only('username', 'password'); // if (Auth::attempt($credentials)) { // $request->session()->regenerate(); // $user = Auth::user(); // // Always redirect to my-profile route, let the route's controller handle the user // return redirect()->route('my-profile'); // } // return redirect()->back()->with('error', 'Invalid username or password'); // } public function login(Request $request) { // Validate input $request->validate([ 'username' => 'required|string', 'password' => 'required|string', ]); try { // Send HTTP request to external API $response = Http::post(config('services.backend_api.url') . '/api/cms/login_password', [ 'username' => $request->username, 'password' => $request->password, ]); $json = $response->json(); if ($response->successful()) { if ($json['code'] == 200) { // Store user data in session Session::put('user', [ 'admin' => $json['data']['admin'] ?? null, 'access_token' => $json['data']['token'] ?? null, ]); // dd(Session::get('user')); // Redirect to profile page return redirect('my-profile'); } else { // Handle login failure from API return back()->withErrors(['username' => $json['message'] ?? 'Login failed.']); } } else { // Handle failed HTTP response return back()->withErrors(['username' => $json['message'] ?? 'Login request failed. Please try again.']); } } catch (\Exception $e) { // Handle unexpected errors Log::error('Login error: ' . $e->getMessage()); return back()->withErrors(['username' => 'An error occurred: ' . $e->getMessage()]); } } public function showMyProfile() { // Fetch the authenticated user $user = Auth::user(); // If no user is authenticated, redirect to login if (!$user) { return redirect()->route('login')->with('error', 'Please log in to view your profile.'); } // Pass the user to the view return view('pages.my-profile', compact('user')); } /** * Show the change password form */ public function showChangePasswordForm() { if (!session()->has('admin_uuid')) { return redirect()->route('login')->withErrors(['error' => 'Unauthorized access']); } return view('change-password'); } /** * Handle change password form submission by calling the API */ public function changePassword(Request $request) { $url = "{$this->apiBaseUrl}/cms/login_changePassword"; $csrfToken = $request->session()->token(); try { $response = Http::withHeaders([ 'X-CSRF-TOKEN' => $csrfToken, 'Accept' => 'application/json', 'Authorization' => 'Bearer ' . session('token'), ])->post($url, [ 'admin_uuid' => $request->input('admin_uuid'), 'password' => $request->input('password'), ]); $data = $response->json(); Log::info('Change Password API Response: ', [$data]); if ($response->successful() && isset($data['code']) && $data['code'] === 200) { if (isset($data['data']['access_token'])) { session(['token' => $data['data']['access_token']]); } elseif (isset($data['data']['token'])) { session(['token' => $data['data']['token']]); } session()->forget('admin_uuid'); return redirect()->route('my-profile')->with('success', $data['message'] ?? 'Password changed successfully'); } return redirect()->back()->withErrors(['error' => $data['message'] ?? 'Failed to change password']); } catch (\Exception $e) { Log::error('Change Password Exception: ' . $e->getMessage()); return redirect()->back()->withErrors(['error' => 'Password change request failed: ' . $e->getMessage()]); } } /** * Handle logout by calling the API */ public function logout(Request $request) { $url = "{$this->apiBaseUrl}/logout_cms"; $csrfToken = $request->session()->token(); try { Http::withHeaders([ 'X-CSRF-TOKEN' => $csrfToken, 'Accept' => 'application/json', 'Authorization' => 'Bearer ' . session('token'), ])->post($url); session()->flush(); return redirect()->route('login')->with('success', 'Logged out successfully'); } catch (\Exception $e) { Log::error('Logout Exception: ' . $e->getMessage()); session()->flush(); return redirect()->route('login')->with('success', 'Logged out successfully'); } } }