diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php index 774c27f..e03525b 100644 --- a/app/Http/Controllers/AuthController.php +++ b/app/Http/Controllers/AuthController.php @@ -3,104 +3,86 @@ namespace App\Http\Controllers; use Illuminate\Http\Request; use Illuminate\Support\Facades\Http; +use Illuminate\Support\Facades\Log; +use Illuminate\Support\Facades\Session; class AuthController extends Controller { + public function showLoginForm() + { + return view('login'); + } + public function login(Request $request) { - $request->validate([ - 'username' => 'required|string', - 'password' => 'required|string', + $apiUrl = env('BACKEND_API_URL', 'http://localhost:8080'); + $loginEndpoint = '/api/cms/login_password'; + + Log::info('API URL being used: ' . $apiUrl . $loginEndpoint); + + $response = Http::timeout(30)->post($apiUrl . $loginEndpoint, [ + 'username' => $request->input('username'), + 'password' => $request->input('password'), ]); - $username = $request->input('username'); - $password = $request->input('password'); - - // Step 1: Verify the username - $usernameApiUrl = 'http://192.168.56.1:8080/api/cms/username_login'; - - try { - $usernameResponse = Http::timeout(30)->post($usernameApiUrl, [ - 'username' => $username, - ]); - - $usernameData = $usernameResponse->json(); - - // Check if username verification failed - if (!$usernameResponse->successful() || !isset($usernameData['data']['is_verified']) || !$usernameData['data']['is_verified']) { - return redirect()->back()->with('error', $usernameData['message'] ?? 'Username does not exist.'); - } - - // Step 2: Authenticate with password - $loginApiUrl = 'http://192.168.56.1:8080/api/cms/login_password'; - - $loginResponse = Http::timeout(30)->post($loginApiUrl, [ - 'username' => $username, - 'password' => $password, - ]); - - $loginData = $loginResponse->json(); - - if (!$loginResponse->successful()) { - return redirect()->back()->with('error', $loginData['message'] ?? 'Login failed.'); - } - - if (!$loginData['success']) { - $message = $loginData['message'] ?? 'Login failed'; - if ($message === 'User must change password') { - // Store admin_uuid in session for password change - session(['admin_uuid' => $loginData['data']['admin_uuid']]); - return redirect()->route('change-password')->with('error', 'You must change your password.'); + if ($response->successful()) { + $data = $response->json(); + if (isset($data['success']) && isset($data['message'])) { + if ($data['message'] === 'User must change password') { + Session::put('admin_uuid', $data['success']['admin_uuid']); + Session::put('username', $request->input('username')); + return redirect()->route('password.change')->with('success', 'You must change your password.'); } - return redirect()->back()->with('error', $message); + // Store token in session + Session::put('access_token', $data['success']['token']); + Session::put('username', $request->input('username')); + return redirect()->route('dashboard')->with('success', 'Login successful.'); } - - if (isset($loginData['data']['token'])) { - session(['authToken' => $loginData['data']['token']]); - } - - return redirect()->route('my-profile')->with('success', 'Login successful!'); - } catch (\Exception $e) { - return redirect()->back()->with('error', 'Error connecting to API: ' . $e->getMessage()); } + + $errorMessage = 'Login failed. Please check your credentials.'; + if ($response->status() === 401) { + $errorMessage = $response->json()['message'] ?? 'Unauthorized access.'; + } elseif ($response->status() === 422) { + $errorMessage = $response->json()['message'] ?? 'Validation error.'; + } + + return redirect()->back()->with('error', $errorMessage)->withInput($request->except('password')); + } + + public function showChangePasswordForm() + { + return view('change-password'); } - // Add a method to handle password change (optional, if you want to implement the change-password route) public function changePassword(Request $request) { - $request->validate([ - 'password' => 'required|string|min:8|confirmed', + $apiUrl = env('BACKEND_API_URL', 'http://localhost:8080'); + $changePasswordEndpoint = '/api/cms/login_changePassword'; + + Log::info('API URL being used: ' . $apiUrl . $changePasswordEndpoint); + + $response = Http::timeout(30)->post($apiUrl . $changePasswordEndpoint, [ + 'admin_uuid' => Session::get('admin_uuid'), + 'username' => Session::get('username'), + 'password' => $request->input('new_password'), ]); - $adminUuid = session('admin_uuid'); - if (!$adminUuid) { - return redirect()->route('login')->with('error', 'Invalid session. Please login again.'); - } - - $changePasswordApiUrl = 'http://192.168.56.1:8080/api/cms/change_password'; - - try { - $response = Http::timeout(30)->post($changePasswordApiUrl, [ - 'admin_uuid' => $adminUuid, - 'password' => $request->input('password'), - ]); - + if ($response->successful()) { $data = $response->json(); - - if (!$response->successful() || !$data['success']) { - return redirect()->back()->with('error', $data['message'] ?? 'Failed to change password.'); + if (isset($data['success']['token'])) { + Session::put('access_token', $data['success']['token']); + return redirect()->route('dashboard')->with('success', 'Password changed successfully.'); } - - if (isset($data['data']['token'])) { - session(['authToken' => $data['data']['token']]); - } - - // Clear admin_uuid from session - session()->forget('admin_uuid'); - - return redirect()->route('my-profile')->with('success', 'Password changed successfully!'); - } catch (\Exception $e) { - return redirect()->back()->with('error', 'Error connecting to API: ' . $e->getMessage()); } + + $errorMessage = 'Failed to change password.'; + if ($response->status() === 401) { + $errorMessage = $response->json()['message'] ?? 'Unauthorized access.'; + } elseif ($response->status() === 422) { + $errorMessage = $response->json()['message'] ?? 'Password cannot be the same as the previous two passwords.'; + } + + return redirect()->back()->with('error', $errorMessage)->withInput(); } } \ No newline at end of file diff --git a/resources/views/change-password.blade.php b/resources/views/change-password.blade.php index eec296a..238a781 100644 --- a/resources/views/change-password.blade.php +++ b/resources/views/change-password.blade.php @@ -4,7 +4,7 @@
- Unioil Logo + Unioil Logo

Change Password

@@ -32,20 +32,20 @@
@endif -
+ @csrf
- - - @error('password') + + + @error('username')
{{ $message }}
@enderror
- - - @error('password_confirmation') + + + @error('new_password')
{{ $message }}
@enderror
diff --git a/resources/views/login.blade.php b/resources/views/login.blade.php index 360bd56..5f65e4b 100644 --- a/resources/views/login.blade.php +++ b/resources/views/login.blade.php @@ -4,7 +4,7 @@
- Unioil Logo + Unioil Logo

Welcome

@@ -32,7 +32,7 @@
@endif - + @csrf
@@ -43,7 +43,7 @@
- + @error('password')
{{ $message }}
diff --git a/routes/web.php b/routes/web.php index 33313fc..d8463bc 100644 --- a/routes/web.php +++ b/routes/web.php @@ -5,12 +5,13 @@ use Illuminate\Support\Facades\Http; use App\Http\Controllers\AuthController; -Route::get('/', function () { - return view('login'); -})->name('login'); -Route::post('/login', [AuthController::class, 'login'])->name('login'); -Route::post('/change-password', [AuthController::class, 'changePassword'])->name('change-password.submit'); + +Route::get('/', [AuthController::class, 'showLoginForm'])->name('login'); +Route::post('/login', [AuthController::class, 'login'])->name('login.submit'); +Route::get('/change-password', [AuthController::class, 'showChangePasswordForm'])->name('password.change'); +Route::post('/change-password', [AuthController::class, 'changePassword'])->name('password.submit'); + Route::get('/dashboard', function () { return view('dashboard');