From 52bcd422e27612433d7387b99f1635819e759707 Mon Sep 17 00:00:00 2001
From: armiejean <armie.miranda@qlicqer.com>
Date: Tue, 6 May 2025 00:51:08 +0800
Subject: [PATCH] added different network for frontend

---
 app/Http/Controllers/AuthController.php   | 81 ++++++++++++++++++++---
 config/cache.php                          |  2 +-
 docker-compose.yml                        | 15 +++--
 docker/nginx/default.conf                 |  6 +-
 docker/php/Dockerfile                     | 16 ++---
 resources/views/change-password.blade.php | 64 ++++++++++++++++++
 resources/views/login.blade.php           | 21 +++++-
 routes/web.php                            |  3 +-
 8 files changed, 177 insertions(+), 31 deletions(-)
 create mode 100644 resources/views/change-password.blade.php

diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php
index be5814e..774c27f 100644
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@@ -8,31 +8,55 @@ class AuthController extends Controller
 {
     public function login(Request $request)
     {
+        $request->validate([
+            'username' => 'required|string',
+            'password' => 'required|string',
+        ]);
+
         $username = $request->input('username');
         $password = $request->input('password');
 
-        // Use the API container name or correct URL
-        $apiUrl = 'http://192.168.56.1:8080/api/cms/login_password'; // Adjust as needed
+        // Step 1: Verify the username
+        $usernameApiUrl = 'http://192.168.56.1:8080/api/cms/username_login';
 
         try {
-            $response = Http::timeout(30)->post($apiUrl, [
+            $usernameResponse = Http::timeout(30)->post($usernameApiUrl, [
+                'username' => $username,
+            ]);
+
+            $usernameData = $usernameResponse->json();
+
+            // Check if username verification failed
+            if (!$usernameResponse->successful() || !isset($usernameData['data']['is_verified']) || !$usernameData['data']['is_verified']) {
+                return redirect()->back()->with('error', $usernameData['message'] ?? 'Username does not exist.');
+            }
+
+            // Step 2: Authenticate with password
+            $loginApiUrl = 'http://192.168.56.1:8080/api/cms/login_password';
+
+            $loginResponse = Http::timeout(30)->post($loginApiUrl, [
                 'username' => $username,
                 'password' => $password,
             ]);
 
-            $data = $response->json();
+            $loginData = $loginResponse->json();
 
-            if (!$data['success']) {
-                $message = $data['message'] ?? 'Login failed';
+            if (!$loginResponse->successful()) {
+                return redirect()->back()->with('error', $loginData['message'] ?? 'Login failed.');
+            }
+
+            if (!$loginData['success']) {
+                $message = $loginData['message'] ?? 'Login failed';
                 if ($message === 'User must change password') {
+                    // Store admin_uuid in session for password change
+                    session(['admin_uuid' => $loginData['data']['admin_uuid']]);
                     return redirect()->route('change-password')->with('error', 'You must change your password.');
                 }
                 return redirect()->back()->with('error', $message);
             }
 
-            // Store token in session (or elsewhere)
-            if (isset($data['token'])) {
-                session(['authToken' => $data['token']]);
+            if (isset($loginData['data']['token'])) {
+                session(['authToken' => $loginData['data']['token']]);
             }
 
             return redirect()->route('my-profile')->with('success', 'Login successful!');
@@ -40,4 +64,43 @@ class AuthController extends Controller
             return redirect()->back()->with('error', 'Error connecting to API: ' . $e->getMessage());
         }
     }
+
+    // Add a method to handle password change (optional, if you want to implement the change-password route)
+    public function changePassword(Request $request)
+    {
+        $request->validate([
+            'password' => 'required|string|min:8|confirmed',
+        ]);
+
+        $adminUuid = session('admin_uuid');
+        if (!$adminUuid) {
+            return redirect()->route('login')->with('error', 'Invalid session. Please login again.');
+        }
+
+        $changePasswordApiUrl = 'http://192.168.56.1:8080/api/cms/change_password';
+
+        try {
+            $response = Http::timeout(30)->post($changePasswordApiUrl, [
+                'admin_uuid' => $adminUuid,
+                'password' => $request->input('password'),
+            ]);
+
+            $data = $response->json();
+
+            if (!$response->successful() || !$data['success']) {
+                return redirect()->back()->with('error', $data['message'] ?? 'Failed to change password.');
+            }
+
+            if (isset($data['data']['token'])) {
+                session(['authToken' => $data['data']['token']]);
+            }
+
+            // Clear admin_uuid from session
+            session()->forget('admin_uuid');
+
+            return redirect()->route('my-profile')->with('success', 'Password changed successfully!');
+        } catch (\Exception $e) {
+            return redirect()->back()->with('error', 'Error connecting to API: ' . $e->getMessage());
+        }
+    }
 }
\ No newline at end of file
diff --git a/config/cache.php b/config/cache.php
index 925f7d2..ee044f3 100644
--- a/config/cache.php
+++ b/config/cache.php
@@ -15,7 +15,7 @@ return [
     |
     */
 
-    'default' => env('CACHE_STORE', 'database'),
+    'default' => env('CACHE_DRIVER', 'file'),
 
     /*
     |--------------------------------------------------------------------------
diff --git a/docker-compose.yml b/docker-compose.yml
index 5395bc0..1808bf2 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -6,13 +6,14 @@ services:
     build:
       context: ./docker/php
       dockerfile: Dockerfile
-    container_name: app
+    container_name: frontend-app
     restart: always
     working_dir: /var/www
     volumes:
       - .:/var/www
     command: >
-      /bin/sh -c 'mkdir -p /var/www/storage /var/www/bootstrap/cache &&
+      /bin/sh -c 'until nc -z db_mysql 3306; do echo "Waiting for database..."; sleep 2; done &&
+                  mkdir -p /var/www/storage /var/www/bootstrap/cache &&
                   chown -R www-data:www-data /var/www/storage /var/www/bootstrap/cache &&
                   chmod -R 775 /var/www/storage /var/www/bootstrap/cache &&
                   composer install --no-dev --optimize-autoloader &&
@@ -24,13 +25,15 @@ services:
       timeout: 10s
       retries: 10
     networks:
-      - api_network
+      - frontend-network
+      - backend-network # Ensure this is included to access db_mysql
     environment:
       - DB_HOST=db_mysql
       - DB_PORT=3306
       - DB_DATABASE=unioil-app
       - DB_USERNAME=rootuser
       - DB_PASSWORD=password
+      - CACHE_DRIVER=file
 
   # Nginx
   web-frontend:
@@ -53,9 +56,11 @@ services:
       timeout: 10s
       retries: 5
     networks:
-      - api_network
+      - frontend-network
 
 networks:
-  api_network:
+  frontend-network:
     external: true
     driver: bridge
+  backend-network:
+    external: true # Declare as external since it's created by backend
diff --git a/docker/nginx/default.conf b/docker/nginx/default.conf
index ddde90b..e5fe368 100644
--- a/docker/nginx/default.conf
+++ b/docker/nginx/default.conf
@@ -1,4 +1,3 @@
-# backend/docker/nginx/default.conf
 server {
     listen 80;
     server_name localhost;
@@ -13,17 +12,16 @@ server {
     location ~ \.php$ {
         try_files $uri =404;
         include fastcgi.conf;
-        fastcgi_pass app:9000; # Matches backend's 'app' service renamed to 'laravel'
+        fastcgi_pass app:9000;
         fastcgi_index index.php;
         fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
         fastcgi_param DOCUMENT_ROOT $realpath_root;
     }
 
-    # Deny access to .htaccess files
     location ~ /\.ht {
         deny all;
     }
 
     error_log /var/log/nginx/error.log;
     access_log /var/log/nginx/access.log;
-}
+}
\ No newline at end of file
diff --git a/docker/php/Dockerfile b/docker/php/Dockerfile
index e9dc765..02c6f34 100644
--- a/docker/php/Dockerfile
+++ b/docker/php/Dockerfile
@@ -1,5 +1,5 @@
 # Use PHP 8.2 Alpine (compatible with Laravel 11)
-FROM php:8.2-fpm-alpine
+FROM php:8.3-fpm-alpine
 
 # Install required dependencies
 RUN apk add --no-cache \
@@ -11,25 +11,25 @@ RUN apk add --no-cache \
     libzip-dev \
     zip \
     unzip \
-    openssl  # Laravel requires OpenSSL for encryption
+    openssl
 
 # Install required extensions
 RUN docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp \
     && docker-php-ext-install gd pdo pdo_mysql bcmath mbstring zip
 
-# Install Composer (using official Composer image)
+# Install Composer
 COPY --from=composer:2.7 /usr/bin/composer /usr/bin/composer
 
 # Set working directory
 WORKDIR /var/www
 
-# Copy Laravel application files BEFORE running composer install
+# Copy Laravel application files
 COPY . /var/www/
 
-# Ensure composer.json exists before running install
+# Install dependencies
 RUN if [ -f "composer.json" ]; then composer install --no-dev --optimize-autoloader; else echo "composer.json not found!"; fi
 
-# Ensure required Laravel directories exist and set permissions
+# Set permissions
 RUN mkdir -p /var/www/storage /var/www/bootstrap/cache && \
     chown -R www-data:www-data /var/www && \
     chmod -R 775 /var/www/storage /var/www/bootstrap/cache
@@ -37,5 +37,5 @@ RUN mkdir -p /var/www/storage /var/www/bootstrap/cache && \
 # Expose PHP-FPM port
 EXPOSE 9000
 
-# Start PHP-FPM server
-CMD ["php-fpm"]
+# Start PHP-FPM
+CMD ["php-fpm"]
\ No newline at end of file
diff --git a/resources/views/change-password.blade.php b/resources/views/change-password.blade.php
new file mode 100644
index 0000000..eec296a
--- /dev/null
+++ b/resources/views/change-password.blade.php
@@ -0,0 +1,64 @@
+@extends('layouts.login')
+
+@section('content')
+<div class="container py-5">
+    <div class="row justify-content-center">
+        <div class="col-12 col-md-6">
+            <img src="{{ asset('img/logo.png') }}" alt="Unioil Logo" class="img-fluid" style="max-width: 150px;">
+
+            <div class="mb-3 text-center">
+                <h4 class="mb-1 fw-bold">Change Password</h4>
+                <span style="font-size: 14px;" class="text-muted">Enter your new password</span>
+            </div>
+
+            <!-- Error/Success Messages -->
+            @if (session('success'))
+                <div class="alert alert-success" role="alert">
+                    {{ session('success') }}
+                </div>
+            @endif
+            @if (session('error'))
+                <div class="alert alert-danger" role="alert">
+                    {{ session('error') }}
+                </div>
+            @endif
+            @if ($errors->any())
+                <div class="alert alert-danger" role="alert">
+                    <ul>
+                        @foreach ($errors->all() as $error)
+                            <li>{{ $error }}</li>
+                        @endforeach
+                    </ul>
+                </div>
+            @endif
+
+            <form method="POST" action="{{ route('change-password.submit') }}">
+                @csrf
+                <div class="mb-3">
+                    <label class="form-label fw-semibold" style="font-size: 13px; color: #003366;">New Password</label>
+                    <input type="password" class="form-control @error('password') is-invalid @enderror" id="password" name="password" placeholder="New Password" required>
+                    @error('password')
+                        <div class="invalid-feedback">{{ $message }}</div>
+                    @enderror
+                </div>
+
+                <div class="mb-3">
+                    <label class="form-label fw-semibold" style="font-size: 13px; color: #003366;">Confirm Password</label>
+                    <input type="password" class="form-control @error('password_confirmation') is-invalid @enderror" id="password_confirmation" name="password_confirmation" placeholder="Confirm Password" required>
+                    @error('password_confirmation')
+                        <div class="invalid-feedback">{{ $message }}</div>
+                    @enderror
+                </div>
+
+                <div class="row mt-4">
+                    <div class="col-12 text-end">
+                        <button type="submit" class="btn btn-primary w-100" style="background-color: #E74610; border-color: #E74610;">
+                            Change Password
+                        </button>
+                    </div>
+                </div>
+            </form>
+        </div>
+    </div>
+</div>
+@endsection
\ No newline at end of file
diff --git a/resources/views/login.blade.php b/resources/views/login.blade.php
index 1295a20..360bd56 100644
--- a/resources/views/login.blade.php
+++ b/resources/views/login.blade.php
@@ -22,17 +22,32 @@
                     {{ session('error') }}
                 </div>
             @endif
+            @if ($errors->any())
+                <div class="alert alert-danger" role="alert">
+                    <ul>
+                        @foreach ($errors->all() as $error)
+                            <li>{{ $error }}</li>
+                        @endforeach
+                    </ul>
+                </div>
+            @endif
 
-            <form method="POST" action="{{ url('/login') }}">
+            <form method="POST" action="{{ route('login') }}">
                 @csrf
                 <div class="mb-3">
                     <label class="form-label fw-semibold" style="font-size: 13px; color: #003366;">Enter Username</label>
-                    <input type="text" class="form-control" id="username" name="username" placeholder="Username" required>
+                    <input type="text" class="form-control @error('username') is-invalid @enderror" id="username" name="username" placeholder="Username" value="{{ old('username') }}" required>
+                    @error('username')
+                        <div class="invalid-feedback">{{ $message }}</div>
+                    @enderror
                 </div>
 
                 <div class="mb-3">
                     <label class="form-label fw-semibold text-primary" style="font-size: 13px; color: #003366 !important;">Enter Password</label>
-                    <input type="password" class="form-control" id="password" name="password" placeholder="Password" required>
+                    <input type="password" class="form-control @error('password') is-invalid @enderror" id="password" name="password" placeholder="Password" required>
+                    @error('password')
+                        <div class="invalid-feedback">{{ $message }}</div>
+                    @enderror
                 </div>
 
                 <div class="row mt-4">
diff --git a/routes/web.php b/routes/web.php
index 05a8bda..33313fc 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -8,8 +8,9 @@ use App\Http\Controllers\AuthController;
 Route::get('/', function () {
     return view('login');
 })->name('login');
-Route::post('/login', [AuthController::class, 'login'])->name('login');
 
+Route::post('/login', [AuthController::class, 'login'])->name('login');
+Route::post('/change-password', [AuthController::class, 'changePassword'])->name('change-password.submit');
 
 Route::get('/dashboard', function () {
     return view('dashboard');