From e3ab6397d933918e5c5fd54e76648d05180c0729 Mon Sep 17 00:00:00 2001 From: sayliraut Date: Fri, 24 May 2024 18:46:52 +0530 Subject: [PATCH 1/2] change --- .../Controllers/Admin/LoginController.php | 1 - app/Providers/AuthServiceProvider.php | 33 +++++++++++++++++++ routes/web.php | 3 +- 3 files changed, 35 insertions(+), 2 deletions(-) create mode 100644 app/Providers/AuthServiceProvider.php diff --git a/app/Http/Controllers/Admin/LoginController.php b/app/Http/Controllers/Admin/LoginController.php index 4b43cbb..cd0291a 100644 --- a/app/Http/Controllers/Admin/LoginController.php +++ b/app/Http/Controllers/Admin/LoginController.php @@ -24,7 +24,6 @@ class LoginController extends Controller public function login(Request $request) { - dd($request); $validatedData = $request->validate([ 'email' => 'required|email', 'password' => 'required|string', diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php new file mode 100644 index 0000000..6624efb --- /dev/null +++ b/app/Providers/AuthServiceProvider.php @@ -0,0 +1,33 @@ + + */ + protected $policies = [ + // + ]; + + /** + * Register any authentication / authorization services. + */ + public function boot() + { + $this->registerPolicies(); + + // Register 'admin' guard + Auth::extend('admin', function ($app, $name, array $config) { + return new \Illuminate\Auth\SessionGuard($name, $this->app['session.store']); + }); + } +} diff --git a/routes/web.php b/routes/web.php index 7a37aaa..eeb17f5 100644 --- a/routes/web.php +++ b/routes/web.php @@ -29,6 +29,7 @@ Route::post('/otp_verify', [LoginController::class, 'verify_otp']); Route::get('/password_reset', [LoginController::class, 'reset_password_page']); Route::post('/password_update', [LoginController::class, 'updatePassword']); +// Route::group(['middleware' => ['checkStatus']], function () { Route::get('/dashboard', [DashboardController ::class, 'index'])->name('dashboard'); @@ -74,6 +75,6 @@ Route::get('/manage-feedback', [ManageFeedbackController ::class, 'index'])->na //*******************************************************manage notification******************************************************** Route::get('/manage-notification', [ManageNotificationsController ::class, 'index'])->name('manage.notification'); - +// }); From e92f23844cc3ba89a40b368dd33cd62bdce325fe Mon Sep 17 00:00:00 2001 From: sayliraut Date: Fri, 24 May 2024 19:40:36 +0530 Subject: [PATCH 2/2] change --- .../Customer_API/ContactUsApiController.php | 79 +++++++++++++++++++ app/Http/Kernel.php | 21 ++--- app/Http/Middleware/Authenticate.php | 17 ++++ app/Http/Middleware/EncryptCookies.php | 17 ++++ .../PreventRequestsDuringMaintenance.php | 17 ++++ .../Middleware/RedirectIfAuthenticated.php | 30 +++++++ .../Middleware/RestaurantApiBasicAuth.php | 49 ++++++++++++ .../Middleware/RestaurantJwtMiddleware.php | 49 ++++++++++++ app/Http/Middleware/TrimStrings.php | 19 +++++ app/Http/Middleware/TrustProxies.php | 28 +++++++ app/Http/Middleware/ValidateSignature.php | 22 ++++++ app/Http/Middleware/VerifyCsrfToken.php | 17 ++++ app/Models/ManageContactus.php | 30 +++++++ .../CustomerAPIs/ContactUsApiServices.php | 48 +++++++++++ ..._074028_create_manage_contact_us_table.php | 46 +++++++++++ routes/customer_api.php | 5 +- 16 files changed, 482 insertions(+), 12 deletions(-) create mode 100644 app/Http/Controllers/Admin/APIs/Customer_API/ContactUsApiController.php create mode 100644 app/Http/Middleware/Authenticate.php create mode 100644 app/Http/Middleware/EncryptCookies.php create mode 100644 app/Http/Middleware/PreventRequestsDuringMaintenance.php create mode 100644 app/Http/Middleware/RedirectIfAuthenticated.php create mode 100644 app/Http/Middleware/RestaurantApiBasicAuth.php create mode 100644 app/Http/Middleware/RestaurantJwtMiddleware.php create mode 100644 app/Http/Middleware/TrimStrings.php create mode 100644 app/Http/Middleware/TrustProxies.php create mode 100644 app/Http/Middleware/ValidateSignature.php create mode 100644 app/Http/Middleware/VerifyCsrfToken.php create mode 100644 app/Models/ManageContactus.php create mode 100644 app/Services/APIs/CustomerAPIs/ContactUsApiServices.php create mode 100644 database/migrations/2024_01_30_074028_create_manage_contact_us_table.php diff --git a/app/Http/Controllers/Admin/APIs/Customer_API/ContactUsApiController.php b/app/Http/Controllers/Admin/APIs/Customer_API/ContactUsApiController.php new file mode 100644 index 0000000..52a518c --- /dev/null +++ b/app/Http/Controllers/Admin/APIs/Customer_API/ContactUsApiController.php @@ -0,0 +1,79 @@ +ContactUsApiServices = $ContactUsApiServices; + } + + /** + * Created By : Sayli Raut + * Created at : 24 May 2024 + * Use : To store Contact Form for customer & restaurant + */ + public function addContactForm(Request $request) + { + + try { + $token = readHeaderToken(); + if ($token) { + $iam_principal_id = $token['sub']; + $validator = $this->validateContactForm($request); + if ($validator->fails()) { + + $validationErrors = $validator->errors()->all(); + Log::error("Contact form validation error: " . implode(", ", $validationErrors)); + + return jsonResponseWithErrorMessageApi($validationErrors, 403); + } + $request['iam_principal_id'] = $iam_principal_id; + + return $this->ContactUsApiServices->addCustomerRestaurantContactForm($request); + } else { + return jsonResponseWithErrorMessageApi(__('auth.user_deleted'), 409); + } + } catch (Exception $e) { + + Log::error('Contact form controller function failed: ' . $e); + return jsonResponseWithErrorMessageApi(__('auth.something_went_wrong'), 500); + } + } + + /** + * Created By : Hritik + * Created at : 30 JAN 2024 + * Use : To validate Customer and Restaurant Contact form data + */ + public function validateContactForm(Request $request) + { + return Validator::make( + $request->all(), + [ + + 'name' => 'required|string|max:50', + 'email' => 'required|email|max:50', + 'message' => 'required', + // 'iam_principal_xid'=>'required|integer' + + + ] + ); + } + + + + +} diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index 52fd40f..e53da37 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -15,11 +15,11 @@ class Kernel extends HttpKernel */ protected $middleware = [ // \App\Http\Middleware\TrustHosts::class, - // \App\Http\Middleware\TrustProxies::class, + \App\Http\Middleware\TrustProxies::class, \Illuminate\Http\Middleware\HandleCors::class, - // \App\Http\Middleware\PreventRequestsDuringMaintenance::class, + \App\Http\Middleware\PreventRequestsDuringMaintenance::class, \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, - // \App\Http\Middleware\TrimStrings::class, + \App\Http\Middleware\TrimStrings::class, \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, ]; @@ -30,11 +30,11 @@ class Kernel extends HttpKernel */ protected $middlewareGroups = [ 'web' => [ - // \App\Http\Middleware\EncryptCookies::class, + \App\Http\Middleware\EncryptCookies::class, \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, \Illuminate\Session\Middleware\StartSession::class, \Illuminate\View\Middleware\ShareErrorsFromSession::class, - // \App\Http\Middleware\VerifyCsrfToken::class, + \App\Http\Middleware\VerifyCsrfToken::class, \Illuminate\Routing\Middleware\SubstituteBindings::class, ], @@ -54,22 +54,23 @@ class Kernel extends HttpKernel */ protected $middlewareAliases = [ 'checkStatus' => \App\Http\Middleware\CheckStatus::class, - // 'auth' => \App\Http\Middleware\Authenticate::class, + 'auth' => \App\Http\Middleware\Authenticate::class, 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class, 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class, 'can' => \Illuminate\Auth\Middleware\Authorize::class, - // 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, + 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class, 'precognitive' => \Illuminate\Foundation\Http\Middleware\HandlePrecognitiveRequests::class, - // 'signed' => \App\Http\Middleware\ValidateSignature::class, + 'signed' => \App\Http\Middleware\ValidateSignature::class, 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, 'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class, + //custom middleware created by hritik on 29-jan-2024 'customerApiBasicAuth' => \App\Http\Middleware\CustomerApiBasicAuth::class, - // 'restaurantApiBasicAuth' => \App\Http\Middleware\RestaurantApiBasicAuth::class, + 'restaurantApiBasicAuth' => \App\Http\Middleware\RestaurantApiBasicAuth::class, 'customer.jwt.verify' => \App\Http\Middleware\CustomerJwtMiddleware::class, - // 'restaurant.jwt.verify' => \App\Http\Middleware\RestaurantJwtMiddleware::class, + 'restaurant.jwt.verify' => \App\Http\Middleware\RestaurantJwtMiddleware::class, ]; } diff --git a/app/Http/Middleware/Authenticate.php b/app/Http/Middleware/Authenticate.php new file mode 100644 index 0000000..d4ef644 --- /dev/null +++ b/app/Http/Middleware/Authenticate.php @@ -0,0 +1,17 @@ +expectsJson() ? null : route('login'); + } +} diff --git a/app/Http/Middleware/EncryptCookies.php b/app/Http/Middleware/EncryptCookies.php new file mode 100644 index 0000000..867695b --- /dev/null +++ b/app/Http/Middleware/EncryptCookies.php @@ -0,0 +1,17 @@ + + */ + protected $except = [ + // + ]; +} diff --git a/app/Http/Middleware/PreventRequestsDuringMaintenance.php b/app/Http/Middleware/PreventRequestsDuringMaintenance.php new file mode 100644 index 0000000..74cbd9a --- /dev/null +++ b/app/Http/Middleware/PreventRequestsDuringMaintenance.php @@ -0,0 +1,17 @@ + + */ + protected $except = [ + // + ]; +} diff --git a/app/Http/Middleware/RedirectIfAuthenticated.php b/app/Http/Middleware/RedirectIfAuthenticated.php new file mode 100644 index 0000000..afc78c4 --- /dev/null +++ b/app/Http/Middleware/RedirectIfAuthenticated.php @@ -0,0 +1,30 @@ +check()) { + return redirect(RouteServiceProvider::HOME); + } + } + + return $next($request); + } +} diff --git a/app/Http/Middleware/RestaurantApiBasicAuth.php b/app/Http/Middleware/RestaurantApiBasicAuth.php new file mode 100644 index 0000000..7696d5b --- /dev/null +++ b/app/Http/Middleware/RestaurantApiBasicAuth.php @@ -0,0 +1,49 @@ +header('Accept-Language'); + if ($locale) { + app()->setLocale($locale); + } + + $authorizedUsers = [ + 'CheersRestaurant' => 'gBMRR~LR2p5&T\-9o1oV{nTX6@D%J!', // Replace with actual credentials + ]; + $authUser = $request->getUser(); + $authPass = $request->getPassword(); + + if (!isset($authorizedUsers[$authUser]) || $authorizedUsers[$authUser] !== $authPass) { + return response()->json([ + 'error' => 'Authorization Required', + 'message' => 'Access denied' + ], 401); + } + + $lang = $request->header('Accept-Language', null); + if (!empty($lang)) { + app()->setLocale($lang); + } + + return $next($request); + } +} diff --git a/app/Http/Middleware/RestaurantJwtMiddleware.php b/app/Http/Middleware/RestaurantJwtMiddleware.php new file mode 100644 index 0000000..3c0ed74 --- /dev/null +++ b/app/Http/Middleware/RestaurantJwtMiddleware.php @@ -0,0 +1,49 @@ +hasHeader('access-token')) { + return response()->json(['status' => 'error', 'status_code' => 401, 'message' => 'Access token not provided'], 401); + } + + // Retrieve the token from the custom access-token header + $token = $request->header('access-token'); + + try { + // Attempt to authenticate the user based on the token + $user = JWTAuth::setToken($token)->authenticate(); + + // Check if the user is of restaurant type + if (!$user ||$user->principal_type_xid !== 4) { + return response()->json(['status' => 'error', 'status_code' => 401, 'message' => 'Unauthorized access'], 401); + } + + Session::flash('RestToken', $token); + } catch (JWTException $e) { + return response()->json(['status' => 'error', 'status_code' => 401, 'message' => 'Invalid token'], 401); + } + + return $next($request); + } +} diff --git a/app/Http/Middleware/TrimStrings.php b/app/Http/Middleware/TrimStrings.php new file mode 100644 index 0000000..88cadca --- /dev/null +++ b/app/Http/Middleware/TrimStrings.php @@ -0,0 +1,19 @@ + + */ + protected $except = [ + 'current_password', + 'password', + 'password_confirmation', + ]; +} diff --git a/app/Http/Middleware/TrustProxies.php b/app/Http/Middleware/TrustProxies.php new file mode 100644 index 0000000..3391630 --- /dev/null +++ b/app/Http/Middleware/TrustProxies.php @@ -0,0 +1,28 @@ +|string|null + */ + protected $proxies; + + /** + * The headers that should be used to detect proxies. + * + * @var int + */ + protected $headers = + Request::HEADER_X_FORWARDED_FOR | + Request::HEADER_X_FORWARDED_HOST | + Request::HEADER_X_FORWARDED_PORT | + Request::HEADER_X_FORWARDED_PROTO | + Request::HEADER_X_FORWARDED_AWS_ELB; +} diff --git a/app/Http/Middleware/ValidateSignature.php b/app/Http/Middleware/ValidateSignature.php new file mode 100644 index 0000000..093bf64 --- /dev/null +++ b/app/Http/Middleware/ValidateSignature.php @@ -0,0 +1,22 @@ + + */ + protected $except = [ + // 'fbclid', + // 'utm_campaign', + // 'utm_content', + // 'utm_medium', + // 'utm_source', + // 'utm_term', + ]; +} diff --git a/app/Http/Middleware/VerifyCsrfToken.php b/app/Http/Middleware/VerifyCsrfToken.php new file mode 100644 index 0000000..9e86521 --- /dev/null +++ b/app/Http/Middleware/VerifyCsrfToken.php @@ -0,0 +1,17 @@ + + */ + protected $except = [ + // + ]; +} diff --git a/app/Models/ManageContactus.php b/app/Models/ManageContactus.php new file mode 100644 index 0000000..85c7d24 --- /dev/null +++ b/app/Models/ManageContactus.php @@ -0,0 +1,30 @@ +first(); + if ($user_data) { + // Create a new instance of ManageContactus model + $contact = new ManageContactus(); + $contact->principal_xid = $user_data->id; + $contact->name = $request->name; + $contact->email = $request->email; + $contact->message = $request->message; + // Save the contact data + $contact->save(); + + DB::commit(); + + //response data + Log::info('Contact form data Created successfully'); + return jsonResponseWithSuccessMessageApi(__('success.save_data'), [], 201); + } else { + Log::error('Contact not found in addVendorContactForm.'); + return jsonResponseWithErrorMessageApi(__('auth.validation_failed'), 403); + } + } catch (Throwable $ex) { + DB::rollBack(); + Log::error('Contact API failed : ' . $ex->getMessage()); + return jsonResponseWithErrorMessageApi(__('auth.something_went_wrong'), 500); + } + } +} diff --git a/database/migrations/2024_01_30_074028_create_manage_contact_us_table.php b/database/migrations/2024_01_30_074028_create_manage_contact_us_table.php new file mode 100644 index 0000000..6ce5977 --- /dev/null +++ b/database/migrations/2024_01_30_074028_create_manage_contact_us_table.php @@ -0,0 +1,46 @@ +id(); + + $table->unsignedBigInteger('principal_xid'); + $table->string('name', 60)->nullable(); + $table->string('email', 100)->nullable(); + $table->longText('message')->nullable(); + $table->boolean('is_reply')->default(false); + $table->longText('reply_message')->nullable(); + + $table->softDeletes(); + $table->foreign('principal_xid')->references('id')->on('iam_principal')->onDelete('cascade'); + $table->timestamps(); + $table->boolean('is_active')->default(1)->comment('1=Active, 0=Deactive'); + $table->integer('created_by')->nullable(); + $table->integer('modified_by')->nullable(); + + + + + }); + } + + /** + * Reverse the migrations. + */ + public function down(): void + { + Schema::dropIfExists('manage_contact_us'); + } +}; diff --git a/routes/customer_api.php b/routes/customer_api.php index bf90acf..1595454 100644 --- a/routes/customer_api.php +++ b/routes/customer_api.php @@ -2,6 +2,7 @@ use App\Http\Controllers\Admin\APIs\Customer_API\AuthController; use App\Http\Controllers\Admin\APIs\Customer_API\CMSApiController; +use App\Http\Controllers\Admin\APIs\Customer_API\ContactUsApiController; use Illuminate\Support\Facades\Route; @@ -26,12 +27,12 @@ Route::get('/v1/list-of-about-us', [CMSApiController::class, 'getAboutUs']); Route::get('/v1/list-of-privacy-policy', [CMSApiController::class, 'getPrivacyPolicy']); Route::get('/v1/list-of-news-articles', [CMSApiController::class, 'getNewsArticles']); +//*******************************************************contact us******************************************************** - +// Route::post('/v1/contact-us', [ContactUsApiController::class, 'addContactForm']); // }); // }); -