Update JWT Token
This commit is contained in:
@@ -16,280 +16,103 @@ use Illuminate\Support\Facades\Validator;
|
||||
use Modules\Primaya\Helpers\ApiResponse;
|
||||
use Illuminate\Support\Facades\DB;
|
||||
use App\Helpers\Helper;
|
||||
use App\Models\Corporate;
|
||||
use Illuminate\Support\Facades\View;
|
||||
use Tymon\JWTAuth\Facades\JWTAuth;
|
||||
use Tymon\JWTAuth\Exceptions\JWTException;
|
||||
|
||||
class AuthController extends Controller
|
||||
{
|
||||
public function login(Request $request)
|
||||
public function loginJwt(Request $request)
|
||||
{
|
||||
$data = [
|
||||
'email' => $request->email,
|
||||
'password' => $request->password
|
||||
];
|
||||
|
||||
$validator = Validator::make($request->all(), [
|
||||
'email' => 'required|email',
|
||||
'password' => 'required'
|
||||
], [
|
||||
'email.required' => trans('Validation.required',['attribute' => 'Email']),
|
||||
'email.email' => trans('Validation.email'),
|
||||
'password.required' => trans('Validation.required',['attribute' => 'Password']),
|
||||
]);
|
||||
|
||||
if ($validator->fails())
|
||||
{
|
||||
return ApiResponse::apiResponse('Bad Request', $data, $validator->errors(), 400);
|
||||
}
|
||||
else
|
||||
{
|
||||
$user = User::where('email', $request->email)->first();
|
||||
if (!$user) {
|
||||
return ApiResponse::apiResponse('Not Found', $data, trans('Message.not_found'), 404);
|
||||
}
|
||||
|
||||
if (!Hash::check($request->password, $user->password)) {
|
||||
return ApiResponse::apiResponse('Bad Request', $data, trans('Message.password'), 400);
|
||||
}
|
||||
|
||||
$res_data = [
|
||||
'user' => $user,
|
||||
'token' => $user->createToken('app')->plainTextToken
|
||||
];
|
||||
|
||||
return ApiResponse::apiResponse("Success", $res_data, trans('Message.success'), 200);
|
||||
}
|
||||
}
|
||||
|
||||
public function logout(Request $request)
|
||||
{
|
||||
$request->user()->tokens()->delete();
|
||||
|
||||
return ApiResponse::apiResponse('Success', [], trans('Message.logout'), 200);
|
||||
}
|
||||
|
||||
public function resetPassword(Request $request)
|
||||
{
|
||||
$user = Auth::user();
|
||||
|
||||
$request->validate([
|
||||
'old_password' => 'required',
|
||||
'new_password' => 'required',
|
||||
'confirm_new_password' => 'required'
|
||||
]);
|
||||
|
||||
if (!Hash::check($request['old_password'], $user->password)) {
|
||||
return response(['Message' => 'Password Salah'], 403);
|
||||
if ($validator->fails()) {
|
||||
return ApiResponse::apiResponse(
|
||||
'Bad Request',
|
||||
$data,
|
||||
$validator->errors(),
|
||||
400
|
||||
);
|
||||
}
|
||||
|
||||
if ($request["new_password"] != $request["confirm_new_password"]) {
|
||||
return response([
|
||||
'Message' => "Password Tidak Sama"
|
||||
]);
|
||||
// 🔥 1️⃣ Ambil header
|
||||
$apiKey = $request->header('X-API-KEY');
|
||||
$apiSecret = $request->header('X-API-SECRET');
|
||||
|
||||
if (empty($apiKey) || empty($apiSecret)) {
|
||||
return ApiResponse::apiResponse(
|
||||
'Unauthorized',
|
||||
null,
|
||||
'API Key dan Secret wajib diisi',
|
||||
401
|
||||
);
|
||||
}
|
||||
|
||||
$user->update([
|
||||
'password' => Hash::make($request->confirm_new_password),
|
||||
]);
|
||||
return response()->json($user);
|
||||
}
|
||||
|
||||
public function verifyEmail(Request $request)
|
||||
{
|
||||
$data = [
|
||||
'email' => $request->email,
|
||||
];
|
||||
|
||||
$validator = Validator::make($request->all(), [
|
||||
'email' => 'required|email',
|
||||
], [
|
||||
'email.required' => trans('Validation.required',['attribute' => 'Email']),
|
||||
'email.email' => trans('Validation.email'),
|
||||
]);
|
||||
|
||||
if ($validator->fails())
|
||||
{
|
||||
return ApiResponse::apiResponse('Bad Request', $data, $validator->errors(), 400);
|
||||
}
|
||||
else
|
||||
{
|
||||
$user = User::where('email', $request->email)->first();
|
||||
if (!$user) {
|
||||
return ApiResponse::apiResponse('Not Found', $data, trans('Message.not_found'), 404);
|
||||
}
|
||||
|
||||
//send email
|
||||
// Insert data notifications
|
||||
$emailTo = $request->email;
|
||||
$dataNotif = [
|
||||
'user_id' => $user->id,
|
||||
'email' => $emailTo,
|
||||
'title' => 'Forgot Password',
|
||||
'description' => 'Request forgot password from Hospital Portal',
|
||||
'type' => 1,
|
||||
'isUnRead' => true,
|
||||
'created_by' => auth()->check() ? auth()->user()->id : null,
|
||||
'created_at' => date('Y-m-d H:i:s'),
|
||||
'updated_at' => date('Y-m-d H:i:s'),
|
||||
];
|
||||
$sendNotif = Helper::insertNotification($dataNotif);
|
||||
//Insert data password reset
|
||||
$token = mt_rand(100000, 999999); // Menghasilkan angka acak antara 100000 dan 999999
|
||||
$p_resets = DB::table('password_resets')
|
||||
->insert([
|
||||
'email' => $request->email,
|
||||
'token' => $token,
|
||||
'created_at' => date('Y-m-d H:i:s'),
|
||||
]);
|
||||
// Send Email after insert notifications
|
||||
if($sendNotif && $p_resets)
|
||||
{
|
||||
//send to alarm
|
||||
$nameTo = 'User';
|
||||
$dataEmail = [
|
||||
'email' => $emailTo,
|
||||
'name' => $nameTo,
|
||||
'subject' => 'Request Forgot Password from Hospital Portal Date '. date('Y-m-d H:i:s'),
|
||||
'body' => View::make('email/forgot_password', ['token' => $token])->render(),
|
||||
];
|
||||
Helper::sendEmail($dataEmail);
|
||||
|
||||
$res = DB::table('password_resets')
|
||||
->where('email', '=', $request->email)
|
||||
->where('token', '=', $token)
|
||||
->first();
|
||||
|
||||
return ApiResponse::apiResponse("Success", $res, trans('Message.success'), 200);
|
||||
}
|
||||
else
|
||||
{
|
||||
return ApiResponse::apiResponse("Internal Server Error", $data, trans('Message.server_error'), 500);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public function verifCode(Request $request)
|
||||
{
|
||||
$data = [
|
||||
'email' => $request->email,
|
||||
'token' => $request->token,
|
||||
];
|
||||
|
||||
$validator = Validator::make($request->all(), [
|
||||
'email' => 'required|email',
|
||||
'token' => 'required|numeric',
|
||||
], [
|
||||
'email.required' => trans('Validation.required',['attribute' => 'Email']),
|
||||
'email.email' => trans('Validation.email'),
|
||||
'token.required' => trans('Validation.required',['attribute' => 'Token']),
|
||||
'token.numeric' => trans('Validation.required',['attribute' => 'Code Numeric']),
|
||||
]);
|
||||
|
||||
if ($validator->fails())
|
||||
{
|
||||
return ApiResponse::apiResponse('Bad Request', $data, $validator->errors(), 400);
|
||||
}
|
||||
else
|
||||
{
|
||||
//Check Time
|
||||
$check = DB::table('password_resets')
|
||||
->where('email', '=', $request->email)
|
||||
->where('token', '=', $request->token)
|
||||
->select('created_at')
|
||||
// 🔥 2️⃣ Validasi corporate
|
||||
$corporate = Corporate::where('api_key', $apiKey)
|
||||
->where('api_secret', $apiSecret)
|
||||
->first();
|
||||
|
||||
if($check)
|
||||
{
|
||||
$created_at = strtotime($check->created_at); // Konversi string waktu ke UNIX timestamp
|
||||
$now = time(); // Waktu sekarang dalam UNIX timestamp
|
||||
|
||||
// Hitung selisih waktu dalam menit
|
||||
$diffInMinutes = ($now - $created_at) / 60;
|
||||
|
||||
if ($diffInMinutes > 60) {
|
||||
return ApiResponse::apiResponse('Not Found', $data, trans('Message.token_expired'), 404);
|
||||
} else {
|
||||
// Lanjutkan dengan proses pemulihan kata sandi
|
||||
return ApiResponse::apiResponse("Success", $data, trans('Message.success'), 200);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return ApiResponse::apiResponse('Not Found', $data, trans('Message.not_found'), 404);
|
||||
}
|
||||
if (!$corporate) {
|
||||
return ApiResponse::apiResponse(
|
||||
'Unauthorized',
|
||||
null,
|
||||
'Invalid API Key',
|
||||
401
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
public function forgetPassword(Request $request)
|
||||
{
|
||||
$data = [
|
||||
'email' => $request->email,
|
||||
'token' => $request->token,
|
||||
'new_password' => $request->new_password
|
||||
];
|
||||
|
||||
$validator = Validator::make($request->all(), [
|
||||
'email' => 'required|email',
|
||||
'token' => 'required|numeric',
|
||||
'new_password' => [
|
||||
'required',
|
||||
'min:8',
|
||||
'regex:/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d).{8,}$/'
|
||||
]
|
||||
], [
|
||||
'email.required' => trans('Validation.required',['attribute' => 'Email']),
|
||||
'email.email' => trans('Validation.email'),
|
||||
'token.required' => trans('Validation.required',['attribute' => 'Token']),
|
||||
'new_password.required' => trans('Validation.required',['attribute' => 'New Password']),
|
||||
'new_password.min' => trans('Validation.min',['attribute' => 'New Password']),
|
||||
'new_password.regex' => trans('Validation.regex',['attribute' => 'New Password']),
|
||||
]);
|
||||
|
||||
if($request->new_password != $request->confirm_new_password)
|
||||
{
|
||||
return ApiResponse::apiResponse('Bad Request', $data, 'Confirm password is not the same', 400);
|
||||
}
|
||||
else if ($validator->fails())
|
||||
{
|
||||
return ApiResponse::apiResponse('Bad Request', $data, $validator->errors(), 400);
|
||||
}
|
||||
else
|
||||
{
|
||||
//Check Time
|
||||
$check = DB::table('password_resets')
|
||||
->where('email', '=', $request->email)
|
||||
->where('token', '=', $request->token)
|
||||
->select('created_at')
|
||||
// 🔥 3️⃣ Cari user sesuai corporate
|
||||
$user = User::where('email', $request->email)
|
||||
->where('corporate_id', $corporate->id)
|
||||
->first();
|
||||
|
||||
if($check)
|
||||
{
|
||||
$created_at = strtotime($check->created_at); // Konversi string waktu ke UNIX timestamp
|
||||
$now = time(); // Waktu sekarang dalam UNIX timestamp
|
||||
|
||||
// Hitung selisih waktu dalam menit
|
||||
$diffInMinutes = ($now - $created_at) / 60;
|
||||
|
||||
if ($diffInMinutes > 60) {
|
||||
return ApiResponse::apiResponse('Not Found', $data, trans('Message.token_expired'), 404);
|
||||
} else {
|
||||
// Lanjutkan dengan proses pemulihan kata sandi
|
||||
$user = User::where('email', $request->email)->first();
|
||||
if ($user)
|
||||
{
|
||||
$newPassword = Hash::make($request->new_password);
|
||||
$user->password = $newPassword;
|
||||
$user->save();
|
||||
return ApiResponse::apiResponse("Success", $data, trans('Message.success'), 200);
|
||||
}
|
||||
else
|
||||
{
|
||||
return ApiResponse::apiResponse('Not Found', $data, trans('Message.token_expired'), 404);
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return ApiResponse::apiResponse('Not Found', $data, trans('Message.not_found'), 404);
|
||||
}
|
||||
if (!$user || !Hash::check($request->password, $user->password)) {
|
||||
return ApiResponse::apiResponse(
|
||||
'Unauthorized',
|
||||
$data,
|
||||
'Email atau password salah',
|
||||
401
|
||||
);
|
||||
}
|
||||
|
||||
try {
|
||||
// 🔥 4️⃣ Generate JWT dengan claim corporate_id
|
||||
$token = auth('corporate-api')->claims([
|
||||
'corporate_id' => $corporate->id
|
||||
])->login($user);
|
||||
|
||||
} catch (JWTException $e) {
|
||||
return ApiResponse::apiResponse(
|
||||
'Error',
|
||||
null,
|
||||
'Gagal membuat token',
|
||||
500
|
||||
);
|
||||
}
|
||||
|
||||
$res_data = [
|
||||
'user' => $user,
|
||||
'corporate_id' => $corporate->id,
|
||||
'token' => $token,
|
||||
'type' => 'Bearer',
|
||||
'expires_in' => auth('corporate-api')->factory()->getTTL() * 60
|
||||
];
|
||||
|
||||
return ApiResponse::apiResponse(
|
||||
"Success",
|
||||
$res_data,
|
||||
'Login berhasil',
|
||||
200
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -22,50 +22,40 @@ class Authorization
|
||||
$acceptHeader = $request->header('Accept');
|
||||
$contentType = $request->header('Content-Type');
|
||||
$locale = $request->header('Accept-Language');
|
||||
$authorization = $request->header('Authorization');
|
||||
|
||||
// Add language
|
||||
if(!$locale)
|
||||
{
|
||||
return ApiResponse::apiResponse('Unauthorized', null, trans('Validation.required', ['attribute' => 'Accept-Language']), 401);
|
||||
if (!$locale) {
|
||||
return ApiResponse::apiResponse(
|
||||
'Unauthorized',
|
||||
null,
|
||||
trans('Validation.required', ['attribute' => 'Accept-Language']),
|
||||
401
|
||||
);
|
||||
}
|
||||
if($locale !== 'en-US' && $locale !== 'id-ID')
|
||||
{
|
||||
return ApiResponse::apiResponse('Bad Request', null, trans('Validation.invalid', ['attribute' => 'Accept-Language']), 400);
|
||||
}
|
||||
if ($locale === 'en-US')
|
||||
{
|
||||
|
||||
if ($locale === 'en-US') {
|
||||
App::setLocale('en');
|
||||
} elseif ($locale === 'id-ID')
|
||||
{
|
||||
} elseif ($locale === 'id-ID') {
|
||||
App::setLocale('id');
|
||||
} else
|
||||
{
|
||||
App::setLocale('en');
|
||||
}
|
||||
|
||||
// Validate authorization
|
||||
if (empty($authorization) || strpos($authorization, 'Bearer ') !== 0) {
|
||||
return ApiResponse::apiResponse('Unauthorized', null, trans('Validation.required', ['attribute' => 'Authorization']), 401);
|
||||
if ($acceptHeader !== 'application/json') {
|
||||
return ApiResponse::apiResponse(
|
||||
'Bad Request',
|
||||
null,
|
||||
trans('Validation.invalid', ['attribute' => 'Accept']),
|
||||
400
|
||||
);
|
||||
}
|
||||
|
||||
// Validate type accept & content type
|
||||
if (!$acceptHeader)
|
||||
{
|
||||
return ApiResponse::apiResponse('Unauthorized', null, trans('Validation.required', ['attribute' => 'Accept']), 401);
|
||||
}
|
||||
if (!$contentType && $request->isMethod('post'))
|
||||
{
|
||||
return ApiResponse::apiResponse('Unauthorized', null, trans('Validation.required', ['attribute' => 'Content-Type']), 401);
|
||||
}
|
||||
if ($acceptHeader !== 'application/json')
|
||||
{
|
||||
return ApiResponse::apiResponse('Bad Request', null, trans('Validation.invalid', ['attribute' => 'Accept']), 400);
|
||||
}
|
||||
if($contentType !== 'application/json' && $request->isMethod('post'))
|
||||
{
|
||||
return ApiResponse::apiResponse('Bad Request', null, trans('Validation.invalid', ['attribute' => 'Content-Type']), 400);
|
||||
if ($request->isMethod('post') && $contentType !== 'application/json') {
|
||||
return ApiResponse::apiResponse(
|
||||
'Bad Request',
|
||||
null,
|
||||
trans('Validation.invalid', ['attribute' => 'Content-Type']),
|
||||
400
|
||||
);
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
|
||||
36
Modules/Primaya/Http/Middleware/CheckCorporateKey.php
Normal file
36
Modules/Primaya/Http/Middleware/CheckCorporateKey.php
Normal file
@@ -0,0 +1,36 @@
|
||||
<?php
|
||||
|
||||
namespace Modules\Primaya\Http\Middleware;
|
||||
|
||||
use App\Models\Corporate;
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
|
||||
class CheckCorporateKey
|
||||
{
|
||||
public function handle(Request $request, Closure $next): Response
|
||||
{
|
||||
$apiKey = $request->header('X-API-KEY');
|
||||
$apiSecret = $request->header('X-API-SECRET');
|
||||
|
||||
// 🔥 WAJIB: Cegah null atau kosong
|
||||
if (empty($apiKey) || empty($apiSecret)) {
|
||||
return response()->json([
|
||||
'message' => 'API Key dan Secret wajib diisi'
|
||||
], 401);
|
||||
}
|
||||
|
||||
$corporate = Corporate::where('api_key', $apiKey)
|
||||
->where('api_secret', $apiSecret)
|
||||
->first();
|
||||
|
||||
if (!$corporate) {
|
||||
return response()->json([
|
||||
'message' => 'Invalid API Key'
|
||||
], 401);
|
||||
}
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
@@ -16,25 +16,24 @@ use Modules\Primaya\Http\Middleware\Authorization;
|
||||
| is assigned the "api" middleware group. Enjoy building your API!
|
||||
|
|
||||
*/
|
||||
Route::prefix('v1')->group(function() {
|
||||
Route::prefix('v1')->group(function () {
|
||||
|
||||
Route::prefix('primaya')->group(function () {
|
||||
|
||||
Route::middleware(Authentication::class)->group(function () {
|
||||
Route::controller(AuthController::class)->group(function () {
|
||||
Route::post('login', 'login');
|
||||
});
|
||||
// LOGIN (pakai corporate key)
|
||||
Route::middleware(['corporate.key'])->group(function () {
|
||||
Route::post('login', [AuthController::class, 'loginJwt']);
|
||||
});
|
||||
|
||||
Route::middleware('auth:sanctum')->group(function () {
|
||||
// JWT Protected
|
||||
Route::middleware(['auth:corporate-api'])->group(function () {
|
||||
|
||||
Route::middleware(Authorization::class)->group(function () {
|
||||
//Search Member
|
||||
Route::controller(MemberController::class)->group(function () {
|
||||
Route::post('search-member', 'search');
|
||||
});
|
||||
Route::post('search-member', [MemberController::class, 'search']);
|
||||
});
|
||||
|
||||
});
|
||||
|
||||
|
||||
});
|
||||
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user