tbfajri/aso
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f82c6177a3cdf6f703d7dcc0f1d0acfa1b3168b3
aso/Modules/Primaya/Http/Controllers/Api/AuthController.php
ivan-sim f82c6177a3 Update JWT Token
2026-02-24 07:51:20 +07:00

119 lines
3.2 KiB
PHP
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
namespace Modules\Primaya\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\Models\User;
use Crypt;
use Error;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Mail;
use Modules\Internal\Emails\SendVerifyEmail;
use Modules\Internal\Events\ForgetPassword;
use Illuminate\Support\Facades\Validator;
use Modules\Primaya\Helpers\ApiResponse;
use Illuminate\Support\Facades\DB;
use App\Helpers\Helper;
use App\Models\Corporate;
use Illuminate\Support\Facades\View;
use Tymon\JWTAuth\Facades\JWTAuth;
use Tymon\JWTAuth\Exceptions\JWTException;
class AuthController extends Controller
{
public function loginJwt(Request $request)
{
$data = [
'email' => $request->email,
'password' => $request->password
];
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'password' => 'required'
]);
if ($validator->fails()) {
return ApiResponse::apiResponse(
'Bad Request',
$data,
$validator->errors(),
400
);
}
// 🔥 1⃣ Ambil header
$apiKey = $request->header('X-API-KEY');
$apiSecret = $request->header('X-API-SECRET');
if (empty($apiKey) || empty($apiSecret)) {
return ApiResponse::apiResponse(
'Unauthorized',
null,
'API Key dan Secret wajib diisi',
401
);
}
// 🔥 2⃣ Validasi corporate
$corporate = Corporate::where('api_key', $apiKey)
->where('api_secret', $apiSecret)
->first();
if (!$corporate) {
return ApiResponse::apiResponse(
'Unauthorized',
null,
'Invalid API Key',
401
);
}
// 🔥 3⃣ Cari user sesuai corporate
$user = User::where('email', $request->email)
->where('corporate_id', $corporate->id)
->first();
if (!$user || !Hash::check($request->password, $user->password)) {
return ApiResponse::apiResponse(
'Unauthorized',
$data,
'Email atau password salah',
401
);
}
try {
// 🔥 4⃣ Generate JWT dengan claim corporate_id
$token = auth('corporate-api')->claims([
'corporate_id' => $corporate->id
])->login($user);
} catch (JWTException $e) {
return ApiResponse::apiResponse(
'Error',
null,
'Gagal membuat token',
500
);
}
$res_data = [
'user' => $user,
'corporate_id' => $corporate->id,
'token' => $token,
'type' => 'Bearer',
'expires_in' => auth('corporate-api')->factory()->getTTL() * 60
];
return ApiResponse::apiResponse(
"Success",
$res_data,
'Login berhasil',
200
);
}
}
Reference in New Issue View Git Blame Copy Permalink