Merge pull request #10 from FaZeRs/develop

API Authentication
FaZeRs · Jun 6, 2018 · 99e7685 · 99e7685
2 parents 112665c + 0e1be88
commit 99e7685
Show file tree

Hide file tree

Showing 42 changed files with 11,380 additions and 4,789 deletions.
diff --git a/.gitignore b/.gitignore
@@ -18,4 +18,6 @@ _ide_helper.php
 composer.phar
 error.log
 Todo.rtf
-.vagrant
+.vagrant
+/storage/oauth-private.key
+/storage/oauth-public.key
diff --git a/.styleci.yml b/.styleci.yml
@@ -0,0 +1 @@
+preset: laravel
diff --git a/.travis.yml b/.travis.yml
@@ -17,6 +17,7 @@ before_script:
   - composer install --no-progress --no-interaction --prefer-source --no-suggest
   - php artisan key:generate
   - php artisan migrate
+  - php artisan passport:install
 
 before_install:
   - mysql -e 'CREATE DATABASE homestead;'
@@ -25,4 +26,4 @@ script:
   - composer test
 
 notifications:
-  email: false
+  email: false
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,15 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [1.3.0]  - 2018-06-06
+
+### Added
+- Added API Authentication ([9d2b5d0](https://github.com/FaZeRs/naurislinde.com/commit/9d2b5d0c53b2485bafd3e2a13936da4229a2053e))
+
+### Changed
+- Removed SetLocale middleware ([8a89e5b](https://github.com/FaZeRs/naurislinde.com/commit/8a89e5b5ad6f319eabb6ad5becdc0c5cf2ef7745))
+- Updated dependencies and assets ([5740cb7](https://github.com/FaZeRs/naurislinde.com/commit/5740cb7fa22cceec86ec7f856e87f49c1529c1bc))
+
 ## [1.2.0]  - 2018-05-12
 
 ### Added
@@ -44,6 +53,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## 1.0.0 - 2018-04-25
 - Initial commit.
 
-[Unreleased]: https://github.com/fazers/naurislinde.com/compare/1.2.0...HEAD
+[Unreleased]: https://github.com/fazers/naurislinde.com/compare/1.3.0...HEAD
+[1.3.0]: https://github.com/fazers/naurislinde.com/compare/1.2.0...1.3.0
 [1.2.0]: https://github.com/fazers/naurislinde.com/compare/1.1.0...1.2.0
-[1.1.0]: https://github.com/fazers/naurislinde.com/compare/1.0.0...1.1.0
+[1.1.0]: https://github.com/fazers/naurislinde.com/compare/1.0.0...1.1.0
diff --git a/README.md b/README.md
@@ -106,6 +106,19 @@ yarn dev
 yarn watch
 ```
 
+## REST API
+
+We use [Laravel Passport](https://laravel.com/docs/master/passport). It is an OAuth2 server and API authentication package.
+
+#### API Links
+
+Verb | Path | NamedRoute | Controller | Action | Middleware
+--- | --- | --- | --- | --- | ---
+POST   | /api/login                             |            | \App\Http\Controllers\Api\LoginController           | login | -
+POST   | /api/register                             |            | \App\Http\Controllers\Api\RegisterController           | register | -
+POST   | /api/details                             |            | \App\Http\Controllers\Api\UserController           | details | auth
+POST   | /api/logout                             |            | \App\Http\Controllers\Api\UserController           | logout | auth
+
 ## Running the tests
 
 ```

diff --git a/app/Console/Commands/KeyGenerateCommand.php b/app/Console/Commands/KeyGenerateCommand.php
@@ -41,7 +41,7 @@ public function handle()
         // Next, we will replace the application key in the environment file so it is
         // automatically setup for this developer. This key gets generated using a
         // secure random byte generator and is later base64 encoded for storage.
-        if (!$this->setKeyInEnvironmentFile($key)) {
+        if (! $this->setKeyInEnvironmentFile($key)) {
             return;
         }
 
@@ -72,7 +72,7 @@ protected function generateRandomKey(): string
     protected function setKeyInEnvironmentFile($key): bool
     {
         $currentKey = $this->laravel['config']['app.key'] ?: env('APP_KEY');
-        if (strlen($currentKey) !== 0 && (!$this->confirmToProceed())) {
+        if (strlen($currentKey) !== 0 && (! $this->confirmToProceed())) {
             return false;
         }
         $this->writeNewEnvironmentFileWith($key);

diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php
@@ -3,9 +3,9 @@
 namespace App\Exceptions;
 
 use Exception;
+use Illuminate\Validation\ValidationException;
 use Illuminate\Auth\Access\AuthorizationException;
 use Illuminate\Database\Eloquent\ModelNotFoundException;
-use Illuminate\Validation\ValidationException;
 use Laravel\Lumen\Exceptions\Handler as ExceptionHandler;
 use Symfony\Component\HttpKernel\Exception\HttpException;
 

diff --git a/app/Http/Controllers/Api/ContactController.php b/app/Http/Controllers/Api/ContactController.php
@@ -2,9 +2,9 @@
 
 namespace App\Http\Controllers\Api;
 
-use App\Http\Controllers\Controller;
-use App\Mail\Contact\SendContact;
 use Illuminate\Http\Request;
+use App\Mail\Contact\SendContact;
+use App\Http\Controllers\Controller;
 use Illuminate\Support\Facades\Mail;
 
 /**

diff --git a/app/Http/Controllers/Api/LoginController.php b/app/Http/Controllers/Api/LoginController.php
@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Models\User;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use Illuminate\Support\Facades\Hash;
+
+class LoginController extends Controller
+{
+    public function login(Request $request)
+    {
+        $this->validate($request, [
+            'email' => 'required|email',
+            'password' => 'required',
+        ]);
+
+        $user = User::where('email', $request->get('email'))->first();
+
+        if ($user) {
+            if (Hash::check($request->get('password'), $user->password)) {
+                $success['token'] = $user->createToken('Portfolio')->accessToken;
+
+                return response()->json(['success' => $success], 200);
+            }
+        }
+
+        return response()->json(['error' => 'These credentials do not match our records.'], 401);
+    }
+}
diff --git a/app/Http/Controllers/Api/RegisterController.php b/app/Http/Controllers/Api/RegisterController.php
@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Models\User;
+use Illuminate\Http\Request;
+use Illuminate\Validation\Rule;
+use App\Http\Controllers\Controller;
+
+class RegisterController extends Controller
+{
+    public function register(Request $request)
+    {
+        $data = $this->validate($request, [
+            'name' => 'required|string|max:191',
+            'email' => ['required', 'string', 'email', 'max:191', Rule::unique('users')],
+            'password' => 'required|string|min:9|confirmed|strong_password',
+        ]);
+
+        $data['password'] = bcrypt($data['password']);
+        $user = User::create($data);
+        $success['token'] = $user->createToken('Portfolio')->accessToken;
+        $success['name'] = $user->name;
+
+        return response()->json(['success' => $success], 200);
+    }
+}
diff --git a/app/Http/Controllers/Api/UserController.php b/app/Http/Controllers/Api/UserController.php
@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use Illuminate\Support\Facades\DB;
+use App\Http\Controllers\Controller;
+
+class UserController extends Controller
+{
+    public function details()
+    {
+        $user = auth()->user();
+
+        return response()->json(['details' => $user], 200);
+    }
+
+    public function logout()
+    {
+        $accessToken = auth()->user()->token();
+
+        DB::table('oauth_refresh_tokens')->where('access_token_id', $accessToken->id)->update([
+            'revoked' => true,
+        ]);
+
+        $accessToken->revoke();
+
+        return response()->json(['success' => 'You have successfully logged out'], 200);
+    }
+}
diff --git a/app/Http/Middleware/AdminMiddleware.php b/app/Http/Middleware/AdminMiddleware.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+class AdminMiddleware
+{
+    /**
+     * Handle an incoming request. User must be logged in to do admin check.
+     *
+     * @param  \Illuminate\Http\Request $request
+     * @param  \Closure $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        if (auth()->user()->isAdmin()) {
+            return $next($request);
+        }
+
+        return response('Unauthorized.', 401);
+    }
+}
diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php
@@ -0,0 +1,44 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Contracts\Auth\Factory as Auth;
+
+class Authenticate
+{
+    /**
+     * The authentication guard factory instance.
+     *
+     * @var \Illuminate\Contracts\Auth\Factory
+     */
+    protected $auth;
+
+    /**
+     * Create a new middleware instance.
+     *
+     * @param  \Illuminate\Contracts\Auth\Factory $auth
+     * @return void
+     */
+    public function __construct(Auth $auth)
+    {
+        $this->auth = $auth;
+    }
+
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request $request
+     * @param  \Closure $next
+     * @param  string|null $guard
+     * @return mixed
+     */
+    public function handle($request, Closure $next, $guard = null)
+    {
+        if ($this->auth->guard($guard)->guest()) {
+            return response('Unauthorized.', 401);
+        }
+
+        return $next($request);
+    }
+}
diff --git a/app/Http/Middleware/SetLocale.php b/app/Http/Middleware/SetLocale.php
diff --git a/app/Mail/Contact/SendContact.php b/app/Mail/Contact/SendContact.php
@@ -3,11 +3,11 @@
 namespace App\Mail\Contact;
 
 use Illuminate\Bus\Queueable;
-use Illuminate\Contracts\Queue\ShouldQueue;
-use Illuminate\Foundation\Bus\Dispatchable;
 use Illuminate\Mail\Mailable;
-use Illuminate\Queue\InteractsWithQueue;
 use Illuminate\Queue\SerializesModels;
+use Illuminate\Queue\InteractsWithQueue;
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Foundation\Bus\Dispatchable;
 
 /**
  * Class SendContact.