Support\Facades\Validator;
use Modules\Primaya\Helpers\ApiResponse;
use Illuminate\Support\Facades\DB;
use App\Helpers\Helper;
use Illuminate\Support\Facades\View;
class AuthController extends Controller
{
public function login(Request $request)
{
$data = [
'email' => $request->email,
'password' => $request->password
];
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'password' => 'required'
], [
'email.required' => trans('Validation.required',['attribute' => 'Email']),
'email.email' => trans('Validation.email'),
'password.required' => trans('Validation.required',['attribute' => 'Password']),
]);
if ($validator->fails())
{
return ApiResponse::apiResponse('Bad Request', $data, $validator->errors(), 400);
}
else
{
$user = User::where('email', $request->email)->first();
if (!$user) {
return ApiResponse::apiResponse('Not Found', $data, trans('Message.not_found'), 404);
}
if (!Hash::check($request->password, $user->password)) {
return ApiResponse::apiResponse('Bad Request', $data, trans('Message.password'), 400);
}
$res_data = [
'user' => $user,
'token' => $user->createToken('app')->plainTextToken
];
return ApiResponse::apiResponse("Success", $res_data, trans('Message.success'), 200);
}
}
public function logout(Request $request)
{
$request->user()->tokens()->delete();
return ApiResponse::apiResponse('Success', [], trans('Message.logout'), 200);
}
public function resetPassword(Request $request)
{
$user = Auth::user();
$request->validate([
'old_password' => 'required',
'new_password' => 'required',
'confirm_new_password' => 'required'
]);
if (!Hash::check($request['old_password'], $user->password)) {
return response(['Message' => 'Password Salah'], 403);
}
if ($request["new_password"] != $request["confirm_new_password"]) {
return response([
'Message' => "Password Tidak Sama"
]);
}
$user->update([
'password' => Hash::make($request->confirm_new_password),
]);
return response()->json($user);
}
public function verifyEmail(Request $request)
{
$data = [
'email' => $request->email,
];
$validator = Validator::make($request->all(), [
'email' => 'required|email',
], [
'email.required' => trans('Validation.required',['attribute' => 'Email']),
'email.email' => trans('Validation.email'),
]);
if ($validator->fails())
{
return ApiResponse::apiResponse('Bad Request', $data, $validator->errors(), 400);
}
else
{
$user = User::where('email', $request->email)->first();
if (!$user) {
return ApiResponse::apiResponse('Not Found', $data, trans('Message.not_found'), 404);
}
//send email
// Insert data notifications
$emailTo = $request->email;
$dataNotif = [
'user_id' => $user->id,
'email' => $emailTo,
'title' => 'Forgot Password',
'description' => 'Request forgot password from Hospital Portal',
'type' => 1,
'isUnRead' => true,
'created_by' => auth()->check() ? auth()->user()->id : null,
'created_at' => date('Y-m-d H:i:s'),
'updated_at' => date('Y-m-d H:i:s'),
];
$sendNotif = Helper::insertNotification($dataNotif);
//Insert data password reset
$token = mt_rand(100000, 999999); // Menghasilkan angka acak antara 100000 dan 999999
$p_resets = DB::table('password_resets')
->insert([
'email' => $request->email,
'token' => $token,
'created_at' => date('Y-m-d H:i:s'),
]);
// Send Email after insert notifications
if($sendNotif && $p_resets)
{
//send to alarm
$nameTo = 'User';
$dataEmail = [
'email' => $emailTo,
'name' => $nameTo,
'subject' => 'Request Forgot Password from Hospital Portal Date '. date('Y-m-d H:i:s'),
'body' => View::make('email/forgot_password', ['token' => $token])->render(),
];
Helper::sendEmail($dataEmail);
$res = DB::table('password_resets')
->where('email', '=', $request->email)
->where('token', '=', $token)
->first();
return ApiResponse::apiResponse("Success", $res, trans('Message.success'), 200);
}
else
{
return ApiResponse::apiResponse("Internal Server Error", $data, trans('Message.server_error'), 500);
}
}
}
public function verifCode(Request $request)
{
$data = [
'email' => $request->email,
'token' => $request->token,
];
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'token' => 'required|numeric',
], [
'email.required' => trans('Validation.required',['attribute' => 'Email']),
'email.email' => trans('Validation.email'),
'token.required' => trans('Validation.required',['attribute' => 'Token']),
'token.numeric' => trans('Validation.required',['attribute' => 'Code Numeric']),
]);
if ($validator->fails())
{
return ApiResponse::apiResponse('Bad Request', $data, $validator->errors(), 400);
}
else
{
//Check Time
$check = DB::table('password_resets')
->where('email', '=', $request->email)
->where('token', '=', $request->token)
->select('created_at')
->first();
if($check)
{
$created_at = strtotime($check->created_at); // Konversi string waktu ke UNIX timestamp
$now = time(); // Waktu sekarang dalam UNIX timestamp
// Hitung selisih waktu dalam menit
$diffInMinutes = ($now - $created_at) / 60;
if ($diffInMinutes > 60) {
return ApiResponse::apiResponse('Not Found', $data, trans('Message.token_expired'), 404);
} else {
// Lanjutkan dengan proses pemulihan kata sandi
return ApiResponse::apiResponse("Success", $data, trans('Message.success'), 200);
}
}
else
{
return ApiResponse::apiResponse('Not Found', $data, trans('Message.not_found'), 404);
}
}
}
public function forgetPassword(Request $request)
{
$data = [
'email' => $request->email,
'token' => $request->token,
'new_password' => $request->new_password
];
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'token' => 'required|numeric',
'new_password' => [
'required',
'min:8',
'regex:/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d).{8,}$/'
]
], [
'email.required' => trans('Validation.required',['attribute' => 'Email']),
'email.email' => trans('Validation.email'),
'token.required' => trans('Validation.required',['attribute' => 'Token']),
'new_password.required' => trans('Validation.required',['attribute' => 'New Password']),
'new_password.min' => trans('Validation.min',['attribute' => 'New Password']),
'new_password.regex' => trans('Validation.regex',['attribute' => 'New Password']),
]);
if($request->new_password != $request->confirm_new_password)
{
return ApiResponse::apiResponse('Bad Request', $data, 'Confirm password is not the same', 400);
}
else if ($validator->fails())
{
return ApiResponse::apiResponse('Bad Request', $data, $validator->errors(), 400);
}
else
{
//Check Time
$check = DB::table('password_resets')
->where('email', '=', $request->email)
->where('token', '=', $request->token)
->select('created_at')
->first();
if($check)
{
$created_at = strtotime($check->created_at); // Konversi string waktu ke UNIX timestamp
$now = time(); // Waktu sekarang dalam UNIX timestamp
// Hitung selisih waktu dalam menit
$diffInMinutes = ($now - $created_at) / 60;
if ($diffInMinutes > 60) {
return ApiResponse::apiResponse('Not Found', $data, trans('Message.token_expired'), 404);
} else {
// Lanjutkan dengan proses pemulihan kata sandi
$user = User::where('email', $request->email)->first();
if ($user)
{
$newPassword = Hash::make($request->new_password);
$user->password = $newPassword;
$user->save();
return ApiResponse::apiResponse("Success", $data, trans('Message.success'), 200);
}
else
{
return ApiResponse::apiResponse('Not Found', $data, trans('Message.token_expired'), 404);
}
}
}
else
{
return ApiResponse::apiResponse('Not Found', $data, trans('Message.not_found'), 404);
}
}
}
}

65
Modules/Primaya/Http/Middleware/Authentication.php Normal file
View File

@@ -0,0 +1,65 @@
<?php
namespace Modules\Primaya\Http\Middleware;
use Modules\Primaya\Helpers\ApiResponse;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
use Illuminate\Support\Facades\App;
class Authentication
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
public function handle(Request $request, Closure $next)
{
$acceptHeader = $request->header('Accept');
$contentType = $request->header('Content-Type');
$locale = $request->header('Accept-Language');
// Add language
if(!$locale)
{
return ApiResponse::apiResponse('Unauthorized', null, trans('validation.required', ['attribute' => 'Accept-Language']), 401);
}
if($locale !== 'en-US' && $locale !== 'id-ID')
{
return ApiResponse::apiResponse('Bad Request', null, trans('validation.invalid', ['attribute' => 'Accept-Language']), 400);
}
if ($locale === 'en-US')
{
App::setLocale('en');
} elseif ($locale === 'id-ID')
{
App::setLocale('id');
} else
{
App::setLocale('en');
}
// Validate type accept & content type
if (!$acceptHeader)
{
return ApiResponse::apiResponse('Unauthorized', null, trans('validation.required', ['attribute' => 'Accept']), 401);
}
if (!$contentType)
{
return ApiResponse::apiResponse('Unauthorized', null, trans('validation.required', ['attribute' => 'Content-Type']), 401);
}
if ($acceptHeader !== 'application/json')
{
return ApiResponse::apiResponse('Bad Request', null, trans('validation.invalid', ['attribute' => 'Accept']), 400);
}
if($contentType !== 'application/json')
{
return ApiResponse::apiResponse('Bad Request', null, trans('validation.invalid', ['attribute' => 'Content-Type']), 400);
}
return $next($request);
}
}

71
Modules/Primaya/Http/Middleware/Authorization.php Normal file
View File

@@ -0,0 +1,71 @@
<?php
namespace Modules\Primaya\Http\Middleware;
use Modules\Primaya\Helpers\ApiResponse;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
use Illuminate\Support\Facades\App;
class Authorization
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
public function handle(Request $request, Closure $next)
{
$acceptHeader = $request->header('Accept');
$contentType = $request->header('Content-Type');
$locale = $request->header('Accept-Language');
$authorization = $request->header('Authorization');
// Add language
if(!$locale)
{
return ApiResponse::apiResponse('Unauthorized', null, trans('Validation.required', ['attribute' => 'Accept-Language']), 401);
}
if($locale !== 'en-US' && $locale !== 'id-ID')
{
return ApiResponse::apiResponse('Bad Request', null, trans('Validation.invalid', ['attribute' => 'Accept-Language']), 400);
}
if ($locale === 'en-US')
{
App::setLocale('en');
} elseif ($locale === 'id-ID')
{
App::setLocale('id');
} else
{
App::setLocale('en');
}
// Validate authorization
if (empty($authorization) || strpos($authorization, 'Bearer ') !== 0) {
return ApiResponse::apiResponse('Unauthorized', null, trans('Validation.required', ['attribute' => 'Authorization']), 401);
}
// Validate type accept & content type
if (!$acceptHeader)
{
return ApiResponse::apiResponse('Unauthorized', null, trans('Validation.required', ['attribute' => 'Accept']), 401);
}
if (!$contentType && $request->isMethod('post'))
{
return ApiResponse::apiResponse('Unauthorized', null, trans('Validation.required', ['attribute' => 'Content-Type']), 401);
}
if ($acceptHeader !== 'application/json')
{
return ApiResponse::apiResponse('Bad Request', null, trans('Validation.invalid', ['attribute' => 'Accept']), 400);
}
if($contentType !== 'application/json' && $request->isMethod('post'))
{
return ApiResponse::apiResponse('Bad Request', null, trans('Validation.invalid', ['attribute' => 'Content-Type']), 400);
}
return $next($request);
}
}