From 37a8e1e4fde7d5c7ef13398090c96ef5990f3242 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D0=BD=D0=B4=D1=80=D0=B5=D0=B9=20=D0=90=D0=BB=D0=B5?= =?UTF-8?q?=D0=BA=D1=81=D0=B5=D0=B5=D0=B2?= Date: Mon, 29 Jan 2018 16:33:32 +0300 Subject: [PATCH] Some fixes in AuthenticationController --- .../Api/AuthenticationController.php | 83 +++++++++++-------- 1 file changed, 49 insertions(+), 34 deletions(-) diff --git a/code/app/Http/Controllers/Api/AuthenticationController.php b/code/app/Http/Controllers/Api/AuthenticationController.php index 74a60a1..f4fda4b 100644 --- a/code/app/Http/Controllers/Api/AuthenticationController.php +++ b/code/app/Http/Controllers/Api/AuthenticationController.php @@ -4,6 +4,7 @@ use Auth; use Illuminate\Http\Request; +use Illuminate\Support\Facades\Log; use JWTAuth; use Redirect; use SailWithMe\Constants\ErrorCodes; @@ -16,23 +17,24 @@ class AuthenticationController extends BaseController { + public function login(Request $request) { - // grab credentials from the request - $credentials = $request->only('email', 'password'); - try { - // attempt to verify the credentials and create a token for the user + // grab credentials from the request + $credentials = $request->only('email', 'password'); + + // attempt to verify the credentials and create a token for the user if (!$token = JWTAuth::attempt($credentials)) { - return $this->error('invalid credentials', ErrorCodes::TOKEN_NOT_PROVIDED); + return $this->logError('invalid credentials', ErrorCodes::TOKEN_NOT_PROVIDED); } } catch (JWTException $e) { // something went wrong whilst attempting to encode the token - return $this->error('could not create token', ErrorCodes::TOKEN_CREATION_ERROR); + return $this->logError('could not create token', ErrorCodes::TOKEN_CREATION_ERROR); } // all good so return the token - return $this->success(['token' => $token], ['Authorization' => 'Bearer ' . $token]); + return $this->sendToken($token); } public function register(Request $request, UserService $service) @@ -61,9 +63,9 @@ public function register(Request $request, UserService $service) $user = $service->setUserProperties($user, ['adult' => $data['adult']]); $token = $service->getAuthTokenFromUser($user); - return $this->success(['token' => $token], ['Authorization' => 'Bearer ' . $token]); + return $this->sendToken($token); } catch (BaseException $e) { - return $this->error($e->getMessage(), $e->getCode(), $e->getErrors()); + return $this->logError($e->getMessage(), $e->getCode(), $e->getErrors()); } } @@ -74,9 +76,9 @@ public function logout() JWTAuth::invalidate($token); Auth::logout(); - return $this->success(['token' => ''], ['Authorization' => '']); + return $this->sendToken(); } catch (BaseException $e) { - return $this->error($e->getMessage(), $e->getCode(), $e->getErrors()); + return $this->logError($e->getMessage(), $e->getCode(), $e->getErrors()); } } @@ -86,9 +88,9 @@ public function createReset(Request $request, UserService $service) $email = $request->input('email'); $service->sendResetToken($email); - return $this->success([]); + return $this->sendToken(); } catch (BaseException $exception) { - return $this->error($exception->getMessage(), ErrorCodes::USER_PASSWORD_RESET_ERROR, + return $this->logError($exception->getMessage(), ErrorCodes::USER_PASSWORD_RESET_ERROR, $exception->getErrors()); } } @@ -101,7 +103,7 @@ public function reset(string $token, Request $request, UserService $service) $validator = Validator::make($fields, ['password' => 'required']); if ($validator->fails()) { - return $this->error( + return $this->logError( 'Something wrong! Please check and try again!', ErrorCodes::USER_PASSWORD_RESET_ERROR, ['validationErrors' => $validator->errors()]); @@ -109,9 +111,9 @@ public function reset(string $token, Request $request, UserService $service) $authToken = $service->resetPassword($token, $fields['password']); - return $this->success(['token' => $authToken], ['Authorization' => 'Bearer ' . $authToken]); + return $this->sendToken($authToken); } catch (BaseException $exception) { - return $this->error($exception->getMessage(), ErrorCodes::USER_PASSWORD_RESET_ERROR, + return $this->logError($exception->getMessage(), ErrorCodes::USER_PASSWORD_RESET_ERROR, $exception->getErrors()); } } @@ -122,31 +124,31 @@ public function facebookLogin(Request $request, FacebookService $service) $validator = Validator::make($request->all(), ['access_token' => 'required|string']); if ($validator->fails()) { - return $this->error('Provide facebook access token to login!', ErrorCodes::TOKEN_NOT_PROVIDED); + return $this->logError('Provide facebook access token to login!', ErrorCodes::TOKEN_NOT_PROVIDED); } $accessToken = $request->input('access_token'); $authToken = $service->login($accessToken); - return $this->success(['token' => $authToken], ['Authorization' => 'Bearer ' . $authToken]); + return $this->sendToken($authToken); } catch (BaseException $exception) { - return $this->error($exception->getMessage(), $exception->getCode(), $exception->getErrors()); + return $this->logError($exception->getMessage(), $exception->getCode(), $exception->getErrors()); } } public function linkedInLoginLink(Request $request, LinkedInService $service) { try { - $referer = $request->headers->get('referer'); + $referrer = $request->headers->get('referrer'); - if (!$this->isValidRefererDomain($referer)) { - return Redirect::to(config('app.url')); + if (!$this->isValidRefererDomain($referrer)) { + return redirect(config('app.url')); } - $loginUrl = $service->getLoginUrl($referer); - return Redirect::to($loginUrl, 301); + $loginUrl = $service->getLoginUrl($referrer); + return redirect($loginUrl, 301); } catch (BaseException $e) { - return $this->error($e->getMessage(), $e->getCode(), $e->getErrors()); + return $this->logError($e->getMessage(), $e->getCode(), $e->getErrors()); } } @@ -159,15 +161,15 @@ public function linkedInLogin(Request $request, LinkedInService $service) ]); if ($validator->fails()) { - return $this->error('Callback url is not well formed!', ErrorCodes::UNKNOWN_ERROR); + return $this->logError('Callback url is not well formed!', ErrorCodes::UNKNOWN_ERROR); } $accessData = $service->getAccessTokenAndReturnLink($request->input('code'), $request->input('state')); - return Redirect::to($accessData['return_link'] . '?token=' . $accessData['token'], + return redirect($accessData['return_link'] . '?token=' . $accessData['token'], 301, ['Authorization' => 'Bearer ' . $accessData['token']]); } catch (BaseException $e) { - return $this->error($e->getMessage(), $e->getCode(), $e->getErrors()); + return $this->logError($e->getMessage(), $e->getCode(), $e->getErrors()); } } @@ -177,22 +179,22 @@ public function confirm(string $token, UserService $service) $user = $service->confirmUser($token); $token = $service->getAuthTokenFromUser($user); - return Redirect::to(secure_url('/') . '?token=' . $token); + return redirect(secure_url('/') . '?token=' . $token); } catch (BaseException $e) { - return $this->error($e->getMessage(), $e->getCode(), $e->getErrors()); + return $this->logError($e->getMessage(), $e->getCode(), $e->getErrors()); } } - private function isValidRefererDomain($referer) + private function isValidRefererDomain($referrer) { $domainUrl = config('app.url'); - if (!$referer || strpos($referer, 'http://localhost:3000/') === 0) { + if ( !$referrer || strpos($referrer, 'http://localhost:3000/') === 0) { return true; } - if (strpos($referer, $domainUrl) == 0) { - $uri = str_replace($domainUrl, '', $referer); + if ( strpos($referrer, $domainUrl) == 0) { + $uri = str_replace($domainUrl, '', $referrer); if ($uri[0] == '/') { return true; @@ -201,4 +203,17 @@ private function isValidRefererDomain($referer) return false; } + + protected function logError($message, $errorCode, $errors = []) { + Log::info( + $message, + array_merge([ 'code' => $errorCode ], $errors) + ); + + return $this->error($message, $errorCode, $errors); + } + + protected function sendToken($token = '') { + return $this->success(['token' => $token], ['Authorization' => 'Bearer ' . $token]); + } } \ No newline at end of file