From f1704116b3984f6a7b6840149e5d3f5125c8a6b2 Mon Sep 17 00:00:00 2001 From: sayliraut Date: Thu, 23 May 2024 16:06:53 +0530 Subject: [PATCH] first commit --- .../Controllers/Admin/LoginController.php | 41 +++ app/Http/Helpers/Webhelper.php | 168 ++++++++++ composer.json | 13 +- composer.lock | 226 ++++++++++++- config/jwt.php | 301 ++++++++++++++++++ .../views/Admin/layouts/app_login.blade.php | 86 ++--- .../views/Admin/pages/auth/login.blade.php | 118 +++++++ routes/web.php | 33 +- 8 files changed, 911 insertions(+), 75 deletions(-) create mode 100644 app/Http/Controllers/Admin/LoginController.php create mode 100644 app/Http/Helpers/Webhelper.php create mode 100644 config/jwt.php create mode 100644 resources/views/Admin/pages/auth/login.blade.php diff --git a/app/Http/Controllers/Admin/LoginController.php b/app/Http/Controllers/Admin/LoginController.php new file mode 100644 index 0000000..4d85ef6 --- /dev/null +++ b/app/Http/Controllers/Admin/LoginController.php @@ -0,0 +1,41 @@ +validate([ + 'email' => 'required|email', + 'password' => 'required|string', + ]); + + $user = IamPrincipal::where('email_address', $validatedData['email'])->first(); + + if ($user) { + if (Hash::check($validatedData['password'], $user->password)) { + + // Log in the user explicitly + Auth::guard('admin')->login($user); + return jsonResponseWithSuccessMessage(__('success.authentic_success'), 200); + } else { + return jsonResponseWithErrorMessage(__('auth.password'), 401); + } + } else { + return jsonResponseWithErrorMessage(__('auth.email'), 401); + } + } +} diff --git a/app/Http/Helpers/Webhelper.php b/app/Http/Helpers/Webhelper.php new file mode 100644 index 0000000..04a152f --- /dev/null +++ b/app/Http/Helpers/Webhelper.php @@ -0,0 +1,168 @@ + 'success', + 'status_code' => $statusCode, + 'message' => $message, + 'data' => $data, + ]; + return response()->json($response, $statusCode); + + // Stop further execution (optional) + exit(); + } +} + +/** + * Created By : sayli raut + * Created at : 24 jan 2024 + * Use : Json response with error message for API + */ +if (!function_exists('jsonResponseWithErrorMessageApi')) { + function jsonResponseWithErrorMessageApi($errorMessage, $statusCode = 500) + { + // Set the HTTP status code + http_response_code($statusCode); + + // Prepare the response array + $response = [ + 'status' => 'error', + 'status_code' => $statusCode, + 'message' => $errorMessage, + ]; + return response()->json($response, $statusCode); + + // Stop further execution (optional) + exit(); + } +} + +/** + * Created by : sayli raut + * Created at : 24 Jan 2024 + * Use : To return error json response for admin + */ +if (!function_exists('jsonResponseWithErrorMessage')) { + function jsonResponseWithErrorMessage($errorMessage) + { + $response = [ + 'status' => 'error', + 'message' => $errorMessage, + ]; + return response()->json($response); + + // Stop further execution (optional) + exit(); + } +} + +/** + * Created by : sayli raut + * Created at : 24 Jan 2024 + * Use : To return success json response for admin + */ +if (!function_exists('jsonResponseWithSuccessMessage')) { + function jsonResponseWithSuccessMessage($message, $data = []) + { + $statusCode = 200; + // Prepare the response array + $response = [ + 'status' => 'success', + 'status_code' => $statusCode, + 'message' => $message, + 'data' => $data, + ]; + return response()->json($response, $statusCode); + + // Stop further execution (optional) + exit(); + } +} + +/** + * Created by : Pradyumn Dwivedi + * Created On : 11-May-2022 + * Uses: This function will be used to full search data in api. + */ +if (!function_exists('fullSearchQuery')) { + function fullSearchQuery($query, $word, $columns) + { + $orwords = explode('|', $columns); + $query = $query->where(function ($query) use ($word, $orwords) { + foreach ($orwords as $key) { + $query->orWhere($key, 'like', '%' . $word . '%'); + } + }); + return $query; + } +} + +/** + * Created by : sayli raut + * Created at : 24 Feb 2024 + * Use : To check and validate to customer token + */ +if (!function_exists('readHeaderToken')) { + function readHeaderToken() + { + $tokenData = Session::get('vendorToken'); + $token = JWTAuth::setToken($tokenData)->getPayload(); + // dd("tokendata",$tokenData,$token['sub'],$token['iat']); + //convert iat to readable format + $iat = date('Y-m-d H:i:s', $token['iat']); + + // check token issued time for single device login + // ['last_login_datetime', $iat] + + $check_iat = IamPrincipal::where([['id', $token['sub']],])->first(); + // dd($check_iat); + if ($check_iat) { + return $token; + } else { + return false; + } + } +} + +/** + * Created by : sayli raut + * Created at : 24 jan 2024 + * Use : To check and validate login restaurant user token + */ +if (!function_exists('readRestHeaderToken')) { + function readRestHeaderToken() + { + $tokenData = Session::get('RestToken'); + $token = JWTAuth::setToken($tokenData)->getPayload(); + + //convert iat to readable format + $iat = date('Y-m-d H:i:s', $token['iat']); + + // check token issued time for single device login + $check_iat = IamPrincipal::where([['id', $token['sub']], ['is_active', '1']])->first(); + if ($check_iat) { + return $token; + } else { + return false; + } + } +} diff --git a/composer.json b/composer.json index 7a91ca2..12aa3b1 100644 --- a/composer.json +++ b/composer.json @@ -2,7 +2,10 @@ "name": "laravel/laravel", "type": "project", "description": "The skeleton application for the Laravel framework.", - "keywords": ["laravel", "framework"], + "keywords": [ + "laravel", + "framework" + ], "license": "MIT", "require": { "php": "^8.2", @@ -10,7 +13,8 @@ "laravel/jetstream": "^5.1", "laravel/sanctum": "^4.0", "laravel/tinker": "^2.9", - "livewire/livewire": "^3.0" + "livewire/livewire": "^3.0", + "tymon/jwt-auth": "^2.1" }, "require-dev": { "fakerphp/faker": "^1.23", @@ -26,7 +30,10 @@ "App\\": "app/", "Database\\Factories\\": "database/factories/", "Database\\Seeders\\": "database/seeders/" - } + }, + "files": [ + "app/Http/Helpers/Webhelper.php" + ] }, "autoload-dev": { "psr-4": { diff --git a/composer.lock b/composer.lock index 330a382..7261bf4 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "9cb0fb52670e960b0d7260d1b2e12a99", + "content-hash": "e805067d0b9c7a47812cc3d4b85e8b42", "packages": [ { "name": "bacon/bacon-qr-code", @@ -1739,6 +1739,144 @@ }, "time": "2024-01-04T16:10:04+00:00" }, + { + "name": "lcobucci/clock", + "version": "3.2.0", + "source": { + "type": "git", + "url": "https://github.com/lcobucci/clock.git", + "reference": "6f28b826ea01306b07980cb8320ab30b966cd715" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/lcobucci/clock/zipball/6f28b826ea01306b07980cb8320ab30b966cd715", + "reference": "6f28b826ea01306b07980cb8320ab30b966cd715", + "shasum": "" + }, + "require": { + "php": "~8.2.0 || ~8.3.0", + "psr/clock": "^1.0" + }, + "provide": { + "psr/clock-implementation": "1.0" + }, + "require-dev": { + "infection/infection": "^0.27", + "lcobucci/coding-standard": "^11.0.0", + "phpstan/extension-installer": "^1.3.1", + "phpstan/phpstan": "^1.10.25", + "phpstan/phpstan-deprecation-rules": "^1.1.3", + "phpstan/phpstan-phpunit": "^1.3.13", + "phpstan/phpstan-strict-rules": "^1.5.1", + "phpunit/phpunit": "^10.2.3" + }, + "type": "library", + "autoload": { + "psr-4": { + "Lcobucci\\Clock\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Luís Cobucci", + "email": "lcobucci@gmail.com" + } + ], + "description": "Yet another clock abstraction", + "support": { + "issues": "https://github.com/lcobucci/clock/issues", + "source": "https://github.com/lcobucci/clock/tree/3.2.0" + }, + "funding": [ + { + "url": "https://github.com/lcobucci", + "type": "github" + }, + { + "url": "https://www.patreon.com/lcobucci", + "type": "patreon" + } + ], + "time": "2023-11-17T17:00:27+00:00" + }, + { + "name": "lcobucci/jwt", + "version": "4.3.0", + "source": { + "type": "git", + "url": "https://github.com/lcobucci/jwt.git", + "reference": "4d7de2fe0d51a96418c0d04004986e410e87f6b4" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/lcobucci/jwt/zipball/4d7de2fe0d51a96418c0d04004986e410e87f6b4", + "reference": "4d7de2fe0d51a96418c0d04004986e410e87f6b4", + "shasum": "" + }, + "require": { + "ext-hash": "*", + "ext-json": "*", + "ext-mbstring": "*", + "ext-openssl": "*", + "ext-sodium": "*", + "lcobucci/clock": "^2.0 || ^3.0", + "php": "^7.4 || ^8.0" + }, + "require-dev": { + "infection/infection": "^0.21", + "lcobucci/coding-standard": "^6.0", + "mikey179/vfsstream": "^1.6.7", + "phpbench/phpbench": "^1.2", + "phpstan/extension-installer": "^1.0", + "phpstan/phpstan": "^1.4", + "phpstan/phpstan-deprecation-rules": "^1.0", + "phpstan/phpstan-phpunit": "^1.0", + "phpstan/phpstan-strict-rules": "^1.0", + "phpunit/php-invoker": "^3.1", + "phpunit/phpunit": "^9.5" + }, + "type": "library", + "autoload": { + "psr-4": { + "Lcobucci\\JWT\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Luís Cobucci", + "email": "lcobucci@gmail.com", + "role": "Developer" + } + ], + "description": "A simple library to work with JSON Web Token and JSON Web Signature", + "keywords": [ + "JWS", + "jwt" + ], + "support": { + "issues": "https://github.com/lcobucci/jwt/issues", + "source": "https://github.com/lcobucci/jwt/tree/4.3.0" + }, + "funding": [ + { + "url": "https://github.com/lcobucci", + "type": "github" + }, + { + "url": "https://www.patreon.com/lcobucci", + "type": "patreon" + } + ], + "time": "2023-01-02T13:28:00+00:00" + }, { "name": "league/commonmark", "version": "2.4.2", @@ -6035,6 +6173,90 @@ }, "time": "2023-12-08T13:03:43+00:00" }, + { + "name": "tymon/jwt-auth", + "version": "2.1.1", + "source": { + "type": "git", + "url": "https://github.com/tymondesigns/jwt-auth.git", + "reference": "51620ebd5b68bb3ce9e66ba86bda303ae5f10f7f" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/tymondesigns/jwt-auth/zipball/51620ebd5b68bb3ce9e66ba86bda303ae5f10f7f", + "reference": "51620ebd5b68bb3ce9e66ba86bda303ae5f10f7f", + "shasum": "" + }, + "require": { + "illuminate/auth": "^9.0|^10.0|^11.0", + "illuminate/contracts": "^9.0|^10.0|^11.0", + "illuminate/http": "^9.0|^10.0|^11.0", + "illuminate/support": "^9.0|^10.0|^11.0", + "lcobucci/jwt": "^4.0", + "nesbot/carbon": "^2.0|^3.0", + "php": "^8.0" + }, + "require-dev": { + "illuminate/console": "^9.0|^10.0|^11.0", + "illuminate/database": "^9.0|^10.0|^11.0", + "illuminate/routing": "^9.0|^10.0|^11.0", + "mockery/mockery": ">=0.9.9", + "phpunit/phpunit": "^9.4" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-develop": "1.0-dev", + "dev-2.x": "2.0-dev" + }, + "laravel": { + "aliases": { + "JWTAuth": "Tymon\\JWTAuth\\Facades\\JWTAuth", + "JWTFactory": "Tymon\\JWTAuth\\Facades\\JWTFactory" + }, + "providers": [ + "Tymon\\JWTAuth\\Providers\\LaravelServiceProvider" + ] + } + }, + "autoload": { + "psr-4": { + "Tymon\\JWTAuth\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Sean Tymon", + "email": "tymon148@gmail.com", + "homepage": "https://tymon.xyz", + "role": "Developer" + } + ], + "description": "JSON Web Token Authentication for Laravel and Lumen", + "homepage": "https://github.com/tymondesigns/jwt-auth", + "keywords": [ + "Authentication", + "JSON Web Token", + "auth", + "jwt", + "laravel" + ], + "support": { + "issues": "https://github.com/tymondesigns/jwt-auth/issues", + "source": "https://github.com/tymondesigns/jwt-auth" + }, + "funding": [ + { + "url": "https://www.patreon.com/seantymon", + "type": "patreon" + } + ], + "time": "2024-03-14T19:29:49+00:00" + }, { "name": "vlucas/phpdotenv", "version": "v5.6.0", @@ -8708,5 +8930,5 @@ "php": "^8.2" }, "platform-dev": [], - "plugin-api-version": "2.6.0" + "plugin-api-version": "2.3.0" } diff --git a/config/jwt.php b/config/jwt.php new file mode 100644 index 0000000..f83234d --- /dev/null +++ b/config/jwt.php @@ -0,0 +1,301 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +return [ + + /* + |-------------------------------------------------------------------------- + | JWT Authentication Secret + |-------------------------------------------------------------------------- + | + | Don't forget to set this in your .env file, as it will be used to sign + | your tokens. A helper command is provided for this: + | `php artisan jwt:secret` + | + | Note: This will be used for Symmetric algorithms only (HMAC), + | since RSA and ECDSA use a private/public key combo (See below). + | + */ + + 'secret' => env('JWT_SECRET'), + + /* + |-------------------------------------------------------------------------- + | JWT Authentication Keys + |-------------------------------------------------------------------------- + | + | The algorithm you are using, will determine whether your tokens are + | signed with a random string (defined in `JWT_SECRET`) or using the + | following public & private keys. + | + | Symmetric Algorithms: + | HS256, HS384 & HS512 will use `JWT_SECRET`. + | + | Asymmetric Algorithms: + | RS256, RS384 & RS512 / ES256, ES384 & ES512 will use the keys below. + | + */ + + 'keys' => [ + + /* + |-------------------------------------------------------------------------- + | Public Key + |-------------------------------------------------------------------------- + | + | A path or resource to your public key. + | + | E.g. 'file://path/to/public/key' + | + */ + + 'public' => env('JWT_PUBLIC_KEY'), + + /* + |-------------------------------------------------------------------------- + | Private Key + |-------------------------------------------------------------------------- + | + | A path or resource to your private key. + | + | E.g. 'file://path/to/private/key' + | + */ + + 'private' => env('JWT_PRIVATE_KEY'), + + /* + |-------------------------------------------------------------------------- + | Passphrase + |-------------------------------------------------------------------------- + | + | The passphrase for your private key. Can be null if none set. + | + */ + + 'passphrase' => env('JWT_PASSPHRASE'), + + ], + + /* + |-------------------------------------------------------------------------- + | JWT time to live + |-------------------------------------------------------------------------- + | + | Specify the length of time (in minutes) that the token will be valid for. + | Defaults to 1 hour. + | + | You can also set this to null, to yield a never expiring token. + | Some people may want this behaviour for e.g. a mobile app. + | This is not particularly recommended, so make sure you have appropriate + | systems in place to revoke the token if necessary. + | Notice: If you set this to null you should remove 'exp' element from 'required_claims' list. + | + */ + + 'ttl' => env('JWT_TTL', 60), + + /* + |-------------------------------------------------------------------------- + | Refresh time to live + |-------------------------------------------------------------------------- + | + | Specify the length of time (in minutes) that the token can be refreshed + | within. I.E. The user can refresh their token within a 2 week window of + | the original token being created until they must re-authenticate. + | Defaults to 2 weeks. + | + | You can also set this to null, to yield an infinite refresh time. + | Some may want this instead of never expiring tokens for e.g. a mobile app. + | This is not particularly recommended, so make sure you have appropriate + | systems in place to revoke the token if necessary. + | + */ + + 'refresh_ttl' => env('JWT_REFRESH_TTL', 20160), + + /* + |-------------------------------------------------------------------------- + | JWT hashing algorithm + |-------------------------------------------------------------------------- + | + | Specify the hashing algorithm that will be used to sign the token. + | + */ + + 'algo' => env('JWT_ALGO', Tymon\JWTAuth\Providers\JWT\Provider::ALGO_HS256), + + /* + |-------------------------------------------------------------------------- + | Required Claims + |-------------------------------------------------------------------------- + | + | Specify the required claims that must exist in any token. + | A TokenInvalidException will be thrown if any of these claims are not + | present in the payload. + | + */ + + 'required_claims' => [ + 'iss', + 'iat', + 'exp', + 'nbf', + 'sub', + 'jti', + ], + + /* + |-------------------------------------------------------------------------- + | Persistent Claims + |-------------------------------------------------------------------------- + | + | Specify the claim keys to be persisted when refreshing a token. + | `sub` and `iat` will automatically be persisted, in + | addition to the these claims. + | + | Note: If a claim does not exist then it will be ignored. + | + */ + + 'persistent_claims' => [ + // 'foo', + // 'bar', + ], + + /* + |-------------------------------------------------------------------------- + | Lock Subject + |-------------------------------------------------------------------------- + | + | This will determine whether a `prv` claim is automatically added to + | the token. The purpose of this is to ensure that if you have multiple + | authentication models e.g. `App\User` & `App\OtherPerson`, then we + | should prevent one authentication request from impersonating another, + | if 2 tokens happen to have the same id across the 2 different models. + | + | Under specific circumstances, you may want to disable this behaviour + | e.g. if you only have one authentication model, then you would save + | a little on token size. + | + */ + + 'lock_subject' => true, + + /* + |-------------------------------------------------------------------------- + | Leeway + |-------------------------------------------------------------------------- + | + | This property gives the jwt timestamp claims some "leeway". + | Meaning that if you have any unavoidable slight clock skew on + | any of your servers then this will afford you some level of cushioning. + | + | This applies to the claims `iat`, `nbf` and `exp`. + | + | Specify in seconds - only if you know you need it. + | + */ + + 'leeway' => env('JWT_LEEWAY', 0), + + /* + |-------------------------------------------------------------------------- + | Blacklist Enabled + |-------------------------------------------------------------------------- + | + | In order to invalidate tokens, you must have the blacklist enabled. + | If you do not want or need this functionality, then set this to false. + | + */ + + 'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true), + + /* + | ------------------------------------------------------------------------- + | Blacklist Grace Period + | ------------------------------------------------------------------------- + | + | When multiple concurrent requests are made with the same JWT, + | it is possible that some of them fail, due to token regeneration + | on every request. + | + | Set grace period in seconds to prevent parallel request failure. + | + */ + + 'blacklist_grace_period' => env('JWT_BLACKLIST_GRACE_PERIOD', 0), + + /* + |-------------------------------------------------------------------------- + | Cookies encryption + |-------------------------------------------------------------------------- + | + | By default Laravel encrypt cookies for security reason. + | If you decide to not decrypt cookies, you will have to configure Laravel + | to not encrypt your cookie token by adding its name into the $except + | array available in the middleware "EncryptCookies" provided by Laravel. + | see https://laravel.com/docs/master/responses#cookies-and-encryption + | for details. + | + | Set it to true if you want to decrypt cookies. + | + */ + + 'decrypt_cookies' => false, + + /* + |-------------------------------------------------------------------------- + | Providers + |-------------------------------------------------------------------------- + | + | Specify the various providers used throughout the package. + | + */ + + 'providers' => [ + + /* + |-------------------------------------------------------------------------- + | JWT Provider + |-------------------------------------------------------------------------- + | + | Specify the provider that is used to create and decode the tokens. + | + */ + + 'jwt' => Tymon\JWTAuth\Providers\JWT\Lcobucci::class, + + /* + |-------------------------------------------------------------------------- + | Authentication Provider + |-------------------------------------------------------------------------- + | + | Specify the provider that is used to authenticate users. + | + */ + + 'auth' => Tymon\JWTAuth\Providers\Auth\Illuminate::class, + + /* + |-------------------------------------------------------------------------- + | Storage Provider + |-------------------------------------------------------------------------- + | + | Specify the provider that is used to store tokens in the blacklist. + | + */ + + 'storage' => Tymon\JWTAuth\Providers\Storage\Illuminate::class, + + ], + +]; diff --git a/resources/views/Admin/layouts/app_login.blade.php b/resources/views/Admin/layouts/app_login.blade.php index 392d090..986faa8 100644 --- a/resources/views/Admin/layouts/app_login.blade.php +++ b/resources/views/Admin/layouts/app_login.blade.php @@ -8,31 +8,31 @@ @yield('title') - + - + - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + @@ -72,28 +72,28 @@ - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + @@ -102,5 +102,5 @@ - - \ No newline at end of file + + diff --git a/resources/views/Admin/pages/auth/login.blade.php b/resources/views/Admin/pages/auth/login.blade.php new file mode 100644 index 0000000..c57ff64 --- /dev/null +++ b/resources/views/Admin/pages/auth/login.blade.php @@ -0,0 +1,118 @@ +@extends('admin.layouts.app_login') +@section('title', 'Cheers To Season - login') +@section('content') +
+
+
+ +
+
+ +
+ +@endsection +@section('scripts') + + + + +@endsection diff --git a/routes/web.php b/routes/web.php index f4712ab..6d19c0f 100644 --- a/routes/web.php +++ b/routes/web.php @@ -3,7 +3,7 @@ use Illuminate\Support\Facades\Route; use App\Http\Controllers\Admin\ManageProfileController; use App\Http\Controllers\Admin\ManageCustomerController; -use App\Http\Controllers\Admin\ManageRestrauntController; +use App\Http\Controllers\Admin\ManageRestrauntController; use App\Http\Controllers\Admin\ManageSubAdminController; use App\Http\Controllers\Admin\ManagePassportController; use App\Http\Controllers\Admin\ManageVouchersController; @@ -18,34 +18,13 @@ use App\Http\Controllers\Admin\ManageReportsController; use App\Http\Controllers\Admin\ManageFeedbackController; use App\Http\Controllers\Admin\ManageNotificationsController; use App\Http\Controllers\Admin\DashboardController ; +use App\Http\Controllers\Admin\LoginController; + +Route::get('/', [LoginController::class, 'index'])->name('login'); +Route::post('/check_login', [LoginController::class, 'login']); - - - - - - - - - - - - -Route::get('/', function () { - return view('dashboard'); -}); - -// Route::middleware([ -// 'auth:sanctum', -// config('jetstream.auth_session'), -// 'verified', -// ])->group(function () { -// Route::get('/dashboard', function () { -// return view('dashboard'); -// })->name('dashboard'); -// }); Route::get('/dashboard', [DashboardController ::class, 'index'])->name('dashboard'); Route::get('/profile', [ManageProfileController ::class, 'index'])->name('profile'); @@ -90,5 +69,5 @@ Route::get('/manage-feedback', [ManageFeedbackController ::class, 'index'])->na Route::get('/manage-notification', [ManageNotificationsController ::class, 'index'])->name('manage.notification'); - +