wip: refactoring auth with fortofy

kingRayhan · kingRayhan · commit fe66827a3da2 · 2021-07-27T15:50:45.000+06:00
diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php
@@ -7,11 +7,10 @@
 use App\Http\Requests\Auth\RegisterRequest;
 use App\Http\Requests\Auth\UpdateBasicProfileSettingsRequest;
 use App\Http\Requests\Auth\UpdateProfileRequest;
-use App\Http\Resources\MyTokensResource;
 use App\Models\User;
 use App\Models\UserSocial;
-use App\TechDiary\Authentication;
 use Illuminate\Auth\AuthenticationException;
+use Illuminate\Support\Facades\URL;
 use Illuminate\Support\Str;
 use Laravel\Socialite\Facades\Socialite;
 use Laravel\Socialite\Two\InvalidStateException;
@@ -24,87 +23,97 @@ class AuthController extends Controller
      * @param RegisterRequest $request
      * @return \Illuminate\Http\JsonResponse
      */
-    public function register(RegisterRequest $request)
-    {
-        $user = User::create($request->all(['name', 'username', 'email', 'password']));
-
-        return response()->json([
-            'message' => 'Registered successfully',
-            'user' => $user
-        ]);
-    }
+//    public function register(RegisterRequest $request)
+//    {
+//        $user = User::create($request->all(['name', 'username', 'email', 'password']));
+//
+//        return response()->json([
+//            'message' => 'Registered successfully',
+//            'user' => $user
+//        ]);
+//    }
+//
 
     /**
      * Login using email and password
      * @param LoginRequest $request
      * @return array
      * @throws AuthenticationException
      */
-    public function login(LoginRequest $request)
-    {
-        if (!auth()->guard()->attempt($request->all()))
-            throw new AuthenticationException('Invalid credential');
-
-        return [
-            'token' => Authentication::createToken(auth()->user())
-        ];
-    }
+//    public function getTokenUsingCredential(LoginRequest $request)
+//    {
+//        if (!auth()->guard()->attempt($request->all()))
+//            throw new AuthenticationException('Invalid credential');
+//
+//        return [
+//            'token' => Authentication::createToken(auth()->user())
+//        ];
+//    }
 
     /**
      * Authenticated user's tokens
      * @return \Illuminate\Http\Resources\Json\AnonymousResourceCollection
      */
-    public function myTokens()
-    {
-        return MyTokensResource::collection(auth()->user()->tokens);
-    }
+//    public function myTokens()
+//    {
+//        return MyTokensResource::collection(auth()->user()->tokens);
+//    }
+
+//    public function revokeToken($id)
+//    {
+//        auth()->user()->tokens()->find($id)->delete();
+//
+//        return response()->json([
+//            'message' => 'Token revoked successfully'
+//        ]);
+//    }
+
+//    public function logout()
+//    {
+//        auth()->user()->currentAccessToken()->delete();
+//
+//        return response()->json([
+//            'message' => 'Successfully logged out'
+//        ]);
+//    }
 
-    public function revokeToken($id)
+    /**
+     *
+     * @param $service
+     * @return mixed
+     */
+    public function oauthRedirect($service)
     {
-        auth()->user()->tokens()->find($id)->delete();
-
-        return response()->json([
-            'message' => 'Token revoked successfully'
-        ]);
+        return Socialite::driver($service)->stateless()->redirect();
     }
 
-    public function logout()
+    public function oauthCallback($service)
     {
-        auth()->user()->currentAccessToken()->delete();
 
-        return response()->json([
-            'message' => 'Successfully logged out'
-        ]);
-    }
-
-    public function redirect($service)
-    {
-        return Socialite::driver($service)->stateless()->redirect();
-    }
 
-    public function callback($service)
-    {
         try {
-            $serviceUser = Socialite::driver($service)->stateless()->user();
-            // Check if this service already exists
+
+            $socialServiceUser = Socialite::driver($service)->stateless()->user();
+
             $social_user = UserSocial::where([
                 ['service', $service],
-                ['service_uid', $serviceUser->id]
+                ['service_uid', $socialServiceUser->id]
             ])->first();
+
             if ($social_user) $user = $social_user->user;
-            else if (!$user = User::whereEmail($serviceUser->email)->first()) {
+            else if (!$user = User::whereEmail($socialServiceUser->email)->first()) {
 
                 $user = new User([
-                    'username' => $serviceUser->nickname ?? strtolower(explode("@", $serviceUser->email)[0] . Str::random(4)),
-                    'name' => $serviceUser->name ?? Str::random(6),
-                    'email' => $serviceUser->email,
-                    'profilePhoto' => $serviceUser?->avatar,
-                    'bio' => collect($serviceUser->user)->has('bio') ? $serviceUser->user['bio'] : null,
+                    'username' => $socialServiceUser->nickname ?? strtolower(explode("@", $socialServiceUser->email)[0] . Str::random(4)),
+                    'name' => $socialServiceUser->name ?? Str::random(6),
+                    'email' => $socialServiceUser->email,
+                    'profilePhoto' => $socialServiceUser?->avatar,
+                    'bio' => collect($socialServiceUser->user)->has('bio') ? $socialServiceUser->user['bio'] : null,
                 ]);
 
                 if ($service == 'github') {
                     $user->social_links = [
-                        'github' => 'https://github.com/' . $serviceUser->nickname
+                        'github' => 'https://github.com/' . $socialServiceUser->nickname
                     ];
                 }
                 $user->save();
@@ -114,18 +123,29 @@ public function callback($service)
                 NewUserCreated::dispatch($user);
                 $user->socialProviders()->create([
                     'service' => $service,
-                    'service_uid' => $serviceUser->id
+                    'service_uid' => $socialServiceUser->id
                 ]);
             }
 
-            $redirect_url = env('CLIENT_URL') . '/social-callback?token=' . Authentication::createToken($user);
+            $signedRoute = URL::temporarySignedRoute('oauth-signed-login', now()->addMinute(), [
+                'user_id' => $user->id,
+            ]);
+            $signedToken = explode('?', $signedRoute)[1];
+
+            $redirect_url = env('CLIENT_URL') . '/auth/oauth-callback?' . $signedToken;
             return redirect($redirect_url);
 
         } catch (InvalidStateException $e) {
             return $this->redirect(env('CLIENT_URL') . '?error=1');
         }
     }
 
+    public function oauthSignedLogin(\Illuminate\Http\Request $request)
+    {
+        auth()->loginUsingId($request->get('user_id'));
+        return response()->noContent();
+    }
+
     public function updateProfile(UpdateProfileRequest $request)
     {
         auth()->user()->update($request->all());
@@ -151,4 +171,4 @@ public function updateBasicProfileSettings(UpdateBasicProfileSettingsRequest $re
         ]);
     }
 
-}
+}
diff --git a/app/Models/User.php b/app/Models/User.php
@@ -112,10 +112,10 @@ public function socialProviders()
         return $this->hasMany(UserSocial::class);
     }
 
-    public function setPasswordAttribute($value)
-    {
-        $this->attributes['password'] = bcrypt($value);
-    }
+//    public function setPasswordAttribute($value)
+//    {
+//        $this->attributes['password'] = bcrypt($value);
+//    }
 
     public function setUsernameAttribute($value)
     {
diff --git a/app/Providers/RouteServiceProvider.php b/app/Providers/RouteServiceProvider.php
@@ -17,7 +17,7 @@ class RouteServiceProvider extends ServiceProvider
      *
      * @var string
      */
-    public const HOME = '/home';
+    public const HOME = '/api/user';
 
     /**
      * The controller namespace for the application.
diff --git a/bootstrap/cache/services.php b/bootstrap/cache/services.php
@@ -49,11 +49,12 @@
     45 => 'Spatie\\Permission\\PermissionServiceProvider',
     46 => 'Jenssegers\\Agent\\AgentServiceProvider',
     47 => 'App\\Providers\\TelescopeServiceProvider',
-    48 => 'App\\Providers\\AppServiceProvider',
-    49 => 'App\\Providers\\AuthServiceProvider',
-    50 => 'App\\Providers\\BroadcastServiceProvider',
-    51 => 'App\\Providers\\EventServiceProvider',
-    52 => 'App\\Providers\\RouteServiceProvider',
+    48 => 'App\\Providers\\FortifyServiceProvider',
+    49 => 'App\\Providers\\AppServiceProvider',
+    50 => 'App\\Providers\\AuthServiceProvider',
+    51 => 'App\\Providers\\BroadcastServiceProvider',
+    52 => 'App\\Providers\\EventServiceProvider',
+    53 => 'App\\Providers\\RouteServiceProvider',
   ),
   'eager' => 
   array (
@@ -89,11 +90,12 @@
     29 => 'Spatie\\Permission\\PermissionServiceProvider',
     30 => 'Jenssegers\\Agent\\AgentServiceProvider',
     31 => 'App\\Providers\\TelescopeServiceProvider',
-    32 => 'App\\Providers\\AppServiceProvider',
-    33 => 'App\\Providers\\AuthServiceProvider',
-    34 => 'App\\Providers\\BroadcastServiceProvider',
-    35 => 'App\\Providers\\EventServiceProvider',
-    36 => 'App\\Providers\\RouteServiceProvider',
+    32 => 'App\\Providers\\FortifyServiceProvider',
+    33 => 'App\\Providers\\AppServiceProvider',
+    34 => 'App\\Providers\\AuthServiceProvider',
+    35 => 'App\\Providers\\BroadcastServiceProvider',
+    36 => 'App\\Providers\\EventServiceProvider',
+    37 => 'App\\Providers\\RouteServiceProvider',
   ),
   'deferred' => 
   array (
diff --git a/config/app.php b/config/app.php
@@ -167,7 +167,7 @@
          */
         Jenssegers\Agent\AgentServiceProvider::class,
         App\Providers\TelescopeServiceProvider::class,
-//        App\Providers\FortifyServiceProvider::class,
+        App\Providers\FortifyServiceProvider::class,
 
         /*
          * Application Service Providers...
diff --git a/routes/api.php b/routes/api.php
@@ -1,6 +1,7 @@
 <?php
 
 use App\Http\Controllers\ArticleController;
+use App\Http\Controllers\AuthController;
 use App\Http\Controllers\TagController;
 use App\Http\Controllers\UserController;
 use Illuminate\Support\Facades\Route;
@@ -55,17 +56,26 @@
 /**
  * Authentication
  */
-//Route::group(['prefix' => 'auth'], function () {
-////    Route::post('update-profile', [AuthController::class, 'updateProfile'])->middleware('auth:sanctum');
-////    Route::post('update-profile-basic-settings', [AuthController::class, 'updateBasicProfileSettings'])->middleware('auth:sanctum');
-////    Route::post('register', [AuthController::class, 'register']);
-////    Route::post('login', [AuthController::class, 'login']);
-////    Route::get('login/{service}', [AuthController::class, 'redirect']);
-////    Route::get('login/{service}/callback', [AuthController::class, 'callback']);
-////    Route::post('logout', [AuthController::class, 'logout'])->middleware('auth:sanctum');
-////    Route::get('my-tokens', [AuthController::class, 'myTokens'])->middleware('auth:sanctum');
-////    Route::delete('revoke-token/{id}', [AuthController::class, 'revokeToken'])->middleware('auth:sanctum');
-//});
+Route::group(['prefix' => 'auth'], function () {
+
+    Route::post('oauth/signed-login', [AuthController::class, 'oauthSignedLogin'])
+        ->name('oauth-signed-login')
+        ->middleware('signed');
+
+    Route::get('oauth/{service}', [AuthController::class, 'oauthRedirect']);
+    Route::get('oauth/{service}/callback', [AuthController::class, 'oauthCallback']);
+
+
+//    Route::post('update-profile', [AuthController::class, 'updateProfile'])->middleware('auth:sanctum');
+//    Route::post('update-profile-basic-settings', [AuthController::class, 'updateBasicProfileSettings'])->middleware('auth:sanctum');
+//    Route::post('register', [AuthController::class, 'register']);
+//    Route::post('login', [AuthController::class, 'login']);
+//    Route::get('login/{service}', [AuthController::class, 'redirect']);
+//    Route::get('login/{service}/callback', [AuthController::class, 'callback']);
+//    Route::post('logout', [AuthController::class, 'logout'])->middleware('auth:sanctum');
+//    Route::get('my-tokens', [AuthController::class, 'myTokens'])->middleware('auth:sanctum');
+//    Route::delete('revoke-token/{id}', [AuthController::class, 'revokeToken'])->middleware('auth:sanctum');
+});
 
 
 Route::get('articles-dump', function () {

Original file line number	Diff line number	Diff line change
`@@ -112,10 +112,10 @@ public function socialProviders()`
`112`	`112`	`return $this->hasMany(UserSocial::class);`
`113`	`113`	`}`
`114`	`114`
`115`		`- public function setPasswordAttribute($value)`
`116`		`- {`
`117`		`- $this->attributes['password'] = bcrypt($value);`
`118`		`- }`
	`115`	`+// public function setPasswordAttribute($value)`
	`116`	`+// {`
	`117`	`+// $this->attributes['password'] = bcrypt($value);`
	`118`	`+// }`
`119`	`119`
`120`	`120`	`public function setUsernameAttribute($value)`
`121`	`121`	`{`
Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@ class RouteServiceProvider extends ServiceProvider`
`17`	`17`	`*`
`18`	`18`	`* @var string`
`19`	`19`	`*/`
`20`		`- public const HOME = '/home';`
	`20`	`+ public const HOME = '/api/user';`
`21`	`21`
`22`	`22`	`/**`
`23`	`23`	`* The controller namespace for the application.`