197 lines
5.3 KiB
PHP
197 lines
5.3 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Models\User;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Illuminate\Validation\ValidationException;
|
|
|
|
class AuthController extends Controller
|
|
{
|
|
/**
|
|
* Registriere einen neuen User.
|
|
*/
|
|
public function register(Request $request)
|
|
{
|
|
$validated = $request->validate([
|
|
'name' => 'required|string|max:255',
|
|
'email' => 'required|email|unique:users',
|
|
'password' => 'required|string|min:8|confirmed',
|
|
'role' => 'sometimes|in:user,organizer',
|
|
]);
|
|
|
|
// Standardrolle ist 'user', kann aber auf 'organizer' gesetzt werden
|
|
$validated['role'] = $validated['role'] ?? 'user';
|
|
|
|
$user = User::create([
|
|
'name' => $validated['name'],
|
|
'email' => $validated['email'],
|
|
'password' => Hash::make($validated['password']),
|
|
'role' => $validated['role'],
|
|
]);
|
|
|
|
$token = $user->createToken('auth_token')->plainTextToken;
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'message' => 'User erfolgreich registriert',
|
|
'user' => $user,
|
|
'token' => $token,
|
|
], 201);
|
|
}
|
|
|
|
/**
|
|
* Login mit Email und Passwort.
|
|
*/
|
|
public function login(Request $request)
|
|
{
|
|
$validated = $request->validate([
|
|
'email' => 'required|email',
|
|
'password' => 'required|string',
|
|
]);
|
|
|
|
$user = User::where('email', $validated['email'])->first();
|
|
|
|
if (!$user || !Hash::check($validated['password'], $user->password)) {
|
|
throw ValidationException::withMessages([
|
|
'email' => ['Die eingegebenen Anmeldedaten sind ungültig.'],
|
|
]);
|
|
}
|
|
|
|
$token = $user->createToken('auth_token')->plainTextToken;
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'message' => 'Login erfolgreich',
|
|
'user' => $user,
|
|
'token' => $token,
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Web-Login mit Session (für Blade-Views).
|
|
*/
|
|
public function webLogin(Request $request)
|
|
{
|
|
$credentials = $request->validate([
|
|
'email' => 'required|email',
|
|
'password' => 'required|string',
|
|
]);
|
|
|
|
if (Auth::attempt($credentials, $request->boolean('remember'))) {
|
|
$request->session()->regenerate();
|
|
return redirect()->intended('/');
|
|
}
|
|
|
|
return back()->withErrors([
|
|
'email' => 'Die eingegebenen Anmeldedaten sind ungültig.',
|
|
])->onlyInput('email');
|
|
}
|
|
|
|
/**
|
|
* Web-Registrierung mit Session.
|
|
*/
|
|
public function webRegister(Request $request)
|
|
{
|
|
$validated = $request->validate([
|
|
'name' => 'required|string|max:255',
|
|
'email' => 'required|email|unique:users',
|
|
'password' => 'required|string|min:8|confirmed',
|
|
]);
|
|
|
|
$user = User::create([
|
|
'name' => $validated['name'],
|
|
'email' => $validated['email'],
|
|
'password' => Hash::make($validated['password']),
|
|
'role' => 'user',
|
|
]);
|
|
|
|
Auth::login($user);
|
|
$request->session()->regenerate();
|
|
|
|
return redirect('/');
|
|
}
|
|
|
|
/**
|
|
* Web-Logout (Session beenden).
|
|
*/
|
|
public function webLogout(Request $request)
|
|
{
|
|
Auth::logout();
|
|
$request->session()->invalidate();
|
|
$request->session()->regenerateToken();
|
|
return redirect('/');
|
|
}
|
|
|
|
/**
|
|
* Logout - Token löschen (API).
|
|
*/
|
|
public function logout(Request $request)
|
|
{
|
|
$request->user()->currentAccessToken()->delete();
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'message' => 'Logout erfolgreich',
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Aktuellen User abrufen.
|
|
*/
|
|
public function me(Request $request)
|
|
{
|
|
return response()->json([
|
|
'success' => true,
|
|
'user' => $request->user(),
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* User-Profil aktualisieren.
|
|
*/
|
|
public function updateProfile(Request $request)
|
|
{
|
|
$validated = $request->validate([
|
|
'name' => 'sometimes|string|max:255',
|
|
'email' => 'sometimes|email|unique:users,email,' . $request->user()->id,
|
|
]);
|
|
|
|
$request->user()->update($validated);
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'message' => 'Profil aktualisiert',
|
|
'user' => $request->user(),
|
|
]);
|
|
}
|
|
|
|
/**
|
|
* Passwort ändern.
|
|
*/
|
|
public function changePassword(Request $request)
|
|
{
|
|
$validated = $request->validate([
|
|
'current_password' => 'required|string',
|
|
'password' => 'required|string|min:8|confirmed',
|
|
]);
|
|
|
|
if (!Hash::check($validated['current_password'], $request->user()->password)) {
|
|
throw ValidationException::withMessages([
|
|
'current_password' => ['Das aktuelle Passwort ist ungültig.'],
|
|
]);
|
|
}
|
|
|
|
$request->user()->update([
|
|
'password' => Hash::make($validated['password']),
|
|
]);
|
|
|
|
return response()->json([
|
|
'success' => true,
|
|
'message' => 'Passwort geändert',
|
|
]);
|
|
}
|
|
}
|