129 lines
4.0 KiB
PHP
129 lines
4.0 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Http;
|
|
use Illuminate\Support\Facades\Log;
|
|
use Illuminate\Support\Facades\Auth;
|
|
class AuthController extends Controller
|
|
{
|
|
protected $apiBaseUrl = 'http://192.168.100.6:8081/api';
|
|
|
|
/**
|
|
* Show the login form
|
|
*/
|
|
public function showLoginForm()
|
|
{
|
|
return view('login');
|
|
}
|
|
|
|
/**
|
|
* Handle login form submission by calling the API
|
|
*/
|
|
public function login(Request $request)
|
|
{
|
|
$credentials = $request->only('username', 'password');
|
|
|
|
if (Auth::attempt($credentials)) {
|
|
$request->session()->regenerate();
|
|
$user = Auth::user();
|
|
|
|
// Always redirect to my-profile route, let the route's controller handle the user
|
|
return redirect()->route('my-profile');
|
|
}
|
|
return redirect()->back()->with('error', 'Invalid username or password');
|
|
}
|
|
|
|
public function showMyProfile()
|
|
{
|
|
// Fetch the authenticated user
|
|
$user = Auth::user();
|
|
|
|
// If no user is authenticated, redirect to login
|
|
if (!$user) {
|
|
return redirect()->route('login')->with('error', 'Please log in to view your profile.');
|
|
}
|
|
|
|
// Pass the user to the view
|
|
return view('pages.my-profile', compact('user'));
|
|
}
|
|
|
|
|
|
/**
|
|
* Show the change password form
|
|
*/
|
|
public function showChangePasswordForm()
|
|
{
|
|
if (!session()->has('admin_uuid')) {
|
|
return redirect()->route('login')->withErrors(['error' => 'Unauthorized access']);
|
|
}
|
|
|
|
return view('change-password');
|
|
}
|
|
|
|
/**
|
|
* Handle change password form submission by calling the API
|
|
*/
|
|
public function changePassword(Request $request)
|
|
{
|
|
$url = "{$this->apiBaseUrl}/cms/login_changePassword";
|
|
$csrfToken = $request->session()->token();
|
|
|
|
try {
|
|
$response = Http::withHeaders([
|
|
'X-CSRF-TOKEN' => $csrfToken,
|
|
'Accept' => 'application/json',
|
|
'Authorization' => 'Bearer ' . session('token'),
|
|
])->post($url, [
|
|
'admin_uuid' => $request->input('admin_uuid'),
|
|
'password' => $request->input('password'),
|
|
]);
|
|
|
|
$data = $response->json();
|
|
|
|
Log::info('Change Password API Response: ', [$data]);
|
|
|
|
if ($response->successful() && isset($data['code']) && $data['code'] === 200) {
|
|
if (isset($data['data']['access_token'])) {
|
|
session(['token' => $data['data']['access_token']]);
|
|
} elseif (isset($data['data']['token'])) {
|
|
session(['token' => $data['data']['token']]);
|
|
}
|
|
session()->forget('admin_uuid');
|
|
return redirect()->route('my-profile')->with('success', $data['message'] ?? 'Password changed successfully');
|
|
}
|
|
|
|
return redirect()->back()->withErrors(['error' => $data['message'] ?? 'Failed to change password']);
|
|
} catch (\Exception $e) {
|
|
Log::error('Change Password Exception: ' . $e->getMessage());
|
|
return redirect()->back()->withErrors(['error' => 'Password change request failed: ' . $e->getMessage()]);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Handle logout by calling the API
|
|
*/
|
|
public function logout(Request $request)
|
|
{
|
|
$url = "{$this->apiBaseUrl}/logout_cms";
|
|
$csrfToken = $request->session()->token();
|
|
|
|
try {
|
|
Http::withHeaders([
|
|
'X-CSRF-TOKEN' => $csrfToken,
|
|
'Accept' => 'application/json',
|
|
'Authorization' => 'Bearer ' . session('token'),
|
|
])->post($url);
|
|
|
|
session()->flush();
|
|
return redirect()->route('login')->with('success', 'Logged out successfully');
|
|
} catch (\Exception $e) {
|
|
Log::error('Logout Exception: ' . $e->getMessage());
|
|
session()->flush();
|
|
return redirect()->route('login')->with('success', 'Logged out successfully');
|
|
}
|
|
}
|
|
|
|
|
|
} |