armiejean
/
cms-frontend
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

login

This commit is contained in:
armiejean 2025-05-07 00:44:48 +08:00
parent 52bcd422e2
commit 8bcecdc10b
4 changed files with 79 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

142
app/Http/Controllers/AuthController.php
View File

@ -3,104 +3,86 @@ namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Http;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Session;
class AuthController extends Controller
{
public function showLoginForm()
{
return view('login');
}
public function login(Request $request)
{
$request->validate([
'username' => 'required|string',
'password' => 'required|string',
$apiUrl = env('BACKEND_API_URL', 'http://localhost:8080');
$loginEndpoint = '/api/cms/login_password';
Log::info('API URL being used: ' . $apiUrl . $loginEndpoint);
$response = Http::timeout(30)->post($apiUrl . $loginEndpoint, [
'username' => $request->input('username'),
'password' => $request->input('password'),
]);
$username = $request->input('username');
$password = $request->input('password');
// Step 1: Verify the username
$usernameApiUrl = 'http://192.168.56.1:8080/api/cms/username_login';
try {
$usernameResponse = Http::timeout(30)->post($usernameApiUrl, [
'username' => $username,
]);
$usernameData = $usernameResponse->json();
// Check if username verification failed
if (!$usernameResponse->successful() || !isset($usernameData['data']['is_verified']) || !$usernameData['data']['is_verified']) {
return redirect()->back()->with('error', $usernameData['message'] ?? 'Username does not exist.');
}
// Step 2: Authenticate with password
$loginApiUrl = 'http://192.168.56.1:8080/api/cms/login_password';
$loginResponse = Http::timeout(30)->post($loginApiUrl, [
'username' => $username,
'password' => $password,
]);
$loginData = $loginResponse->json();
if (!$loginResponse->successful()) {
return redirect()->back()->with('error', $loginData['message'] ?? 'Login failed.');
}
if (!$loginData['success']) {
$message = $loginData['message'] ?? 'Login failed';
if ($message === 'User must change password') {
// Store admin_uuid in session for password change
session(['admin_uuid' => $loginData['data']['admin_uuid']]);
return redirect()->route('change-password')->with('error', 'You must change your password.');
if ($response->successful()) {
$data = $response->json();
if (isset($data['success']) && isset($data['message'])) {
if ($data['message'] === 'User must change password') {
Session::put('admin_uuid', $data['success']['admin_uuid']);
Session::put('username', $request->input('username'));
return redirect()->route('password.change')->with('success', 'You must change your password.');
}
return redirect()->back()->with('error', $message);
// Store token in session
Session::put('access_token', $data['success']['token']);
Session::put('username', $request->input('username'));
return redirect()->route('dashboard')->with('success', 'Login successful.');
}
if (isset($loginData['data']['token'])) {
session(['authToken' => $loginData['data']['token']]);
}
return redirect()->route('my-profile')->with('success', 'Login successful!');
} catch (\Exception $e) {
return redirect()->back()->with('error', 'Error connecting to API: ' . $e->getMessage());
}
$errorMessage = 'Login failed. Please check your credentials.';
if ($response->status() === 401) {
$errorMessage = $response->json()['message'] ?? 'Unauthorized access.';
} elseif ($response->status() === 422) {
$errorMessage = $response->json()['message'] ?? 'Validation error.';
}
return redirect()->back()->with('error', $errorMessage)->withInput($request->except('password'));
}
public function showChangePasswordForm()
{
return view('change-password');
}
// Add a method to handle password change (optional, if you want to implement the change-password route)
public function changePassword(Request $request)
{
$request->validate([
'password' => 'required|string|min:8|confirmed',
$apiUrl = env('BACKEND_API_URL', 'http://localhost:8080');
$changePasswordEndpoint = '/api/cms/login_changePassword';
Log::info('API URL being used: ' . $apiUrl . $changePasswordEndpoint);
$response = Http::timeout(30)->post($apiUrl . $changePasswordEndpoint, [
'admin_uuid' => Session::get('admin_uuid'),
'username' => Session::get('username'),
'password' => $request->input('new_password'),
]);
$adminUuid = session('admin_uuid');
if (!$adminUuid) {
return redirect()->route('login')->with('error', 'Invalid session. Please login again.');
}
$changePasswordApiUrl = 'http://192.168.56.1:8080/api/cms/change_password';
try {
$response = Http::timeout(30)->post($changePasswordApiUrl, [
'admin_uuid' => $adminUuid,
'password' => $request->input('password'),
]);
if ($response->successful()) {
$data = $response->json();
if (!$response->successful() || !$data['success']) {
return redirect()->back()->with('error', $data['message'] ?? 'Failed to change password.');
if (isset($data['success']['token'])) {
Session::put('access_token', $data['success']['token']);
return redirect()->route('dashboard')->with('success', 'Password changed successfully.');
}
if (isset($data['data']['token'])) {
session(['authToken' => $data['data']['token']]);
}
// Clear admin_uuid from session
session()->forget('admin_uuid');
return redirect()->route('my-profile')->with('success', 'Password changed successfully!');
} catch (\Exception $e) {
return redirect()->back()->with('error', 'Error connecting to API: ' . $e->getMessage());
}
$errorMessage = 'Failed to change password.';
if ($response->status() === 401) {
$errorMessage = $response->json()['message'] ?? 'Unauthorized access.';
} elseif ($response->status() === 422) {
$errorMessage = $response->json()['message'] ?? 'Password cannot be the same as the previous two passwords.';
}
return redirect()->back()->with('error', $errorMessage)->withInput();
}
}

16
resources/views/change-password.blade.php
View File

@ -4,7 +4,7 @@
<div class="container py-5">
<div class="row justify-content-center">
<div class="col-12 col-md-6">
<img src="{{ asset('img/logo.png') }}" alt="Unioil Logo" class="img-fluid" style="max-width: 150px;">
<img src="{{ asset('img/logo.png') }}" alt="Unioil Logo" class="img-fluid d-block mx-auto" style="max-width: 150px;">
<div class="mb-3 text-center">
<h4 class="mb-1 fw-bold">Change Password</h4>
@ -32,20 +32,20 @@
</div>
@endif
<form method="POST" action="{{ route('change-password.submit') }}">
<form method="POST" action="{{ route('password.submit') }}">
@csrf
<div class="mb-3">
<label class="form-label fw-semibold" style="font-size: 13px; color: #003366;">New Password</label>
<input type="password" class="form-control @error('password') is-invalid @enderror" id="password" name="password" placeholder="New Password" required>
@error('password')
<label class="form-label fw-semibold" style="font-size: 13px; color: #003366;">Username</label>
<input type="text" class="form-control @error('username') is-invalid @enderror" id="username" name="username" placeholder="Username" value="{{ old('username', session('username')) }}" required readonly>
@error('username')
<div class="invalid-feedback">{{ $message }}</div>
@enderror
</div>
<div class="mb-3">
<label class="form-label fw-semibold" style="font-size: 13px; color: #003366;">Confirm Password</label>
<input type="password" class="form-control @error('password_confirmation') is-invalid @enderror" id="password_confirmation" name="password_confirmation" placeholder="Confirm Password" required>
@error('password_confirmation')
<label class="form-label fw-semibold" style="font-size: 13px; color: #003366;">New Password</label>
<input type="password" class="form-control @error('new_password') is-invalid @enderror" id="new_password" name="new_password" placeholder="New Password" required>
@error('new_password')
<div class="invalid-feedback">{{ $message }}</div>
@enderror
</div>

6
resources/views/login.blade.php
View File

@ -4,7 +4,7 @@
<div class="container py-5">
<div class="row justify-content-center">
<div class="col-12 col-md-6">
<img src="{{ asset('img/logo.png') }}" alt="Unioil Logo" class="img-fluid" style="max-width: 150px;">
<img src="{{ asset('img/logo.png') }}" alt="Unioil Logo" class="img-fluid d-block mx-auto" style="max-width: 150px;">
<div class="mb-3 text-center">
<h4 class="mb-1 fw-bold">Welcome</h4>
@ -32,7 +32,7 @@
</div>
@endif
<form method="POST" action="{{ route('login') }}">
<form method="POST" action="{{ route('login.submit') }}">
@csrf
<div class="mb-3">
<label class="form-label fw-semibold" style="font-size: 13px; color: #003366;">Enter Username</label>
@ -43,7 +43,7 @@
</div>
<div class="mb-3">
<label class="form-label fw-semibold text-primary" style="font-size: 13px; color: #003366 !important;">Enter Password</label>
<label class="form-label fw-semibold" style="font-size: 13px; color: #003366;">Enter Password</label>
<input type="password" class="form-control @error('password') is-invalid @enderror" id="password" name="password" placeholder="Password" required>
@error('password')
<div class="invalid-feedback">{{ $message }}</div>

11
routes/web.php
View File

@ -5,12 +5,13 @@ use Illuminate\Support\Facades\Http;
use App\Http\Controllers\AuthController;
Route::get('/', function () {
return view('login');
})->name('login');
Route::post('/login', [AuthController::class, 'login'])->name('login');
Route::post('/change-password', [AuthController::class, 'changePassword'])->name('change-password.submit');
Route::get('/', [AuthController::class, 'showLoginForm'])->name('login');
Route::post('/login', [AuthController::class, 'login'])->name('login.submit');
Route::get('/change-password', [AuthController::class, 'showChangePasswordForm'])->name('password.change');
Route::post('/change-password', [AuthController::class, 'changePassword'])->name('password.submit');
Route::get('/dashboard', function () {
return view('dashboard');