Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
48.57% |
17 / 35 |
|
60.00% |
3 / 5 |
CRAP | |
0.00% |
0 / 1 |
AuthController | |
48.57% |
17 / 35 |
|
60.00% |
3 / 5 |
16.71 | |
0.00% |
0 / 1 |
login | |
35.71% |
5 / 14 |
|
0.00% |
0 / 1 |
3.06 | |||
logout | |
100.00% |
7 / 7 |
|
100.00% |
1 / 1 |
1 | |||
refresh | |
0.00% |
0 / 9 |
|
0.00% |
0 / 1 |
6 | |||
user | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
check | |
100.00% |
4 / 4 |
|
100.00% |
1 / 1 |
2 |
1 | <?php |
2 | |
3 | namespace App\Http\Controllers; |
4 | |
5 | use Illuminate\Http\Request; |
6 | use Illuminate\Http\JsonResponse; |
7 | use Illuminate\Support\Facades\Auth; |
8 | |
9 | class AuthController extends Controller |
10 | { |
11 | /** |
12 | * @OA\Post( |
13 | * path="/api/v1/login", |
14 | * summary="Sign in via api", |
15 | * description="Login by username email and password", |
16 | * operationId="authLoginApi", |
17 | * tags={"Authorization"}, |
18 | * @OA\RequestBody( |
19 | * required=true, |
20 | * description="User authentication", |
21 | * @OA\JsonContent( |
22 | * required={"email","password"}, |
23 | * @OA\Property(property="email", type="string", format="text", example="test@test.test"), |
24 | * @OA\Property(property="password", type="string", format="text", example="Test@123"), |
25 | * ), |
26 | * ), |
27 | * @OA\Response( |
28 | * response=422, |
29 | * description="Wrong credentials response - Password is invalid", |
30 | * @OA\JsonContent( |
31 | * @OA\Property(property="message", type="string", example="Sorry, wrong password. Please try again") |
32 | * ) |
33 | * ) |
34 | * ) |
35 | */ |
36 | public function login(Request $request): JsonResponse |
37 | { |
38 | $credentials = $request->only('email', 'password'); |
39 | if (Auth::attempt($credentials)) |
40 | { |
41 | // Create token |
42 | $accessToken = Auth::user() |
43 | ->createToken('MyApp') |
44 | ->plainTextToken; |
45 | |
46 | return response()->json([ |
47 | 'access_token' => $accessToken |
48 | ]); |
49 | } |
50 | |
51 | // Invalid credentials |
52 | return response()->json( |
53 | [ |
54 | 'error' => 'Unauthorized' |
55 | ], |
56 | 401 |
57 | ); |
58 | } |
59 | |
60 | /** |
61 | * @OA\Post( |
62 | * path="/api/v1/logout", |
63 | * summary="Logout", |
64 | * security={{ "apiAuth": {} }}, |
65 | * description="Logout", |
66 | * operationId="Logout", |
67 | * tags={"Authorization"}, |
68 | * @OA\Response( |
69 | * response=401, |
70 | * description="Not authenticated", |
71 | * @OA\JsonContent( |
72 | * @OA\Property(property="message", type="string", example="Need to the login first.") |
73 | * ) |
74 | * ) |
75 | * ) |
76 | * ) |
77 | */ |
78 | public function logout(Request $request): JsonResponse |
79 | { |
80 | // Revoke all tokens |
81 | $request->user()->tokens() |
82 | ->delete(); |
83 | |
84 | return response()->json( |
85 | [ |
86 | 'message' => 'Successfully logged out' |
87 | ] |
88 | ); |
89 | } |
90 | |
91 | /** |
92 | * @OA\Post( |
93 | * path="/api/v1/refresh", |
94 | * summary="Refresh token", |
95 | * security={{ "apiAuth": {} }}, |
96 | * description="Refresh token", |
97 | * operationId="RefreshToken", |
98 | * tags={"Authorization"}, |
99 | * @OA\Response( |
100 | * response=401, |
101 | * description="Not authenticated", |
102 | * @OA\JsonContent( |
103 | * @OA\Property(property="message", type="string", example="Need to the login first.") |
104 | * ) |
105 | * ) |
106 | * ) |
107 | * ) |
108 | */ |
109 | public function refresh(Request $request): JsonResponse |
110 | { |
111 | // Verifica se há um token de acesso atual |
112 | $currentAccessToken = $request->user()->currentAccessToken(); |
113 | if ($currentAccessToken) { |
114 | // Revoke all tokens except the current one |
115 | $request->user()->tokens() |
116 | ->where('id', '<>', $currentAccessToken->id) |
117 | ->delete(); |
118 | } |
119 | |
120 | // Create a new token |
121 | $accessToken = $request->user() |
122 | ->createToken('MyApp') |
123 | ->plainTextToken; |
124 | |
125 | return response()->json(['access_token' => $accessToken]); |
126 | } |
127 | |
128 | /** |
129 | * @OA\Post( |
130 | * path="/api/v1/user", |
131 | * summary="Get user info", |
132 | * security={{ "apiAuth": {} }}, |
133 | * description="Get user info", |
134 | * operationId="GetUserInfo", |
135 | * tags={"Authorization"}, |
136 | * @OA\Response( |
137 | * response=200, |
138 | * description="Success", |
139 | * @OA\JsonContent( |
140 | * @OA\Property(property="message", type="string", example="Success.") |
141 | * ) |
142 | * ), |
143 | * @OA\Response( |
144 | * response=401, |
145 | * description="Unauthorized", |
146 | * @OA\JsonContent( |
147 | * @OA\Property(property="message", type="string", example="Unauthorized.") |
148 | * ) |
149 | * ), |
150 | * @OA\Response( |
151 | * response=429, |
152 | * description="Too many requests", |
153 | * @OA\JsonContent( |
154 | * @OA\Property(property="message", type="string", example="Too many requests.") |
155 | * ) |
156 | * ) |
157 | * ) |
158 | * ) |
159 | */ |
160 | public function user(Request $request): JsonResponse |
161 | { |
162 | return response()->json($request->user()); |
163 | } |
164 | |
165 | /** |
166 | * @OA\Get( |
167 | * path="/api/v1/check", |
168 | * summary="Check if user is authenticated", |
169 | * security={{ "apiAuth": {} }}, |
170 | * description="Check if user is authenticated", |
171 | * operationId="CheckIfUserIsAuthenticated", |
172 | * tags={"Authorization"}, |
173 | * @OA\Response( |
174 | * response=401, |
175 | * description="Not authenticated", |
176 | * @OA\JsonContent( |
177 | * @OA\Property(property="message", type="string", example="Need to the login first.") |
178 | * ) |
179 | * ) |
180 | * ) |
181 | * ) |
182 | */ |
183 | public function check(Request $request): JsonResponse |
184 | { |
185 | $result = false; |
186 | if (!is_null($request->user())) { |
187 | $result = true; |
188 | } |
189 | return response()->json($result); |
190 | } |
191 | } |
192 |