10 |
11 |
12 |
29 |
--------------------------------------------------------------------------------
/database/migrations/2014_10_12_100000_create_password_resets_table.php:
--------------------------------------------------------------------------------
1 | string('email')->index();
18 | $table->string('token');
19 | $table->timestamp('created_at')->nullable();
20 | });
21 | }
22 |
23 | /**
24 | * Reverse the migrations.
25 | *
26 | * @return void
27 | */
28 | public function down()
29 | {
30 | Schema::dropIfExists('password_resets');
31 | }
32 | }
33 |
--------------------------------------------------------------------------------
/app/Providers/EventServiceProvider.php:
--------------------------------------------------------------------------------
1 | [
19 | SendEmailVerificationNotification::class,
20 | ],
21 | ];
22 |
23 | /**
24 | * Register any events for your application.
25 | *
26 | * @return void
27 | */
28 | public function boot()
29 | {
30 | parent::boot();
31 |
32 | //
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/resources/lang/en/passwords.php:
--------------------------------------------------------------------------------
1 | 'Passwords must be at least six characters and match the confirmation.',
17 | 'reset' => 'Your password has been reset!',
18 | 'sent' => 'We have e-mailed your password reset link!',
19 | 'token' => 'This password reset token is invalid.',
20 | 'user' => "We can't find a user with that e-mail address.",
21 |
22 | ];
23 |
--------------------------------------------------------------------------------
/app/Mail/ForgotPassword.php:
--------------------------------------------------------------------------------
1 | resetUrlWithToken = $resetUrlWithToken;
26 | }
27 |
28 | /**
29 | * Build the message.
30 | *
31 | * @return $this
32 | */
33 | public function build()
34 | {
35 | return $this->markdown('emails.auth.forgotPassword');
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/database/factories/UserFactory.php:
--------------------------------------------------------------------------------
1 | define(App\User::class, function (Faker $faker) {
17 | return [
18 | 'name' => $faker->name,
19 | 'email' => $faker->unique()->safeEmail,
20 | 'email_verified_at' => now(),
21 | 'password' => '$2y$10$TKh8H1.PfQx37YgCzwiKb.KjNyWgaHb9cbcoQgdIVFlYg7B77UdFm', // secret
22 | 'remember_token' => str_random(10),
23 | ];
24 | });
25 |
--------------------------------------------------------------------------------
/app/Http/Controllers/ResponseController.php:
--------------------------------------------------------------------------------
1 | json($response, $code);
19 | }
20 |
21 |
22 | /**
23 | * return error response.
24 | *
25 | * @return \Illuminate\Http\JsonResponse
26 | */
27 | public function sendError($error, $code = 404) // , $errorMessages = []
28 | {
29 | $response = [
30 | // 'success' => false,
31 | 'message' => $error
32 | ];
33 |
34 | return response()->json($response, $code);
35 | }
36 | }
37 |
--------------------------------------------------------------------------------
/app/Http/Requests/ResetPasswordRequest.php:
--------------------------------------------------------------------------------
1 | config('validation.reset_password_token'),
28 | 'email' => 'required|' . config('validation.email'),
29 | 'password' => config('validation.password')
30 | // 'password_confirmation' => 'required|string|min:6|same:password'
31 | ];
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/app/Mail/EmailVerify.php:
--------------------------------------------------------------------------------
1 | emailVerifyUrl = $emailVerifyUrl;
25 | $this->afterSignup = $afterSignup;
26 | }
27 |
28 | /**
29 | * Build the message.
30 | *
31 | * @return $this
32 | */
33 | public function build()
34 | {
35 | return $this->markdown($this->afterSignup ? 'emails.auth.emailVerify' : 'emails.profile.emailVerify');
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/database/migrations/2014_10_12_000000_create_users_table.php:
--------------------------------------------------------------------------------
1 | increments('id');
18 | $table->string('name');
19 | $table->string('email')->unique();
20 | $table->timestamp('email_verified_at')->nullable();
21 | $table->string('password');
22 | $table->rememberToken();
23 | $table->timestamps();
24 | });
25 | }
26 |
27 | /**
28 | * Reverse the migrations.
29 | *
30 | * @return void
31 | */
32 | public function down()
33 | {
34 | Schema::dropIfExists('users');
35 | }
36 | }
37 |
--------------------------------------------------------------------------------
/app/Console/Kernel.php:
--------------------------------------------------------------------------------
1 | command('inspire')
28 | // ->hourly();
29 | }
30 |
31 | /**
32 | * Register the commands for the application.
33 | *
34 | * @return void
35 | */
36 | protected function commands()
37 | {
38 | $this->load(__DIR__.'/Commands');
39 |
40 | require base_path('routes/console.php');
41 | }
42 | }
43 |
--------------------------------------------------------------------------------
/app/Notifications/VerifyEmail.php:
--------------------------------------------------------------------------------
1 | addMinutes(60), ['id' => $notifiable->getKey()]
29 | );
30 |
31 | return $prefix . urlencode($temporarySignedURL);
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/app/Http/Controllers/Auth/LoginController.php:
--------------------------------------------------------------------------------
1 | middleware('guest')->except('logout');
38 | }
39 | }
40 |
--------------------------------------------------------------------------------
/config/view.php:
--------------------------------------------------------------------------------
1 | [
17 | resource_path('views'),
18 | ],
19 |
20 | /*
21 | |--------------------------------------------------------------------------
22 | | Compiled View Path
23 | |--------------------------------------------------------------------------
24 | |
25 | | This option determines where all the compiled Blade templates will be
26 | | stored for your application. Typically, this is within the storage
27 | | directory. However, as usual, you are free to change this value.
28 | |
29 | */
30 |
31 | 'compiled' => env(
32 | 'VIEW_COMPILED_PATH',
33 | realpath(storage_path('framework/views'))
34 | ),
35 |
36 | ];
37 |
--------------------------------------------------------------------------------
/resources/js/router/index.js:
--------------------------------------------------------------------------------
1 | import Vue from 'vue';
2 | import VueRouter from 'vue-router';
3 |
4 | Vue.use(VueRouter);
5 |
6 | import DashBoard from '../pages/Dashboard';
7 | import VerifyEmail from '../pages/auth/VerifyEmail';
8 | import ForgotPassword from '../pages/auth/ForgotPassword';
9 | import ForgotPasswordEmail from '../pages/auth/ForgotPasswordEmail';
10 |
11 | const routes = [
12 | {
13 | path: '/',
14 | component: DashBoard,
15 | name: 'dashboard'
16 | },
17 | {
18 | path: '/asd',
19 | component: DashBoard,
20 | name: 'asd'
21 | },
22 |
23 | {
24 | name: 'verify-email',
25 | path: '/email/verify',
26 | component:VerifyEmail,
27 | },
28 | {
29 | name: 'forgot-password',
30 | path: '/forgot-password',
31 | component: ForgotPassword,
32 |
33 | },
34 | {
35 | name:'password-reset',
36 | path:'/profile/forgot-password-reset/:token/:email',
37 | component: ForgotPasswordEmail,
38 | },
39 | {
40 | path: "*",
41 | component: DashBoard
42 | },
43 |
44 |
45 | ];
46 |
47 | export default new VueRouter({
48 | mode: 'history',
49 | routes
50 | })
51 |
--------------------------------------------------------------------------------
/phpunit.xml:
--------------------------------------------------------------------------------
1 |
2 |
11 |
12 |
13 | ./tests/Unit
14 |
15 |
16 |
17 | ./tests/Feature
18 |
19 |
20 |
21 |
22 | ./app
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
--------------------------------------------------------------------------------
/routes/api.php:
--------------------------------------------------------------------------------
1 | 'auth'
6 | ], function () {
7 | Route::post('login', 'AuthController@login');
8 | Route::post('logout', 'AuthController@logout');
9 | Route::post('refresh', 'AuthController@refresh');
10 | Route::post('me', 'AuthController@me');
11 | Route::post('payload', 'AuthController@payload');
12 | Route::post('register','Auth\RegisterController@create');
13 | Route::post('forgot-password-email', 'Auth\ForgotPasswordController@sendResetLinkEmail');
14 | Route::post('forgot-password-reset', 'Auth\ResetPasswordController@reset');
15 | });
16 |
17 |
18 | Route::middleware(['auth:api'])->group(function () {
19 | // Email Verification Routes...
20 | Route::post('email/verify/{id}', 'Auth\VerificationController@verify')->name('verification.verify');
21 | Route::post('email/resend', 'Auth\VerificationController@resend')->name('verification.resend');
22 | Route::post('email/verify', 'Auth\VerificationController@show')->name('verification.notice');
23 | });
24 |
25 | Route::group(['namespace' => 'Profile','prefix'=>'profile'], function () {
26 | // Current user
27 | Route::group(['prefix' => 'current', 'middleware' => ['auth:api']], function () {
28 | Route::post('set-password', 'ProfileController@setPassword');
29 | });
30 | });
31 |
--------------------------------------------------------------------------------
/resources/js/pages/auth/ForgotPasswordEmail.vue:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
37 |
38 |
41 |
--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
1 | {
2 | "private": true,
3 | "scripts": {
4 | "dev": "npm run development",
5 | "development": "cross-env NODE_ENV=development node_modules/webpack/bin/webpack.js --progress --hide-modules --config=node_modules/laravel-mix/setup/webpack.config.js",
6 | "watch": "npm run development -- --watch",
7 | "watch-poll": "npm run watch -- --watch-poll",
8 | "hot": "cross-env NODE_ENV=development node_modules/webpack-dev-server/bin/webpack-dev-server.js --inline --hot --config=node_modules/laravel-mix/setup/webpack.config.js",
9 | "prod": "npm run production",
10 | "production": "cross-env NODE_ENV=production node_modules/webpack/bin/webpack.js --no-progress --hide-modules --config=node_modules/laravel-mix/setup/webpack.config.js"
11 | },
12 | "devDependencies": {
13 | "axios": "^0.18",
14 | "bootstrap": ">=4.3.1",
15 | "cross-env": "^5.1",
16 | "jquery": "^3.2",
17 | "laravel-mix": "^4.0.7",
18 | "lodash": "^4.17.5",
19 | "popper.js": "^1.12",
20 | "resolve-url-loader": "^2.3.1",
21 | "sass": "^1.15.2",
22 | "sass-loader": "^7.1.0",
23 | "vue": "^2.5.17",
24 | "vue-template-compiler": "^2.5.22"
25 | },
26 | "dependencies": {
27 | "vue-router": "^3.0.2",
28 | "vuex": "^3.1.0"
29 | }
30 | }
31 |
--------------------------------------------------------------------------------
/config/services.php:
--------------------------------------------------------------------------------
1 | [
18 | 'domain' => env('MAILGUN_DOMAIN'),
19 | 'secret' => env('MAILGUN_SECRET'),
20 | 'endpoint' => env('MAILGUN_ENDPOINT', 'api.mailgun.net'),
21 | ],
22 |
23 | 'ses' => [
24 | 'key' => env('SES_KEY'),
25 | 'secret' => env('SES_SECRET'),
26 | 'region' => env('SES_REGION', 'us-east-1'),
27 | ],
28 |
29 | 'sparkpost' => [
30 | 'secret' => env('SPARKPOST_SECRET'),
31 | ],
32 |
33 | 'stripe' => [
34 | 'model' => App\User::class,
35 | 'key' => env('STRIPE_KEY'),
36 | 'secret' => env('STRIPE_SECRET'),
37 | 'webhook' => [
38 | 'secret' => env('STRIPE_WEBHOOK_SECRET'),
39 | 'tolerance' => env('STRIPE_WEBHOOK_TOLERANCE', 300),
40 | ],
41 | ],
42 |
43 | ];
44 |
--------------------------------------------------------------------------------
/app/User.php:
--------------------------------------------------------------------------------
1 | getKey();
43 | }
44 |
45 | /**
46 | * Return a key value array, containing any custom claims to be added to the JWT.
47 | *
48 | * @return array
49 | */
50 | public function getJWTCustomClaims()
51 | {
52 | return [];
53 | }
54 |
55 | public function sendEmailVerificationNotification()
56 | {
57 | $this->notify(new VerifyEmail); // my notification
58 | }
59 | }
60 |
--------------------------------------------------------------------------------
/app/Traits/AuthTokenResponses.php:
--------------------------------------------------------------------------------
1 | setToken($token)->getPayload()->toArray();
17 | // Возврашает ответ с токеном
18 | return [
19 | 'accessToken' => $token,
20 | 'expiresIn' => $payload['exp'],
21 | 'issuedAt' => $payload['iat'],
22 | 'refreshTokenExpiresIn' => Carbon::createFromTimestamp($payload['iat'])
23 | ->addMinutes(config('jwt.refresh_ttl'))
24 | ->getTimestamp()
25 | // 'token_type' => 'Bearer'
26 | ];
27 | }
28 |
29 | /**
30 | * @param User $user
31 | * @return array
32 | */
33 | protected function tokenDataAndUser(User $user)
34 | {
35 | // login user
36 | if ((!auth()->user() && $user) || (auth()->user() && auth()->id() !== $user->id)) {
37 | auth()->login($user);
38 | event(new Login('api', $user, false)); // false - its remember
39 | }
40 |
41 | $token = auth()->fromUser(auth()->user());
42 |
43 | return [
44 | 'tokenInfo' => $this->tokenData($token),
45 | 'user' => $this->userData()
46 | ];
47 | }
48 |
49 | protected function userData()
50 | {
51 | return new UserResource(auth()->user());
52 | }
53 | }
54 |
--------------------------------------------------------------------------------
/config/hashing.php:
--------------------------------------------------------------------------------
1 | 'bcrypt',
19 |
20 | /*
21 | |--------------------------------------------------------------------------
22 | | Bcrypt Options
23 | |--------------------------------------------------------------------------
24 | |
25 | | Here you may specify the configuration options that should be used when
26 | | passwords are hashed using the Bcrypt algorithm. This will allow you
27 | | to control the amount of time it takes to hash the given password.
28 | |
29 | */
30 |
31 | 'bcrypt' => [
32 | 'rounds' => env('BCRYPT_ROUNDS', 10),
33 | ],
34 |
35 | /*
36 | |--------------------------------------------------------------------------
37 | | Argon Options
38 | |--------------------------------------------------------------------------
39 | |
40 | | Here you may specify the configuration options that should be used when
41 | | passwords are hashed using the Argon algorithm. These will allow you
42 | | to control the amount of time it takes to hash the given password.
43 | |
44 | */
45 |
46 | 'argon' => [
47 | 'memory' => 1024,
48 | 'threads' => 2,
49 | 'time' => 2,
50 | ],
51 |
52 | ];
53 |
--------------------------------------------------------------------------------
/resources/js/components/Navbar.vue:
--------------------------------------------------------------------------------
1 |
2 |
33 |
34 |
--------------------------------------------------------------------------------
/bootstrap/app.php:
--------------------------------------------------------------------------------
1 | singleton(
30 | Illuminate\Contracts\Http\Kernel::class,
31 | App\Http\Kernel::class
32 | );
33 |
34 | $app->singleton(
35 | Illuminate\Contracts\Console\Kernel::class,
36 | App\Console\Kernel::class
37 | );
38 |
39 | $app->singleton(
40 | Illuminate\Contracts\Debug\ExceptionHandler::class,
41 | App\Exceptions\Handler::class
42 | );
43 |
44 | /*
45 | |--------------------------------------------------------------------------
46 | | Return The Application
47 | |--------------------------------------------------------------------------
48 | |
49 | | This script returns the application instance. The instance is given to
50 | | the calling script so we can separate the building of the instances
51 | | from the actual running of the application and sending responses.
52 | |
53 | */
54 |
55 | return $app;
56 |
--------------------------------------------------------------------------------
/composer.json:
--------------------------------------------------------------------------------
1 | {
2 | "name": "laravel/laravel",
3 | "type": "project",
4 | "description": "The Laravel Framework.",
5 | "keywords": [
6 | "framework",
7 | "laravel"
8 | ],
9 | "license": "MIT",
10 | "require": {
11 | "php": "^7.1.3",
12 | "fideloper/proxy": "^4.0",
13 | "laravel/framework": "5.7.*",
14 | "laravel/tinker": "^1.0",
15 | "tymon/jwt-auth": "^1.0.0-rc.2"
16 | },
17 | "require-dev": {
18 | "beyondcode/laravel-dump-server": "^1.0",
19 | "filp/whoops": "^2.0",
20 | "fzaninotto/faker": "^1.4",
21 | "mockery/mockery": "^1.0",
22 | "nunomaduro/collision": "^2.0",
23 | "phpunit/phpunit": "^7.0"
24 | },
25 | "config": {
26 | "optimize-autoloader": true,
27 | "preferred-install": "dist",
28 | "sort-packages": true
29 | },
30 | "extra": {
31 | "laravel": {
32 | "dont-discover": []
33 | }
34 | },
35 | "autoload": {
36 | "psr-4": {
37 | "App\\": "app/"
38 | },
39 | "classmap": [
40 | "database/seeds",
41 | "database/factories"
42 | ]
43 | },
44 | "autoload-dev": {
45 | "psr-4": {
46 | "Tests\\": "tests/"
47 | }
48 | },
49 | "minimum-stability": "dev",
50 | "prefer-stable": true,
51 | "scripts": {
52 | "post-autoload-dump": [
53 | "Illuminate\\Foundation\\ComposerScripts::postAutoloadDump",
54 | "@php artisan package:discover --ansi"
55 | ],
56 | "post-root-package-install": [
57 | "@php -r \"file_exists('.env') || copy('.env.example', '.env');\""
58 | ],
59 | "post-create-project-cmd": [
60 | "@php artisan key:generate --ansi"
61 | ]
62 | }
63 | }
64 |
--------------------------------------------------------------------------------
/config/broadcasting.php:
--------------------------------------------------------------------------------
1 | env('BROADCAST_DRIVER', 'null'),
19 |
20 | /*
21 | |--------------------------------------------------------------------------
22 | | Broadcast Connections
23 | |--------------------------------------------------------------------------
24 | |
25 | | Here you may define all of the broadcast connections that will be used
26 | | to broadcast events to other systems or over websockets. Samples of
27 | | each available type of connection are provided inside this array.
28 | |
29 | */
30 |
31 | 'connections' => [
32 |
33 | 'pusher' => [
34 | 'driver' => 'pusher',
35 | 'key' => env('PUSHER_APP_KEY'),
36 | 'secret' => env('PUSHER_APP_SECRET'),
37 | 'app_id' => env('PUSHER_APP_ID'),
38 | 'options' => [
39 | 'cluster' => env('PUSHER_APP_CLUSTER'),
40 | 'encrypted' => true,
41 | ],
42 | ],
43 |
44 | 'redis' => [
45 | 'driver' => 'redis',
46 | 'connection' => 'default',
47 | ],
48 |
49 | 'log' => [
50 | 'driver' => 'log',
51 | ],
52 |
53 | 'null' => [
54 | 'driver' => 'null',
55 | ],
56 |
57 | ],
58 |
59 | ];
60 |
--------------------------------------------------------------------------------
/app/Providers/RouteServiceProvider.php:
--------------------------------------------------------------------------------
1 | mapApiRoutes();
39 |
40 | $this->mapWebRoutes();
41 |
42 | //
43 | }
44 |
45 | /**
46 | * Define the "web" routes for the application.
47 | *
48 | * These routes all receive session state, CSRF protection, etc.
49 | *
50 | * @return void
51 | */
52 | protected function mapWebRoutes()
53 | {
54 | Route::middleware('web')
55 | ->namespace($this->namespace)
56 | ->group(base_path('routes/web.php'));
57 | }
58 |
59 | /**
60 | * Define the "api" routes for the application.
61 | *
62 | * These routes are typically stateless.
63 | *
64 | * @return void
65 | */
66 | protected function mapApiRoutes()
67 | {
68 | Route::prefix('api')
69 | ->middleware('api')
70 | ->namespace($this->namespace)
71 | ->group(base_path('routes/api.php'));
72 | }
73 | }
74 |
--------------------------------------------------------------------------------
/artisan:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env php
2 | make(Illuminate\Contracts\Console\Kernel::class);
34 |
35 | $status = $kernel->handle(
36 | $input = new Symfony\Component\Console\Input\ArgvInput,
37 | new Symfony\Component\Console\Output\ConsoleOutput
38 | );
39 |
40 | /*
41 | |--------------------------------------------------------------------------
42 | | Shutdown The Application
43 | |--------------------------------------------------------------------------
44 | |
45 | | Once Artisan has finished running, we will fire off the shutdown events
46 | | so that any final work may be done by the application before we shut
47 | | down the process. This is the last thing to happen to the request.
48 | |
49 | */
50 |
51 | $kernel->terminate($input, $status);
52 |
53 | exit($status);
54 |
--------------------------------------------------------------------------------
/app/Http/Controllers/Auth/ForgotPasswordController.php:
--------------------------------------------------------------------------------
1 | email;
36 | $resetUrlForReplace = urldecode($request->resetUrl);
37 |
38 | $user = User::where('email', $email)->first();
39 |
40 | if (!$user) {
41 | return $this->sendError(trans('passwords.user'), 404);
42 | }
43 |
44 | $token = $this->broker()->createToken($user);
45 | $resetUrl = str_replace(['', ''], [$token, $email], $resetUrlForReplace);
46 | Mail::to([
47 | 'email' => $email
48 | ])->send(new ForgotPassword($resetUrl));
49 |
50 | return $this->sendResponse(NULL, trans('passwords.sent'));
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/app/Exceptions/Handler.php:
--------------------------------------------------------------------------------
1 | json(['error'=>'Token is Invalid'],400);
54 | }
55 |
56 | elseif ($exception instanceof TokenExpiredException) {
57 | return response()->json(['error'=>"Token is Expired"],400);
58 | }
59 | elseif ($exception instanceof JWTException) {
60 | return response()->json(['error'=>"There is problem your token"],400);
61 | }
62 | return parent::render($request, $exception);
63 | }
64 | }
65 |
--------------------------------------------------------------------------------
/resources/js/bootstrap.js:
--------------------------------------------------------------------------------
1 |
2 | window._ = require('lodash');
3 |
4 | /**
5 | * We'll load jQuery and the Bootstrap jQuery plugin which provides support
6 | * for JavaScript based Bootstrap features such as modals and tabs. This
7 | * code may be modified to fit the specific needs of your application.
8 | */
9 |
10 | try {
11 | window.Popper = require('popper.js').default;
12 | window.$ = window.jQuery = require('jquery');
13 |
14 | require('bootstrap');
15 | } catch (e) {}
16 |
17 | /**
18 | * We'll load the axios HTTP library which allows us to easily issue requests
19 | * to our Laravel back-end. This library automatically handles sending the
20 | * CSRF token as a header based on the value of the "XSRF" token cookie.
21 | */
22 |
23 | window.axios = require('axios');
24 |
25 | window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
26 |
27 | /**
28 | * Next we will register the CSRF Token as a common header with Axios so that
29 | * all outgoing HTTP requests automatically have it attached. This is just
30 | * a simple convenience so we don't have to attach every token manually.
31 | */
32 |
33 | let token = document.head.querySelector('meta[name="csrf-token"]');
34 |
35 | if (token) {
36 | window.axios.defaults.headers.common['X-CSRF-TOKEN'] = token.content;
37 | console.log("Çalıştı")
38 | } else {
39 | console.error('CSRF token not found: https://laravel.com/docs/csrf#csrf-x-csrf-token');
40 | }
41 |
42 | /**
43 | * Echo exposes an expressive API for subscribing to channels and listening
44 | * for events that are broadcast by Laravel. Echo and event broadcasting
45 | * allows your team to easily build robust real-time web applications.
46 | */
47 |
48 | // import Echo from 'laravel-echo'
49 |
50 | // window.Pusher = require('pusher-js');
51 |
52 | // window.Echo = new Echo({
53 | // broadcaster: 'pusher',
54 | // key: process.env.MIX_PUSHER_APP_KEY,
55 | // cluster: process.env.MIX_PUSHER_APP_CLUSTER,
56 | // encrypted: true
57 | // });
58 |
--------------------------------------------------------------------------------
/app/Http/Controllers/Profile/ProfileController.php:
--------------------------------------------------------------------------------
1 | user();
21 |
22 | $currentPassword = $request->currentPassword;
23 | $newPassword = $request->newPassword;
24 |
25 | if (Hash::check($newPassword, $user->password)) {
26 | return $this->sendError('You had such a password!', 422);
27 | }
28 |
29 | if (!Hash::check($currentPassword, $user->password)) {
30 | return $this->sendError('Invalid current password', 422);
31 | }
32 |
33 | $hashedNewPassword = Hash::make($newPassword);
34 | $user->password = $hashedNewPassword;
35 | $user->save();
36 |
37 | return $this->sendResponse([
38 | 'user' => new UserResource($user),
39 | 'message' => 'Password changed successfully!'
40 | ]);
41 | }
42 |
43 | public function setUserData(Request $request)
44 | {
45 | $user = auth()->user();
46 |
47 | $fields = collect($request->all())->keyBy(function ($value, $key) {
48 | return snake_case($key);
49 | })->all();
50 |
51 | $user->fill($fields)->save();
52 | // 'first_name' => $request->firstName,
53 | // 'last_name' => $request->lastName,
54 | // 'gender' => $request->gender,
55 | // 'birthday' => $request->birthday,
56 | // 'timezone' => $request->timezone,
57 | // 'country' => $request->country
58 |
59 | return new UserResource($user);
60 | }
61 |
62 |
63 | }
64 |
--------------------------------------------------------------------------------
/public/index.php:
--------------------------------------------------------------------------------
1 |
8 | */
9 |
10 | define('LARAVEL_START', microtime(true));
11 |
12 | /*
13 | |--------------------------------------------------------------------------
14 | | Register The Auto Loader
15 | |--------------------------------------------------------------------------
16 | |
17 | | Composer provides a convenient, automatically generated class loader for
18 | | our application. We just need to utilize it! We'll simply require it
19 | | into the script here so that we don't have to worry about manual
20 | | loading any of our classes later on. It feels great to relax.
21 | |
22 | */
23 |
24 | require __DIR__.'/../vendor/autoload.php';
25 |
26 | /*
27 | |--------------------------------------------------------------------------
28 | | Turn On The Lights
29 | |--------------------------------------------------------------------------
30 | |
31 | | We need to illuminate PHP development, so let us turn on the lights.
32 | | This bootstraps the framework and gets it ready for use, then it
33 | | will load up this application so that we can run it and send
34 | | the responses back to the browser and delight our users.
35 | |
36 | */
37 |
38 | $app = require_once __DIR__.'/../bootstrap/app.php';
39 |
40 | /*
41 | |--------------------------------------------------------------------------
42 | | Run The Application
43 | |--------------------------------------------------------------------------
44 | |
45 | | Once we have the application, we can handle the incoming request
46 | | through the kernel, and send the associated response back to
47 | | the client's browser allowing them to enjoy the creative
48 | | and wonderful application we have prepared for them.
49 | |
50 | */
51 |
52 | $kernel = $app->make(Illuminate\Contracts\Http\Kernel::class);
53 |
54 | $response = $kernel->handle(
55 | $request = Illuminate\Http\Request::capture()
56 | );
57 |
58 | $response->send();
59 |
60 | $kernel->terminate($request, $response);
61 |
--------------------------------------------------------------------------------
/app/Http/Controllers/AuthController.php:
--------------------------------------------------------------------------------
1 | middleware('jwt', ['except' => ['login']]);
18 | }
19 |
20 | /**
21 | * Get a JWT via given credentials.
22 | *
23 | * @return \Illuminate\Http\JsonResponse
24 | */
25 | public function login()
26 | {
27 | $credentials = request(['email', 'password']);
28 |
29 | if (! $token = auth()->attempt($credentials)) {
30 | return response()->json(['error' => 'Unauthorized'], 401);
31 | }
32 |
33 | return $this->respondWithToken($token);
34 | }
35 |
36 | /**
37 | * Get the authenticated User.
38 | *
39 | * @return \Illuminate\Http\JsonResponse
40 | */
41 | public function me()
42 | {
43 | return response()->json(auth()->user());
44 | }
45 |
46 | /**
47 | * Log the user out (Invalidate the token).
48 | *
49 | * @return \Illuminate\Http\JsonResponse
50 | */
51 | public function logout()
52 | {
53 | auth()->logout();
54 |
55 | return response()->json(['message' => 'Successfully logged out']);
56 | }
57 |
58 | /**
59 | * Refresh a token.
60 | *
61 | * @return \Illuminate\Http\JsonResponse
62 | */
63 | public function refresh()
64 | {
65 | return $this->respondWithToken(auth()->refresh());
66 | }
67 |
68 | /**
69 | * Get the token array structure.
70 | *
71 | * @param string $token
72 | *
73 | * @return \Illuminate\Http\JsonResponse
74 | */
75 | protected function respondWithToken($token)
76 | {
77 | return response()->json([
78 | 'access_token' => $token,
79 | 'token_type' => 'bearer',
80 | 'expires_in' => auth()->factory()->getTTL() * 60
81 | ]);
82 | }
83 |
84 | public function payload() {
85 | return auth()->payload();
86 | }
87 | }
88 |
--------------------------------------------------------------------------------
/app/Http/Controllers/Auth/RegisterController.php:
--------------------------------------------------------------------------------
1 | middleware('guest');
43 | }
44 |
45 | /**
46 | * Get a validator for an incoming registration request.
47 | *
48 | * @param array $data
49 | * @return \Illuminate\Contracts\Validation\Validator
50 | */
51 | protected function validator(array $data)
52 | {
53 | return Validator::make($data, [
54 |
55 | ]);
56 | }
57 |
58 | /**
59 | * Create a new user instance after a valid registration.
60 | *
61 | * @param array $data
62 | * @return \App\User
63 | */
64 | protected function create(RegisterRequest $request)
65 | {
66 | $user = User::create([
67 | 'name' => $request['name'],
68 | 'email' => $request['email'],
69 | 'password' => Hash::make($request['password']),
70 | ]);
71 | event(new Registered($user));
72 | return response()->json([
73 | 'success'=>true,
74 | 'message'=>'Register success'
75 | ]);
76 | }
77 | }
78 |
--------------------------------------------------------------------------------
/config/filesystems.php:
--------------------------------------------------------------------------------
1 | env('FILESYSTEM_DRIVER', 'local'),
17 |
18 | /*
19 | |--------------------------------------------------------------------------
20 | | Default Cloud Filesystem Disk
21 | |--------------------------------------------------------------------------
22 | |
23 | | Many applications store files both locally and in the cloud. For this
24 | | reason, you may specify a default "cloud" driver here. This driver
25 | | will be bound as the Cloud disk implementation in the container.
26 | |
27 | */
28 |
29 | 'cloud' => env('FILESYSTEM_CLOUD', 's3'),
30 |
31 | /*
32 | |--------------------------------------------------------------------------
33 | | Filesystem Disks
34 | |--------------------------------------------------------------------------
35 | |
36 | | Here you may configure as many filesystem "disks" as you wish, and you
37 | | may even configure multiple disks of the same driver. Defaults have
38 | | been setup for each driver as an example of the required options.
39 | |
40 | | Supported Drivers: "local", "ftp", "sftp", "s3", "rackspace"
41 | |
42 | */
43 |
44 | 'disks' => [
45 |
46 | 'local' => [
47 | 'driver' => 'local',
48 | 'root' => storage_path('app'),
49 | ],
50 |
51 | 'public' => [
52 | 'driver' => 'local',
53 | 'root' => storage_path('app/public'),
54 | 'url' => env('APP_URL').'/storage',
55 | 'visibility' => 'public',
56 | ],
57 |
58 | 's3' => [
59 | 'driver' => 's3',
60 | 'key' => env('AWS_ACCESS_KEY_ID'),
61 | 'secret' => env('AWS_SECRET_ACCESS_KEY'),
62 | 'region' => env('AWS_DEFAULT_REGION'),
63 | 'bucket' => env('AWS_BUCKET'),
64 | 'url' => env('AWS_URL'),
65 | ],
66 |
67 | ],
68 |
69 | ];
70 |
--------------------------------------------------------------------------------
/config/queue.php:
--------------------------------------------------------------------------------
1 | env('QUEUE_CONNECTION', 'sync'),
17 |
18 | /*
19 | |--------------------------------------------------------------------------
20 | | Queue Connections
21 | |--------------------------------------------------------------------------
22 | |
23 | | Here you may configure the connection information for each server that
24 | | is used by your application. A default configuration has been added
25 | | for each back-end shipped with Laravel. You are free to add more.
26 | |
27 | | Drivers: "sync", "database", "beanstalkd", "sqs", "redis", "null"
28 | |
29 | */
30 |
31 | 'connections' => [
32 |
33 | 'sync' => [
34 | 'driver' => 'sync',
35 | ],
36 |
37 | 'database' => [
38 | 'driver' => 'database',
39 | 'table' => 'jobs',
40 | 'queue' => 'default',
41 | 'retry_after' => 90,
42 | ],
43 |
44 | 'beanstalkd' => [
45 | 'driver' => 'beanstalkd',
46 | 'host' => 'localhost',
47 | 'queue' => 'default',
48 | 'retry_after' => 90,
49 | ],
50 |
51 | 'sqs' => [
52 | 'driver' => 'sqs',
53 | 'key' => env('SQS_KEY', 'your-public-key'),
54 | 'secret' => env('SQS_SECRET', 'your-secret-key'),
55 | 'prefix' => env('SQS_PREFIX', 'https://sqs.us-east-1.amazonaws.com/your-account-id'),
56 | 'queue' => env('SQS_QUEUE', 'your-queue-name'),
57 | 'region' => env('SQS_REGION', 'us-east-1'),
58 | ],
59 |
60 | 'redis' => [
61 | 'driver' => 'redis',
62 | 'connection' => 'default',
63 | 'queue' => env('REDIS_QUEUE', 'default'),
64 | 'retry_after' => 90,
65 | 'block_for' => null,
66 | ],
67 |
68 | ],
69 |
70 | /*
71 | |--------------------------------------------------------------------------
72 | | Failed Queue Jobs
73 | |--------------------------------------------------------------------------
74 | |
75 | | These options configure the behavior of failed queue job logging so you
76 | | can control which database and table are used to store the jobs that
77 | | have failed. You may change them to any database / table you wish.
78 | |
79 | */
80 |
81 | 'failed' => [
82 | 'database' => env('DB_CONNECTION', 'mysql'),
83 | 'table' => 'failed_jobs',
84 | ],
85 |
86 | ];
87 |
--------------------------------------------------------------------------------
/config/logging.php:
--------------------------------------------------------------------------------
1 | env('LOG_CHANNEL', 'stack'),
20 |
21 | /*
22 | |--------------------------------------------------------------------------
23 | | Log Channels
24 | |--------------------------------------------------------------------------
25 | |
26 | | Here you may configure the log channels for your application. Out of
27 | | the box, Laravel uses the Monolog PHP logging library. This gives
28 | | you a variety of powerful log handlers / formatters to utilize.
29 | |
30 | | Available Drivers: "single", "daily", "slack", "syslog",
31 | | "errorlog", "monolog",
32 | | "custom", "stack"
33 | |
34 | */
35 |
36 | 'channels' => [
37 | 'stack' => [
38 | 'driver' => 'stack',
39 | 'channels' => ['daily'],
40 | ],
41 |
42 | 'single' => [
43 | 'driver' => 'single',
44 | 'path' => storage_path('logs/laravel.log'),
45 | 'level' => 'debug',
46 | ],
47 |
48 | 'daily' => [
49 | 'driver' => 'daily',
50 | 'path' => storage_path('logs/laravel.log'),
51 | 'level' => 'debug',
52 | 'days' => 14,
53 | ],
54 |
55 | 'slack' => [
56 | 'driver' => 'slack',
57 | 'url' => env('LOG_SLACK_WEBHOOK_URL'),
58 | 'username' => 'Laravel Log',
59 | 'emoji' => ':boom:',
60 | 'level' => 'critical',
61 | ],
62 |
63 | 'papertrail' => [
64 | 'driver' => 'monolog',
65 | 'level' => 'debug',
66 | 'handler' => SyslogUdpHandler::class,
67 | 'handler_with' => [
68 | 'host' => env('PAPERTRAIL_URL'),
69 | 'port' => env('PAPERTRAIL_PORT'),
70 | ],
71 | ],
72 |
73 | 'stderr' => [
74 | 'driver' => 'monolog',
75 | 'handler' => StreamHandler::class,
76 | 'formatter' => env('LOG_STDERR_FORMATTER'),
77 | 'with' => [
78 | 'stream' => 'php://stderr',
79 | ],
80 | ],
81 |
82 | 'syslog' => [
83 | 'driver' => 'syslog',
84 | 'level' => 'debug',
85 | ],
86 |
87 | 'errorlog' => [
88 | 'driver' => 'errorlog',
89 | 'level' => 'debug',
90 | ],
91 | ],
92 |
93 | ];
94 |
--------------------------------------------------------------------------------
/config/cache.php:
--------------------------------------------------------------------------------
1 | env('CACHE_DRIVER', 'file'),
21 |
22 | /*
23 | |--------------------------------------------------------------------------
24 | | Cache Stores
25 | |--------------------------------------------------------------------------
26 | |
27 | | Here you may define all of the cache "stores" for your application as
28 | | well as their drivers. You may even define multiple stores for the
29 | | same cache driver to group types of items stored in your caches.
30 | |
31 | */
32 |
33 | 'stores' => [
34 |
35 | 'apc' => [
36 | 'driver' => 'apc',
37 | ],
38 |
39 | 'array' => [
40 | 'driver' => 'array',
41 | ],
42 |
43 | 'database' => [
44 | 'driver' => 'database',
45 | 'table' => 'cache',
46 | 'connection' => null,
47 | ],
48 |
49 | 'file' => [
50 | 'driver' => 'file',
51 | 'path' => storage_path('framework/cache/data'),
52 | ],
53 |
54 | 'memcached' => [
55 | 'driver' => 'memcached',
56 | 'persistent_id' => env('MEMCACHED_PERSISTENT_ID'),
57 | 'sasl' => [
58 | env('MEMCACHED_USERNAME'),
59 | env('MEMCACHED_PASSWORD'),
60 | ],
61 | 'options' => [
62 | // Memcached::OPT_CONNECT_TIMEOUT => 2000,
63 | ],
64 | 'servers' => [
65 | [
66 | 'host' => env('MEMCACHED_HOST', '127.0.0.1'),
67 | 'port' => env('MEMCACHED_PORT', 11211),
68 | 'weight' => 100,
69 | ],
70 | ],
71 | ],
72 |
73 | 'redis' => [
74 | 'driver' => 'redis',
75 | 'connection' => 'cache',
76 | ],
77 |
78 | ],
79 |
80 | /*
81 | |--------------------------------------------------------------------------
82 | | Cache Key Prefix
83 | |--------------------------------------------------------------------------
84 | |
85 | | When utilizing a RAM based store such as APC or Memcached, there might
86 | | be other applications utilizing the same cache. So, we'll specify a
87 | | value to get prefixed to all our keys so we can avoid collisions.
88 | |
89 | */
90 |
91 | 'prefix' => env('CACHE_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_cache'),
92 |
93 | ];
94 |
--------------------------------------------------------------------------------
/app/Http/Controllers/Auth/VerificationController.php:
--------------------------------------------------------------------------------
1 | user()->hasVerifiedEmail()) {
39 | return response()->json('Email Verified');
40 | }
41 | else {
42 | return response()->json('Email not verified');
43 | }
44 | }
45 |
46 | /**
47 | * Mark the authenticated user's email address as verified.
48 | *
49 | * @param \Illuminate\Http\Request $request
50 | * @return \Illuminate\Http\Response
51 | */
52 | public function verify(Request $request)
53 | {
54 |
55 | // ->route('id') gets route user id and getKey() gets current user id()
56 | // do not forget that you must send Authorization header to get the user from the request
57 | if ($request->route('id') == $request->user()->getKey() &&
58 | $request->user()->markEmailAsVerified()) {
59 | event(new Verified($request->user()));
60 | }
61 |
62 | return response()->json('Email verified!');
63 | // return redirect($this->redirectPath());
64 | }
65 |
66 |
67 | /**
68 | * Resend the email verification notification.
69 | *
70 | * @param \Illuminate\Http\Request $request
71 | * @return \Illuminate\Http\Response
72 | */
73 | public function resend(Request $request)
74 | {
75 | if ($request->user()->hasVerifiedEmail()) {
76 | return response()->json('User already have verified email!', 422);
77 | // return redirect($this->redirectPath());
78 | }
79 |
80 | $request->user()->sendEmailVerificationNotification();
81 |
82 | return response()->json('The notification has been resubmitted');
83 | // return back()->with('resent', true);
84 | }
85 |
86 |
87 | /**
88 | * Create a new controller instance.
89 | *
90 | * @return void
91 | */
92 | public function __construct()
93 | {
94 | $this->middleware('auth');
95 | $this->middleware('signed')->only('verify');
96 | $this->middleware('throttle:6,1')->only('verify', 'resend');
97 | }
98 | }
99 |
--------------------------------------------------------------------------------
/app/Http/Kernel.php:
--------------------------------------------------------------------------------
1 | [
31 | \App\Http\Middleware\EncryptCookies::class,
32 | \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
33 | \Illuminate\Session\Middleware\StartSession::class,
34 | // \Illuminate\Session\Middleware\AuthenticateSession::class,
35 | \Illuminate\View\Middleware\ShareErrorsFromSession::class,
36 | \App\Http\Middleware\VerifyCsrfToken::class,
37 | \Illuminate\Routing\Middleware\SubstituteBindings::class,
38 | ],
39 |
40 | 'api' => [
41 | 'throttle:60,1',
42 | 'bindings',
43 | ],
44 | ];
45 |
46 | /**
47 | * The application's route middleware.
48 | *
49 | * These middleware may be assigned to groups or used individually.
50 | *
51 | * @var array
52 | */
53 | protected $routeMiddleware = [
54 | 'auth' => \App\Http\Middleware\Authenticate::class,
55 | 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
56 | 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
57 | 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
58 | 'can' => \Illuminate\Auth\Middleware\Authorize::class,
59 | 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
60 | 'jwt' => \App\Http\Middleware\JWT::class,
61 | 'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
62 | 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
63 | 'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
64 | ];
65 |
66 | /**
67 | * The priority-sorted list of middleware.
68 | *
69 | * This forces non-global middleware to always be in the given order.
70 | *
71 | * @var array
72 | */
73 | protected $middlewarePriority = [
74 | \Illuminate\Session\Middleware\StartSession::class,
75 | \Illuminate\View\Middleware\ShareErrorsFromSession::class,
76 | \App\Http\Middleware\Authenticate::class,
77 | \Illuminate\Session\Middleware\AuthenticateSession::class,
78 | \Illuminate\Routing\Middleware\SubstituteBindings::class,
79 | \Illuminate\Auth\Middleware\Authorize::class,
80 | ];
81 | }
82 |
--------------------------------------------------------------------------------
/config/auth.php:
--------------------------------------------------------------------------------
1 | [
17 | 'guard' => 'api',
18 | 'passwords' => 'users',
19 | ],
20 |
21 | /*
22 | |--------------------------------------------------------------------------
23 | | Authentication Guards
24 | |--------------------------------------------------------------------------
25 | |
26 | | Next, you may define every authentication guard for your application.
27 | | Of course, a great default configuration has been defined for you
28 | | here which uses session storage and the Eloquent user provider.
29 | |
30 | | All authentication drivers have a user provider. This defines how the
31 | | users are actually retrieved out of your database or other storage
32 | | mechanisms used by this application to persist your user's data.
33 | |
34 | | Supported: "session", "token"
35 | |
36 | */
37 |
38 | 'guards' => [
39 | 'web' => [
40 | 'driver' => 'session',
41 | 'provider' => 'users',
42 | ],
43 |
44 | 'api' => [
45 | 'driver' => 'jwt',
46 | 'provider' => 'users',
47 | ],
48 | ],
49 |
50 | /*
51 | |--------------------------------------------------------------------------
52 | | User Providers
53 | |--------------------------------------------------------------------------
54 | |
55 | | All authentication drivers have a user provider. This defines how the
56 | | users are actually retrieved out of your database or other storage
57 | | mechanisms used by this application to persist your user's data.
58 | |
59 | | If you have multiple user tables or models you may configure multiple
60 | | sources which represent each model / table. These sources may then
61 | | be assigned to any extra authentication guards you have defined.
62 | |
63 | | Supported: "database", "eloquent"
64 | |
65 | */
66 |
67 | 'providers' => [
68 | 'users' => [
69 | 'driver' => 'eloquent',
70 | 'model' => App\User::class,
71 | ],
72 |
73 | // 'users' => [
74 | // 'driver' => 'database',
75 | // 'table' => 'users',
76 | // ],
77 | ],
78 |
79 | /*
80 | |--------------------------------------------------------------------------
81 | | Resetting Passwords
82 | |--------------------------------------------------------------------------
83 | |
84 | | You may specify multiple password reset configurations if you have more
85 | | than one user table or model in the application and you want to have
86 | | separate password reset settings based on the specific user types.
87 | |
88 | | The expire time is the number of minutes that the reset token should be
89 | | considered valid. This security feature keeps tokens short-lived so
90 | | they have less time to be guessed. You may change this as needed.
91 | |
92 | */
93 |
94 | 'passwords' => [
95 | 'users' => [
96 | 'provider' => 'users',
97 | 'table' => 'password_resets',
98 | 'expire' => 60,
99 | ],
100 | ],
101 |
102 | ];
103 |
--------------------------------------------------------------------------------
/public/svg/404.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/config/database.php:
--------------------------------------------------------------------------------
1 | env('DB_CONNECTION', 'mysql'),
17 |
18 | /*
19 | |--------------------------------------------------------------------------
20 | | Database Connections
21 | |--------------------------------------------------------------------------
22 | |
23 | | Here are each of the database connections setup for your application.
24 | | Of course, examples of configuring each database platform that is
25 | | supported by Laravel is shown below to make development simple.
26 | |
27 | |
28 | | All database work in Laravel is done through the PHP PDO facilities
29 | | so make sure you have the driver for your particular database of
30 | | choice installed on your machine before you begin development.
31 | |
32 | */
33 |
34 | 'connections' => [
35 |
36 | 'sqlite' => [
37 | 'driver' => 'sqlite',
38 | 'database' => env('DB_DATABASE', database_path('database.sqlite')),
39 | 'prefix' => '',
40 | 'foreign_key_constraints' => env('DB_FOREIGN_KEYS', true),
41 | ],
42 |
43 | 'mysql' => [
44 | 'driver' => 'mysql',
45 | 'host' => env('DB_HOST', '127.0.0.1'),
46 | 'port' => env('DB_PORT', '3306'),
47 | 'database' => env('DB_DATABASE', 'forge'),
48 | 'username' => env('DB_USERNAME', 'forge'),
49 | 'password' => env('DB_PASSWORD', ''),
50 | 'unix_socket' => env('DB_SOCKET', ''),
51 | 'charset' => 'utf8mb4',
52 | 'collation' => 'utf8mb4_unicode_ci',
53 | 'prefix' => '',
54 | 'prefix_indexes' => true,
55 | 'strict' => true,
56 | 'engine' => null,
57 | ],
58 |
59 | 'pgsql' => [
60 | 'driver' => 'pgsql',
61 | 'host' => env('DB_HOST', '127.0.0.1'),
62 | 'port' => env('DB_PORT', '5432'),
63 | 'database' => env('DB_DATABASE', 'forge'),
64 | 'username' => env('DB_USERNAME', 'forge'),
65 | 'password' => env('DB_PASSWORD', ''),
66 | 'charset' => 'utf8',
67 | 'prefix' => '',
68 | 'prefix_indexes' => true,
69 | 'schema' => 'public',
70 | 'sslmode' => 'prefer',
71 | ],
72 |
73 | 'sqlsrv' => [
74 | 'driver' => 'sqlsrv',
75 | 'host' => env('DB_HOST', 'localhost'),
76 | 'port' => env('DB_PORT', '1433'),
77 | 'database' => env('DB_DATABASE', 'forge'),
78 | 'username' => env('DB_USERNAME', 'forge'),
79 | 'password' => env('DB_PASSWORD', ''),
80 | 'charset' => 'utf8',
81 | 'prefix' => '',
82 | 'prefix_indexes' => true,
83 | ],
84 |
85 | ],
86 |
87 | /*
88 | |--------------------------------------------------------------------------
89 | | Migration Repository Table
90 | |--------------------------------------------------------------------------
91 | |
92 | | This table keeps track of all the migrations that have already run for
93 | | your application. Using this information, we can determine which of
94 | | the migrations on disk haven't actually been run in the database.
95 | |
96 | */
97 |
98 | 'migrations' => 'migrations',
99 |
100 | /*
101 | |--------------------------------------------------------------------------
102 | | Redis Databases
103 | |--------------------------------------------------------------------------
104 | |
105 | | Redis is an open source, fast, and advanced key-value store that also
106 | | provides a richer body of commands than a typical key-value system
107 | | such as APC or Memcached. Laravel makes it easy to dig right in.
108 | |
109 | */
110 |
111 | 'redis' => [
112 |
113 | 'client' => 'predis',
114 |
115 | 'default' => [
116 | 'host' => env('REDIS_HOST', '127.0.0.1'),
117 | 'password' => env('REDIS_PASSWORD', null),
118 | 'port' => env('REDIS_PORT', 6379),
119 | 'database' => env('REDIS_DB', 0),
120 | ],
121 |
122 | 'cache' => [
123 | 'host' => env('REDIS_HOST', '127.0.0.1'),
124 | 'password' => env('REDIS_PASSWORD', null),
125 | 'port' => env('REDIS_PORT', 6379),
126 | 'database' => env('REDIS_CACHE_DB', 1),
127 | ],
128 |
129 | ],
130 |
131 | ];
132 |
--------------------------------------------------------------------------------
/config/mail.php:
--------------------------------------------------------------------------------
1 | env('MAIL_DRIVER', 'smtp'),
20 |
21 | /*
22 | |--------------------------------------------------------------------------
23 | | SMTP Host Address
24 | |--------------------------------------------------------------------------
25 | |
26 | | Here you may provide the host address of the SMTP server used by your
27 | | applications. A default option is provided that is compatible with
28 | | the Mailgun mail service which will provide reliable deliveries.
29 | |
30 | */
31 |
32 | 'host' => env('MAIL_HOST', 'smtp.mailgun.org'),
33 |
34 | /*
35 | |--------------------------------------------------------------------------
36 | | SMTP Host Port
37 | |--------------------------------------------------------------------------
38 | |
39 | | This is the SMTP port used by your application to deliver e-mails to
40 | | users of the application. Like the host we have set this value to
41 | | stay compatible with the Mailgun e-mail application by default.
42 | |
43 | */
44 |
45 | 'port' => env('MAIL_PORT', 587),
46 |
47 | /*
48 | |--------------------------------------------------------------------------
49 | | Global "From" Address
50 | |--------------------------------------------------------------------------
51 | |
52 | | You may wish for all e-mails sent by your application to be sent from
53 | | the same address. Here, you may specify a name and address that is
54 | | used globally for all e-mails that are sent by your application.
55 | |
56 | */
57 |
58 | 'from' => [
59 | 'address' => env('MAIL_FROM_ADDRESS', 'hello@example.com'),
60 | 'name' => env('MAIL_FROM_NAME', 'Example'),
61 | ],
62 |
63 | /*
64 | |--------------------------------------------------------------------------
65 | | E-Mail Encryption Protocol
66 | |--------------------------------------------------------------------------
67 | |
68 | | Here you may specify the encryption protocol that should be used when
69 | | the application send e-mail messages. A sensible default using the
70 | | transport layer security protocol should provide great security.
71 | |
72 | */
73 |
74 | 'encryption' => env('MAIL_ENCRYPTION', 'tls'),
75 |
76 | /*
77 | |--------------------------------------------------------------------------
78 | | SMTP Server Username
79 | |--------------------------------------------------------------------------
80 | |
81 | | If your SMTP server requires a username for authentication, you should
82 | | set it here. This will get used to authenticate with your server on
83 | | connection. You may also set the "password" value below this one.
84 | |
85 | */
86 |
87 | 'username' => env('MAIL_USERNAME'),
88 |
89 | 'password' => env('MAIL_PASSWORD'),
90 |
91 | /*
92 | |--------------------------------------------------------------------------
93 | | Sendmail System Path
94 | |--------------------------------------------------------------------------
95 | |
96 | | When using the "sendmail" driver to send e-mails, we will need to know
97 | | the path to where Sendmail lives on this server. A default path has
98 | | been provided here, which will work well on most of your systems.
99 | |
100 | */
101 |
102 | 'sendmail' => '/usr/sbin/sendmail -bs',
103 |
104 | /*
105 | |--------------------------------------------------------------------------
106 | | Markdown Mail Settings
107 | |--------------------------------------------------------------------------
108 | |
109 | | If you are using Markdown based email rendering, you may configure your
110 | | theme and component paths here, allowing you to customize the design
111 | | of the emails. Or, you may simply stick with the Laravel defaults!
112 | |
113 | */
114 |
115 | 'markdown' => [
116 | 'theme' => 'default',
117 |
118 | 'paths' => [
119 | resource_path('views/vendor/mail'),
120 | ],
121 | ],
122 |
123 | /*
124 | |--------------------------------------------------------------------------
125 | | Log Channel
126 | |--------------------------------------------------------------------------
127 | |
128 | | If you are using the "log" driver, you may specify the logging channel
129 | | if you prefer to keep mail messages separate from other log entries
130 | | for simpler reading. Otherwise, the default channel will be used.
131 | |
132 | */
133 |
134 | 'log_channel' => env('MAIL_LOG_CHANNEL'),
135 |
136 | ];
137 |
--------------------------------------------------------------------------------
/public/svg/503.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/public/svg/403.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/app/Http/Controllers/Auth/ResetPasswordController.php:
--------------------------------------------------------------------------------
1 | credentials($request);
72 | // $this->broker()->validator(function () { return true; });
73 | $response = $this->validateReset($credentials);
74 | // $response = $this->broker()->validateReset($credentials);
75 |
76 | if ($response instanceof CanResetPasswordContract) {
77 | $user = $response;
78 | } else {
79 | switch ($response) {
80 | case static::INVALID_USER:
81 | return $this->sendError(trans('passwords.user'), 404);
82 | case static::INVALID_PASSWORD:
83 | return $this->sendError(trans('passwords.password'), 422);
84 | case static::INVALID_TOKEN:
85 | return $this->sendError(trans('passwords.token'), 422);
86 | }
87 | }
88 |
89 | $this->resetPassword($user, $credentials['password']);
90 | $this->broker()->getRepository()->delete($user);
91 |
92 |
93 | // return $this->sendResponse(NULL, trans('passwords.reset'));
94 | return $this->tokenDataAndUser($user);
95 | }
96 |
97 |
98 | /**
99 | * Reset the given user's password.
100 | *
101 | * @param \Illuminate\Contracts\Auth\CanResetPassword $user
102 | * @param string $password
103 | * @return void
104 | */
105 | protected function resetPassword($user, $password)
106 | {
107 | $user->password = Hash::make($password);
108 | $user->save();
109 |
110 | // RememberToken is removed from user db!
111 | // $user->setRememberToken(Str::random(60));
112 |
113 | event(new PasswordReset($user));
114 |
115 | // $this->guard()->login($user);
116 | }
117 |
118 |
119 | /**
120 | * User by credentials
121 | *
122 | * @param array $credentials
123 | * @return \Illuminate\Contracts\Auth\CanResetPassword|null
124 | *
125 | * @throws \UnexpectedValueException
126 | */
127 | public function getUser(array $credentials)
128 | {
129 | // $passwordHashed = Hash::make($credentials['password']);
130 | $user = User::where('email', $credentials['email'])->first();
131 |
132 | if ($user && !$user instanceof CanResetPasswordContract) {
133 | throw new UnexpectedValueException('User must implement CanResetPassword interface.');
134 | }
135 |
136 | return $user;
137 | }
138 |
139 |
140 | /**
141 | * Валидация нового пароля
142 | *
143 | * @param array $credentials
144 | * @return bool
145 | */
146 | public function validateNewPassword(array $credentials)
147 | {
148 | return true;
149 | }
150 |
151 | /**
152 | * Validate a password reset for the given credentials.
153 | *
154 | * @param array $credentials
155 | * @return \Illuminate\Contracts\Auth\CanResetPassword|string
156 | */
157 | protected function validateReset(array $credentials)
158 | {
159 | if (is_null($user = $this->getUser($credentials))) {
160 | return static::INVALID_USER;
161 | }
162 | if (!$this->validateNewPassword($credentials)) {
163 | return static::INVALID_PASSWORD;
164 | }
165 | // if (! $this->broker()->getRepository()->exists($user, $credentials['token'])) {
166 | // return static::INVALID_TOKEN;
167 | // }
168 | if (!$this->broker()->tokenExists($user, $credentials['token'])) {
169 | return static::INVALID_TOKEN;
170 | }
171 |
172 | return $user;
173 | }
174 |
175 |
176 | /**
177 | * Get the password reset credentials from the request.
178 | *
179 | * @param \Illuminate\Http\Request $request
180 | * @return array
181 | */
182 | protected function credentials(Request $request)
183 | {
184 | $cred = $request->only(
185 | 'email', 'password', 'token' // 'password_confirmation'
186 | );
187 | $cred['password_confirmation'] = $cred['password'];
188 |
189 | return $cred;
190 | }
191 | }
192 |
--------------------------------------------------------------------------------
/.idea/php.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 |
93 |
94 |
95 |
96 |
97 |
98 |
99 |
100 |
101 |
102 |
103 |
104 |
--------------------------------------------------------------------------------
/config/session.php:
--------------------------------------------------------------------------------
1 | env('SESSION_DRIVER', 'file'),
22 |
23 | /*
24 | |--------------------------------------------------------------------------
25 | | Session Lifetime
26 | |--------------------------------------------------------------------------
27 | |
28 | | Here you may specify the number of minutes that you wish the session
29 | | to be allowed to remain idle before it expires. If you want them
30 | | to immediately expire on the browser closing, set that option.
31 | |
32 | */
33 |
34 | 'lifetime' => env('SESSION_LIFETIME', 120),
35 |
36 | 'expire_on_close' => false,
37 |
38 | /*
39 | |--------------------------------------------------------------------------
40 | | Session Encryption
41 | |--------------------------------------------------------------------------
42 | |
43 | | This option allows you to easily specify that all of your session data
44 | | should be encrypted before it is stored. All encryption will be run
45 | | automatically by Laravel and you can use the Session like normal.
46 | |
47 | */
48 |
49 | 'encrypt' => false,
50 |
51 | /*
52 | |--------------------------------------------------------------------------
53 | | Session File Location
54 | |--------------------------------------------------------------------------
55 | |
56 | | When using the native session driver, we need a location where session
57 | | files may be stored. A default has been set for you but a different
58 | | location may be specified. This is only needed for file sessions.
59 | |
60 | */
61 |
62 | 'files' => storage_path('framework/sessions'),
63 |
64 | /*
65 | |--------------------------------------------------------------------------
66 | | Session Database Connection
67 | |--------------------------------------------------------------------------
68 | |
69 | | When using the "database" or "redis" session drivers, you may specify a
70 | | connection that should be used to manage these sessions. This should
71 | | correspond to a connection in your database configuration options.
72 | |
73 | */
74 |
75 | 'connection' => env('SESSION_CONNECTION', null),
76 |
77 | /*
78 | |--------------------------------------------------------------------------
79 | | Session Database Table
80 | |--------------------------------------------------------------------------
81 | |
82 | | When using the "database" session driver, you may specify the table we
83 | | should use to manage the sessions. Of course, a sensible default is
84 | | provided for you; however, you are free to change this as needed.
85 | |
86 | */
87 |
88 | 'table' => 'sessions',
89 |
90 | /*
91 | |--------------------------------------------------------------------------
92 | | Session Cache Store
93 | |--------------------------------------------------------------------------
94 | |
95 | | When using the "apc" or "memcached" session drivers, you may specify a
96 | | cache store that should be used for these sessions. This value must
97 | | correspond with one of the application's configured cache stores.
98 | |
99 | */
100 |
101 | 'store' => env('SESSION_STORE', null),
102 |
103 | /*
104 | |--------------------------------------------------------------------------
105 | | Session Sweeping Lottery
106 | |--------------------------------------------------------------------------
107 | |
108 | | Some session drivers must manually sweep their storage location to get
109 | | rid of old sessions from storage. Here are the chances that it will
110 | | happen on a given request. By default, the odds are 2 out of 100.
111 | |
112 | */
113 |
114 | 'lottery' => [2, 100],
115 |
116 | /*
117 | |--------------------------------------------------------------------------
118 | | Session Cookie Name
119 | |--------------------------------------------------------------------------
120 | |
121 | | Here you may change the name of the cookie used to identify a session
122 | | instance by ID. The name specified here will get used every time a
123 | | new session cookie is created by the framework for every driver.
124 | |
125 | */
126 |
127 | 'cookie' => env(
128 | 'SESSION_COOKIE',
129 | Str::slug(env('APP_NAME', 'laravel'), '_').'_session'
130 | ),
131 |
132 | /*
133 | |--------------------------------------------------------------------------
134 | | Session Cookie Path
135 | |--------------------------------------------------------------------------
136 | |
137 | | The session cookie path determines the path for which the cookie will
138 | | be regarded as available. Typically, this will be the root path of
139 | | your application but you are free to change this when necessary.
140 | |
141 | */
142 |
143 | 'path' => '/',
144 |
145 | /*
146 | |--------------------------------------------------------------------------
147 | | Session Cookie Domain
148 | |--------------------------------------------------------------------------
149 | |
150 | | Here you may change the domain of the cookie used to identify a session
151 | | in your application. This will determine which domains the cookie is
152 | | available to in your application. A sensible default has been set.
153 | |
154 | */
155 |
156 | 'domain' => env('SESSION_DOMAIN', null),
157 |
158 | /*
159 | |--------------------------------------------------------------------------
160 | | HTTPS Only Cookies
161 | |--------------------------------------------------------------------------
162 | |
163 | | By setting this option to true, session cookies will only be sent back
164 | | to the server if the browser has a HTTPS connection. This will keep
165 | | the cookie from being sent to you if it can not be done securely.
166 | |
167 | */
168 |
169 | 'secure' => env('SESSION_SECURE_COOKIE', false),
170 |
171 | /*
172 | |--------------------------------------------------------------------------
173 | | HTTP Access Only
174 | |--------------------------------------------------------------------------
175 | |
176 | | Setting this value to true will prevent JavaScript from accessing the
177 | | value of the cookie and the cookie will only be accessible through
178 | | the HTTP protocol. You are free to modify this option if needed.
179 | |
180 | */
181 |
182 | 'http_only' => true,
183 |
184 | /*
185 | |--------------------------------------------------------------------------
186 | | Same-Site Cookies
187 | |--------------------------------------------------------------------------
188 | |
189 | | This option determines how your cookies behave when cross-site requests
190 | | take place, and can be used to mitigate CSRF attacks. By default, we
191 | | do not enable this as other CSRF protection services are in place.
192 | |
193 | | Supported: "lax", "strict"
194 | |
195 | */
196 |
197 | 'same_site' => null,
198 |
199 | ];
200 |
--------------------------------------------------------------------------------
/.idea/github-jwt.iml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
32 |
33 |
34 |
35 |
36 |
37 |
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 |
93 |
94 |
95 |
96 |
97 |
98 |
99 |
100 |
101 |
102 |
103 |
--------------------------------------------------------------------------------
/resources/lang/en/validation.php:
--------------------------------------------------------------------------------
1 | 'The :attribute must be accepted.',
17 | 'active_url' => 'The :attribute is not a valid URL.',
18 | 'after' => 'The :attribute must be a date after :date.',
19 | 'after_or_equal' => 'The :attribute must be a date after or equal to :date.',
20 | 'alpha' => 'The :attribute may only contain letters.',
21 | 'alpha_dash' => 'The :attribute may only contain letters, numbers, dashes and underscores.',
22 | 'alpha_num' => 'The :attribute may only contain letters and numbers.',
23 | 'array' => 'The :attribute must be an array.',
24 | 'before' => 'The :attribute must be a date before :date.',
25 | 'before_or_equal' => 'The :attribute must be a date before or equal to :date.',
26 | 'between' => [
27 | 'numeric' => 'The :attribute must be between :min and :max.',
28 | 'file' => 'The :attribute must be between :min and :max kilobytes.',
29 | 'string' => 'The :attribute must be between :min and :max characters.',
30 | 'array' => 'The :attribute must have between :min and :max items.',
31 | ],
32 | 'boolean' => 'The :attribute field must be true or false.',
33 | 'confirmed' => 'The :attribute confirmation does not match.',
34 | 'date' => 'The :attribute is not a valid date.',
35 | 'date_equals' => 'The :attribute must be a date equal to :date.',
36 | 'date_format' => 'The :attribute does not match the format :format.',
37 | 'different' => 'The :attribute and :other must be different.',
38 | 'digits' => 'The :attribute must be :digits digits.',
39 | 'digits_between' => 'The :attribute must be between :min and :max digits.',
40 | 'dimensions' => 'The :attribute has invalid image dimensions.',
41 | 'distinct' => 'The :attribute field has a duplicate value.',
42 | 'email' => 'The :attribute must be a valid email address.',
43 | 'exists' => 'The selected :attribute is invalid.',
44 | 'file' => 'The :attribute must be a file.',
45 | 'filled' => 'The :attribute field must have a value.',
46 | 'gt' => [
47 | 'numeric' => 'The :attribute must be greater than :value.',
48 | 'file' => 'The :attribute must be greater than :value kilobytes.',
49 | 'string' => 'The :attribute must be greater than :value characters.',
50 | 'array' => 'The :attribute must have more than :value items.',
51 | ],
52 | 'gte' => [
53 | 'numeric' => 'The :attribute must be greater than or equal :value.',
54 | 'file' => 'The :attribute must be greater than or equal :value kilobytes.',
55 | 'string' => 'The :attribute must be greater than or equal :value characters.',
56 | 'array' => 'The :attribute must have :value items or more.',
57 | ],
58 | 'image' => 'The :attribute must be an image.',
59 | 'in' => 'The selected :attribute is invalid.',
60 | 'in_array' => 'The :attribute field does not exist in :other.',
61 | 'integer' => 'The :attribute must be an integer.',
62 | 'ip' => 'The :attribute must be a valid IP address.',
63 | 'ipv4' => 'The :attribute must be a valid IPv4 address.',
64 | 'ipv6' => 'The :attribute must be a valid IPv6 address.',
65 | 'json' => 'The :attribute must be a valid JSON string.',
66 | 'lt' => [
67 | 'numeric' => 'The :attribute must be less than :value.',
68 | 'file' => 'The :attribute must be less than :value kilobytes.',
69 | 'string' => 'The :attribute must be less than :value characters.',
70 | 'array' => 'The :attribute must have less than :value items.',
71 | ],
72 | 'lte' => [
73 | 'numeric' => 'The :attribute must be less than or equal :value.',
74 | 'file' => 'The :attribute must be less than or equal :value kilobytes.',
75 | 'string' => 'The :attribute must be less than or equal :value characters.',
76 | 'array' => 'The :attribute must not have more than :value items.',
77 | ],
78 | 'max' => [
79 | 'numeric' => 'The :attribute may not be greater than :max.',
80 | 'file' => 'The :attribute may not be greater than :max kilobytes.',
81 | 'string' => 'The :attribute may not be greater than :max characters.',
82 | 'array' => 'The :attribute may not have more than :max items.',
83 | ],
84 | 'mimes' => 'The :attribute must be a file of type: :values.',
85 | 'mimetypes' => 'The :attribute must be a file of type: :values.',
86 | 'min' => [
87 | 'numeric' => 'The :attribute must be at least :min.',
88 | 'file' => 'The :attribute must be at least :min kilobytes.',
89 | 'string' => 'The :attribute must be at least :min characters.',
90 | 'array' => 'The :attribute must have at least :min items.',
91 | ],
92 | 'not_in' => 'The selected :attribute is invalid.',
93 | 'not_regex' => 'The :attribute format is invalid.',
94 | 'numeric' => 'The :attribute must be a number.',
95 | 'present' => 'The :attribute field must be present.',
96 | 'regex' => 'The :attribute format is invalid.',
97 | 'required' => 'The :attribute field is required.',
98 | 'required_if' => 'The :attribute field is required when :other is :value.',
99 | 'required_unless' => 'The :attribute field is required unless :other is in :values.',
100 | 'required_with' => 'The :attribute field is required when :values is present.',
101 | 'required_with_all' => 'The :attribute field is required when :values are present.',
102 | 'required_without' => 'The :attribute field is required when :values is not present.',
103 | 'required_without_all' => 'The :attribute field is required when none of :values are present.',
104 | 'same' => 'The :attribute and :other must match.',
105 | 'size' => [
106 | 'numeric' => 'The :attribute must be :size.',
107 | 'file' => 'The :attribute must be :size kilobytes.',
108 | 'string' => 'The :attribute must be :size characters.',
109 | 'array' => 'The :attribute must contain :size items.',
110 | ],
111 | 'starts_with' => 'The :attribute must start with one of the following: :values',
112 | 'string' => 'The :attribute must be a string.',
113 | 'timezone' => 'The :attribute must be a valid zone.',
114 | 'unique' => 'The :attribute has already been taken.',
115 | 'uploaded' => 'The :attribute failed to upload.',
116 | 'url' => 'The :attribute format is invalid.',
117 | 'uuid' => 'The :attribute must be a valid UUID.',
118 |
119 | /*
120 | |--------------------------------------------------------------------------
121 | | Custom Validation Language Lines
122 | |--------------------------------------------------------------------------
123 | |
124 | | Here you may specify custom validation messages for attributes using the
125 | | convention "attribute.rule" to name the lines. This makes it quick to
126 | | specify a specific custom language line for a given attribute rule.
127 | |
128 | */
129 |
130 | 'custom' => [
131 | 'attribute-name' => [
132 | 'rule-name' => 'custom-message',
133 | ],
134 | ],
135 |
136 | /*
137 | |--------------------------------------------------------------------------
138 | | Custom Validation Attributes
139 | |--------------------------------------------------------------------------
140 | |
141 | | The following language lines are used to swap our attribute placeholder
142 | | with something more reader friendly such as "E-Mail Address" instead
143 | | of "email". This simply helps us make our message more expressive.
144 | |
145 | */
146 |
147 | 'attributes' => [],
148 |
149 | ];
150 |
--------------------------------------------------------------------------------
/config/app.php:
--------------------------------------------------------------------------------
1 | env('APP_NAME', 'Laravel'),
17 |
18 | /*
19 | |--------------------------------------------------------------------------
20 | | Application Environment
21 | |--------------------------------------------------------------------------
22 | |
23 | | This value determines the "environment" your application is currently
24 | | running in. This may determine how you prefer to configure various
25 | | services the application utilizes. Set this in your ".env" file.
26 | |
27 | */
28 |
29 | 'env' => env('APP_ENV', 'production'),
30 |
31 | /*
32 | |--------------------------------------------------------------------------
33 | | Application Debug Mode
34 | |--------------------------------------------------------------------------
35 | |
36 | | When your application is in debug mode, detailed error messages with
37 | | stack traces will be shown on every error that occurs within your
38 | | application. If disabled, a simple generic error page is shown.
39 | |
40 | */
41 |
42 | 'debug' => env('APP_DEBUG', false),
43 |
44 | /*
45 | |--------------------------------------------------------------------------
46 | | Application URL
47 | |--------------------------------------------------------------------------
48 | |
49 | | This URL is used by the console to properly generate URLs when using
50 | | the Artisan command line tool. You should set this to the root of
51 | | your application so that it is used when running Artisan tasks.
52 | |
53 | */
54 |
55 | 'url' => env('APP_URL', 'http://localhost'),
56 |
57 | 'asset_url' => env('ASSET_URL', null),
58 |
59 | /*
60 | |--------------------------------------------------------------------------
61 | | Application Timezone
62 | |--------------------------------------------------------------------------
63 | |
64 | | Here you may specify the default timezone for your application, which
65 | | will be used by the PHP date and date-time functions. We have gone
66 | | ahead and set this to a sensible default for you out of the box.
67 | |
68 | */
69 |
70 | 'timezone' => 'UTC',
71 |
72 | /*
73 | |--------------------------------------------------------------------------
74 | | Application Locale Configuration
75 | |--------------------------------------------------------------------------
76 | |
77 | | The application locale determines the default locale that will be used
78 | | by the translation service provider. You are free to set this value
79 | | to any of the locales which will be supported by the application.
80 | |
81 | */
82 |
83 | 'locale' => 'en',
84 |
85 | /*
86 | |--------------------------------------------------------------------------
87 | | Application Fallback Locale
88 | |--------------------------------------------------------------------------
89 | |
90 | | The fallback locale determines the locale to use when the current one
91 | | is not available. You may change the value to correspond to any of
92 | | the language folders that are provided through your application.
93 | |
94 | */
95 |
96 | 'fallback_locale' => 'en',
97 |
98 | /*
99 | |--------------------------------------------------------------------------
100 | | Faker Locale
101 | |--------------------------------------------------------------------------
102 | |
103 | | This locale will be used by the Faker PHP library when generating fake
104 | | data for your database seeds. For example, this will be used to get
105 | | localized telephone numbers, street address information and more.
106 | |
107 | */
108 |
109 | 'faker_locale' => 'en_US',
110 |
111 | /*
112 | |--------------------------------------------------------------------------
113 | | Encryption Key
114 | |--------------------------------------------------------------------------
115 | |
116 | | This key is used by the Illuminate encrypter service and should be set
117 | | to a random, 32 character string, otherwise these encrypted strings
118 | | will not be safe. Please do this before deploying an application!
119 | |
120 | */
121 |
122 | 'key' => env('APP_KEY'),
123 |
124 | 'cipher' => 'AES-256-CBC',
125 |
126 | /*
127 | |--------------------------------------------------------------------------
128 | | Autoloaded Service Providers
129 | |--------------------------------------------------------------------------
130 | |
131 | | The service providers listed here will be automatically loaded on the
132 | | request to your application. Feel free to add your own services to
133 | | this array to grant expanded functionality to your applications.
134 | |
135 | */
136 |
137 | 'providers' => [
138 |
139 | /*
140 | * Laravel Framework Service Providers...
141 | */
142 | Illuminate\Auth\AuthServiceProvider::class,
143 | Illuminate\Broadcasting\BroadcastServiceProvider::class,
144 | Illuminate\Bus\BusServiceProvider::class,
145 | Illuminate\Cache\CacheServiceProvider::class,
146 | Illuminate\Foundation\Providers\ConsoleSupportServiceProvider::class,
147 | Illuminate\Cookie\CookieServiceProvider::class,
148 | Illuminate\Database\DatabaseServiceProvider::class,
149 | Illuminate\Encryption\EncryptionServiceProvider::class,
150 | Illuminate\Filesystem\FilesystemServiceProvider::class,
151 | Illuminate\Foundation\Providers\FoundationServiceProvider::class,
152 | Illuminate\Hashing\HashServiceProvider::class,
153 | Illuminate\Mail\MailServiceProvider::class,
154 | Illuminate\Notifications\NotificationServiceProvider::class,
155 | Illuminate\Pagination\PaginationServiceProvider::class,
156 | Illuminate\Pipeline\PipelineServiceProvider::class,
157 | Illuminate\Queue\QueueServiceProvider::class,
158 | Illuminate\Redis\RedisServiceProvider::class,
159 | Illuminate\Auth\Passwords\PasswordResetServiceProvider::class,
160 | Illuminate\Session\SessionServiceProvider::class,
161 | Illuminate\Translation\TranslationServiceProvider::class,
162 | Illuminate\Validation\ValidationServiceProvider::class,
163 | Illuminate\View\ViewServiceProvider::class,
164 |
165 | /*
166 | * Package Service Providers...
167 | */
168 |
169 | /*
170 | * Application Service Providers...
171 | */
172 | App\Providers\AppServiceProvider::class,
173 | App\Providers\AuthServiceProvider::class,
174 | // App\Providers\BroadcastServiceProvider::class,
175 | App\Providers\EventServiceProvider::class,
176 | App\Providers\RouteServiceProvider::class,
177 |
178 | ],
179 |
180 | /*
181 | |--------------------------------------------------------------------------
182 | | Class Aliases
183 | |--------------------------------------------------------------------------
184 | |
185 | | This array of class aliases will be registered when this application
186 | | is started. However, feel free to register as many as you wish as
187 | | the aliases are "lazy" loaded so they don't hinder performance.
188 | |
189 | */
190 |
191 | 'aliases' => [
192 |
193 | 'App' => Illuminate\Support\Facades\App::class,
194 | 'Artisan' => Illuminate\Support\Facades\Artisan::class,
195 | 'Auth' => Illuminate\Support\Facades\Auth::class,
196 | 'Blade' => Illuminate\Support\Facades\Blade::class,
197 | 'Broadcast' => Illuminate\Support\Facades\Broadcast::class,
198 | 'Bus' => Illuminate\Support\Facades\Bus::class,
199 | 'Cache' => Illuminate\Support\Facades\Cache::class,
200 | 'Config' => Illuminate\Support\Facades\Config::class,
201 | 'Cookie' => Illuminate\Support\Facades\Cookie::class,
202 | 'Crypt' => Illuminate\Support\Facades\Crypt::class,
203 | 'DB' => Illuminate\Support\Facades\DB::class,
204 | 'Eloquent' => Illuminate\Database\Eloquent\Model::class,
205 | 'Event' => Illuminate\Support\Facades\Event::class,
206 | 'File' => Illuminate\Support\Facades\File::class,
207 | 'Gate' => Illuminate\Support\Facades\Gate::class,
208 | 'Hash' => Illuminate\Support\Facades\Hash::class,
209 | 'Lang' => Illuminate\Support\Facades\Lang::class,
210 | 'Log' => Illuminate\Support\Facades\Log::class,
211 | 'Mail' => Illuminate\Support\Facades\Mail::class,
212 | 'Notification' => Illuminate\Support\Facades\Notification::class,
213 | 'Password' => Illuminate\Support\Facades\Password::class,
214 | 'Queue' => Illuminate\Support\Facades\Queue::class,
215 | 'Redirect' => Illuminate\Support\Facades\Redirect::class,
216 | 'Redis' => Illuminate\Support\Facades\Redis::class,
217 | 'Request' => Illuminate\Support\Facades\Request::class,
218 | 'Response' => Illuminate\Support\Facades\Response::class,
219 | 'Route' => Illuminate\Support\Facades\Route::class,
220 | 'Schema' => Illuminate\Support\Facades\Schema::class,
221 | 'Session' => Illuminate\Support\Facades\Session::class,
222 | 'Storage' => Illuminate\Support\Facades\Storage::class,
223 | 'URL' => Illuminate\Support\Facades\URL::class,
224 | 'Validator' => Illuminate\Support\Facades\Validator::class,
225 | 'View' => Illuminate\Support\Facades\View::class,
226 |
227 | ],
228 |
229 | ];
230 |
--------------------------------------------------------------------------------
/config/jwt.php:
--------------------------------------------------------------------------------
1 |
7 | *
8 | * For the full copyright and license information, please view the LICENSE
9 | * file that was distributed with this source code.
10 | */
11 |
12 | return [
13 |
14 | /*
15 | |--------------------------------------------------------------------------
16 | | JWT Authentication Secret
17 | |--------------------------------------------------------------------------
18 | |
19 | | Don't forget to set this in your .env file, as it will be used to sign
20 | | your tokens. A helper command is provided for this:
21 | | `php artisan jwt:secret`
22 | |
23 | | Note: This will be used for Symmetric algorithms only (HMAC),
24 | | since RSA and ECDSA use a private/public key combo (See below).
25 | |
26 | */
27 |
28 | 'secret' => env('JWT_SECRET'),
29 |
30 | /*
31 | |--------------------------------------------------------------------------
32 | | JWT Authentication Keys
33 | |--------------------------------------------------------------------------
34 | |
35 | | The algorithm you are using, will determine whether your tokens are
36 | | signed with a random string (defined in `JWT_SECRET`) or using the
37 | | following public & private keys.
38 | |
39 | | Symmetric Algorithms:
40 | | HS256, HS384 & HS512 will use `JWT_SECRET`.
41 | |
42 | | Asymmetric Algorithms:
43 | | RS256, RS384 & RS512 / ES256, ES384 & ES512 will use the keys below.
44 | |
45 | */
46 |
47 | 'keys' => [
48 |
49 | /*
50 | |--------------------------------------------------------------------------
51 | | Public Key
52 | |--------------------------------------------------------------------------
53 | |
54 | | A path or resource to your public key.
55 | |
56 | | E.g. 'file://path/to/public/key'
57 | |
58 | */
59 |
60 | 'public' => env('JWT_PUBLIC_KEY'),
61 |
62 | /*
63 | |--------------------------------------------------------------------------
64 | | Private Key
65 | |--------------------------------------------------------------------------
66 | |
67 | | A path or resource to your private key.
68 | |
69 | | E.g. 'file://path/to/private/key'
70 | |
71 | */
72 |
73 | 'private' => env('JWT_PRIVATE_KEY'),
74 |
75 | /*
76 | |--------------------------------------------------------------------------
77 | | Passphrase
78 | |--------------------------------------------------------------------------
79 | |
80 | | The passphrase for your private key. Can be null if none set.
81 | |
82 | */
83 |
84 | 'passphrase' => env('JWT_PASSPHRASE'),
85 |
86 | ],
87 |
88 | /*
89 | |--------------------------------------------------------------------------
90 | | JWT time to live
91 | |--------------------------------------------------------------------------
92 | |
93 | | Specify the length of time (in minutes) that the token will be valid for.
94 | | Defaults to 1 hour.
95 | |
96 | | You can also set this to null, to yield a never expiring token.
97 | | Some people may want this behaviour for e.g. a mobile app.
98 | | This is not particularly recommended, so make sure you have appropriate
99 | | systems in place to revoke the token if necessary.
100 | | Notice: If you set this to null you should remove 'exp' element from 'required_claims' list.
101 | |
102 | */
103 |
104 | 'ttl' => env('JWT_TTL', 60),
105 |
106 | /*
107 | |--------------------------------------------------------------------------
108 | | Refresh time to live
109 | |--------------------------------------------------------------------------
110 | |
111 | | Specify the length of time (in minutes) that the token can be refreshed
112 | | within. I.E. The user can refresh their token within a 2 week window of
113 | | the original token being created until they must re-authenticate.
114 | | Defaults to 2 weeks.
115 | |
116 | | You can also set this to null, to yield an infinite refresh time.
117 | | Some may want this instead of never expiring tokens for e.g. a mobile app.
118 | | This is not particularly recommended, so make sure you have appropriate
119 | | systems in place to revoke the token if necessary.
120 | |
121 | */
122 |
123 | 'refresh_ttl' => env('JWT_REFRESH_TTL', 20160),
124 |
125 | /*
126 | |--------------------------------------------------------------------------
127 | | JWT hashing algorithm
128 | |--------------------------------------------------------------------------
129 | |
130 | | Specify the hashing algorithm that will be used to sign the token.
131 | |
132 | | See here: https://github.com/namshi/jose/tree/master/src/Namshi/JOSE/Signer/OpenSSL
133 | | for possible values.
134 | |
135 | */
136 |
137 | 'algo' => env('JWT_ALGO', 'HS256'),
138 |
139 | /*
140 | |--------------------------------------------------------------------------
141 | | Required Claims
142 | |--------------------------------------------------------------------------
143 | |
144 | | Specify the required claims that must exist in any token.
145 | | A TokenInvalidException will be thrown if any of these claims are not
146 | | present in the payload.
147 | |
148 | */
149 |
150 | 'required_claims' => [
151 | 'iss',
152 | 'iat',
153 | 'exp',
154 | 'nbf',
155 | 'sub',
156 | 'jti',
157 | ],
158 |
159 | /*
160 | |--------------------------------------------------------------------------
161 | | Persistent Claims
162 | |--------------------------------------------------------------------------
163 | |
164 | | Specify the claim keys to be persisted when refreshing a token.
165 | | `sub` and `iat` will automatically be persisted, in
166 | | addition to the these claims.
167 | |
168 | | Note: If a claim does not exist then it will be ignored.
169 | |
170 | */
171 |
172 | 'persistent_claims' => [
173 | // 'foo',
174 | // 'bar',
175 | ],
176 |
177 | /*
178 | |--------------------------------------------------------------------------
179 | | Lock Subject
180 | |--------------------------------------------------------------------------
181 | |
182 | | This will determine whether a `prv` claim is automatically added to
183 | | the token. The purpose of this is to ensure that if you have multiple
184 | | authentication models e.g. `App\User` & `App\OtherPerson`, then we
185 | | should prevent one authentication request from impersonating another,
186 | | if 2 tokens happen to have the same id across the 2 different models.
187 | |
188 | | Under specific circumstances, you may want to disable this behaviour
189 | | e.g. if you only have one authentication model, then you would save
190 | | a little on token size.
191 | |
192 | */
193 |
194 | 'lock_subject' => true,
195 |
196 | /*
197 | |--------------------------------------------------------------------------
198 | | Leeway
199 | |--------------------------------------------------------------------------
200 | |
201 | | This property gives the jwt timestamp claims some "leeway".
202 | | Meaning that if you have any unavoidable slight clock skew on
203 | | any of your servers then this will afford you some level of cushioning.
204 | |
205 | | This applies to the claims `iat`, `nbf` and `exp`.
206 | |
207 | | Specify in seconds - only if you know you need it.
208 | |
209 | */
210 |
211 | 'leeway' => env('JWT_LEEWAY', 0),
212 |
213 | /*
214 | |--------------------------------------------------------------------------
215 | | Blacklist Enabled
216 | |--------------------------------------------------------------------------
217 | |
218 | | In order to invalidate tokens, you must have the blacklist enabled.
219 | | If you do not want or need this functionality, then set this to false.
220 | |
221 | */
222 |
223 | 'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true),
224 |
225 | /*
226 | | -------------------------------------------------------------------------
227 | | Blacklist Grace Period
228 | | -------------------------------------------------------------------------
229 | |
230 | | When multiple concurrent requests are made with the same JWT,
231 | | it is possible that some of them fail, due to token regeneration
232 | | on every request.
233 | |
234 | | Set grace period in seconds to prevent parallel request failure.
235 | |
236 | */
237 |
238 | 'blacklist_grace_period' => env('JWT_BLACKLIST_GRACE_PERIOD', 0),
239 |
240 | /*
241 | |--------------------------------------------------------------------------
242 | | Cookies encryption
243 | |--------------------------------------------------------------------------
244 | |
245 | | By default Laravel encrypt cookies for security reason.
246 | | If you decide to not decrypt cookies, you will have to configure Laravel
247 | | to not encrypt your cookie token by adding its name into the $except
248 | | array available in the middleware "EncryptCookies" provided by Laravel.
249 | | see https://laravel.com/docs/master/responses#cookies-and-encryption
250 | | for details.
251 | |
252 | | Set it to true if you want to decrypt cookies.
253 | |
254 | */
255 |
256 | 'decrypt_cookies' => false,
257 |
258 | /*
259 | |--------------------------------------------------------------------------
260 | | Providers
261 | |--------------------------------------------------------------------------
262 | |
263 | | Specify the various providers used throughout the package.
264 | |
265 | */
266 |
267 | 'providers' => [
268 |
269 | /*
270 | |--------------------------------------------------------------------------
271 | | JWT Provider
272 | |--------------------------------------------------------------------------
273 | |
274 | | Specify the provider that is used to create and decode the tokens.
275 | |
276 | */
277 |
278 | 'jwt' => Tymon\JWTAuth\Providers\JWT\Lcobucci::class,
279 |
280 | /*
281 | |--------------------------------------------------------------------------
282 | | Authentication Provider
283 | |--------------------------------------------------------------------------
284 | |
285 | | Specify the provider that is used to authenticate users.
286 | |
287 | */
288 |
289 | 'auth' => Tymon\JWTAuth\Providers\Auth\Illuminate::class,
290 |
291 | /*
292 | |--------------------------------------------------------------------------
293 | | Storage Provider
294 | |--------------------------------------------------------------------------
295 | |
296 | | Specify the provider that is used to store tokens in the blacklist.
297 | |
298 | */
299 |
300 | 'storage' => Tymon\JWTAuth\Providers\Storage\Illuminate::class,
301 |
302 | ],
303 |
304 | ];
305 |
--------------------------------------------------------------------------------
/public/svg/500.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | 
2 |
3 | **Laravel 5.7 REST API Email Verification and Authentication**
4 | -
5 | Packages used
6 |
7 | - tymon/jwt-auth: 1.0.0-rc.2
8 | - axios : 0.18
9 | - vue: 2.5.17 (Optional)
10 | - vue-router: 3.0.2 (Optional)
11 | - vuex: 3.1.0 (Optional)
12 |
13 | What does it do;
14 | - Email Verification via API
15 | - Authentication via API
16 | - Add, delete and update users via API
17 |
18 |
19 | How can I use?
20 | -
21 | 1. Clone the repository first
22 |
23 | ```git clone https://github.com/tolgayildizz/laravel-5.7-email-verification-and-auth-via-api.git```
24 |
25 | 2. You must load dependencies after cloning
26 | ```composer update```
27 | ```npm install```
28 |
29 | 3. Get an .env file from the .env.example file
30 | (the following codes only work in linux)
31 | ```cp .env.example .env```
32 | ```gedit .env```
33 |
34 | 4. Create the database and enter the information in the .env file
35 | 5. Get a laravel key
36 | ```php artisan key:generate```
37 |
38 | 6. Get a jwt key
39 | ```php artisan jwt:secret```
40 |
41 | 7. Create tables
42 | ```php artisan migrate:fresh```
43 |
44 | 8. Start Laravel server
45 | ```php artisan serve --port=8000```
46 |
47 | 
48 |
49 | **The application works, but how do I use it?**
50 | -
51 | We need an email server for email confirmation. Here we will help us mailtrap.io.
52 |
53 | 1. Sign up for free at mailtrap.io
54 | 2. Place the settings in the demo inbox in your .env file
55 | 3. Then run the following command;
56 | ```php artisan config:cache```
57 |
58 | 4. Now our mail server is ready. But we still need an API request tool. My preference is Insomnia but you can use postman. In the meantime, I would recommend Insomnia to you. https://insomnia.rest/ An open source REST client.
59 |
60 | **Let's start our requests now**
61 | -
62 |
63 | Let's start with the registration process
64 | ```http://127.0.0.1:8000/api/auth/register```
65 |
66 | Required fields;
67 |
68 | 1. email
69 | 2. name
70 | 3. password
71 | 4. password_confirmation
72 |
73 | Headers;
74 |
75 | 1. Accept: application/json
76 | 2. Content-Type: application/json
77 |
78 | 
79 |
80 | 
81 |
82 | Now let's do the login request
83 |
84 | ```http://127.0.0.1:8000/api/auth/login```
85 |
86 | Required fields;
87 |
88 | 1. email
89 | 2. password
90 |
91 | Headers;
92 |
93 | 1. Accept: application/json
94 | 2. Content-Type: application/json
95 |
96 | 
97 |
98 | The transaction was successful and returned us a token. We will proceed through this token. So let's copy this token value.
99 |
100 | Now we will make a request to reach our information. We will use the token value here. (Actually we'll always use it after that).
101 |
102 | Here you can send the token value with form or headers. I'm gonna use the headers.
103 |
104 | ```http://127.0.0.1:8000/api/auth/me```
105 |
106 | Optional fields;
107 |
108 | 1. token
109 |
110 | Headers;
111 |
112 | 1. Accept: application/json
113 | 2. Content-Type: application/json
114 | 3. Authorization: Bearer + "your token"
115 |
116 | 
117 |
118 | Now let's have a request to renew the password.
119 |
120 | ```http://127.0.0.1:8000/api/profile/current/set-password```
121 |
122 | Required fields;
123 |
124 | 1. newPassword
125 | 2. email
126 | 3. token
127 | 4. currentPassword
128 |
129 | Headers;
130 |
131 | 1. Accept: application/json
132 | 2. Content-Type: application/json
133 |
134 | 
135 |
136 | Password change operation completed successfully.
137 | Now let's check if the email is verified. (A mail is sent automatically when a user is registered.)
138 |
139 | ```http://127.0.0.1:8000/api/email/verify/```
140 |
141 | Optional fields;
142 |
143 | 1. token
144 |
145 | Headers;
146 |
147 | 1. Accept: application/json
148 | 2. Content-Type: application/json
149 | 3. Authorization : Bearer + "your token"
150 |
151 | (Do not forget to login again because we renew the password!)
152 |
153 | 
154 |
155 | (Email returned as a message unverified. Because we haven't done the email verification yet.)
156 |
157 | We've come to the part where things are getting a little complicated. Now we need to get a verification mail. (In fact, this mail came automatically when I signed up, but I'm putting this part to show the resend process).
158 |
159 | ```http://127.0.0.1:8000/api/email/resend/```
160 |
161 | Optional fields;
162 |
163 | 1. token
164 |
165 | Headers;
166 |
167 | 1. Accept: application/json
168 | 2. Content-Type: application/json
169 | 3. Authorization : Bearer + "your token"
170 |
171 | 
172 |
173 | 
174 |
175 | As you can see, the mail came. Now, what we need to do is get the signature that this link returns to us.
176 |
177 | Example email verify link:
178 | ```http://127.0.0.1:8000/email/verify?queryURL=http%3A%2F%2F127.0.0.1%3A8000%2Fapi%2Femail%2Fverify%2F10%3Fexpires%3D1548685326%26signature%3Da9e04bf0f188a490832439f868cf9d5b4c60dc33dfa155a80145075c328fcd0c```
179 |
180 | Example queryURL :
181 | ```http://127.0.0.1:8000/api/email/verify/10?expires=1548678462&signature=baa0af50040f689eccd241157d6b14708b1ec37e2fe94277c9aa45aee9cf8d69```
182 |
183 | I've defined a vue-router and component to capture this queryURL.
184 | Operation logic is very simple. ```/email/verify/``` retrieves the queryURL of the request to the route.
185 |
186 | Example vue-component:
187 | ```
188 |
189 |
190 |
191 | Email verification is taking place.
192 |
193 |
194 |
195 |
196 |
212 | ```
213 |
214 | I made the post process with the axios when it was connected to the component project. You can use different methods and frontend frameworks. It's just a component to explain its logic.
215 |
216 | Let's do the same with Insomnia now.
217 |
218 | Optional fields;
219 |
220 | 1. token
221 |
222 | Headers;
223 |
224 | 1. Accept: application/json
225 | 2. Content-Type: application/json
226 | 3. Authorization : Bearer + "your token"
227 |
228 | 
229 |
230 | Email seems to be verified. Let's check it out.
231 |
232 | ```http://127.0.0.1:8000/api/email/verify/```
233 |
234 | Let's have a request here and send our token together.
235 |
236 | 
237 |
238 | As you can see, we received an email confirmation.
239 |
240 | So how do we query the payload of our token?
241 |
242 | ```http://127.0.0.1:8000/api/auth/payload/```
243 |
244 | We have to make a request to. This returns the payload of our token. Of course we have to send our current token.
245 |
246 | Optional fields;
247 |
248 | 1. token
249 |
250 | Headers;
251 |
252 | 1. Accept: application/json
253 | 2. Content-Type: application/json
254 | 3. Authorization : Bearer + "your token"
255 |
256 | 
257 |
258 | As you can see, this is how we reach the payload information about our token.
259 |
260 | Now, let's logout.
261 |
262 | ```http://127.0.0.1:8000/api/auth/logout/```
263 |
264 | Optional fields;
265 |
266 | 1. token
267 |
268 | Headers;
269 |
270 | 1. Accept: application/json
271 | 2. Content-Type: application/json
272 | 3. Authorization : Bearer + "your token"
273 |
274 | 
275 |
276 | We have completed our exit process successfully.
277 |
278 | We need to renew our tokens within a certain time period. This is an important detail for security. (I prefer to do it every 45 minutes and immediately after important requests.)
279 |
280 | We need to request a refresh for this.
281 |
282 | ```http://127.0.0.1:8000/api/auth/refresh/```
283 |
284 | Optional fields;
285 |
286 | 1. token
287 |
288 | Headers;
289 |
290 | 1. Accept: application/json
291 | 2. Content-Type: application/json
292 | 3. Authorization : Bearer + "your token"
293 |
294 | 
295 |
296 | (In this process, make sure you have a token.)
297 |
298 | So what happens when we forget our password?
299 |
300 | First, we need to send a forgot password email by sending email and resetUrl to our server. (The ResetUrl frontend is also related to the address you use. For example, if you want to be redirected to the /forgot/password/reset/ page after you forget the password, send it as url.)
301 |
302 | My resetUrl address is ```127.0.0.1:8000//profile/forgot-password-reset/```
303 |
304 | The address of the request is as follows;
305 |
306 | ```127.0.0.1:8000/api/auth/forgot-password-email/```
307 |
308 | Required fields;
309 |
310 | 1. email
311 | 2. resetUrl
312 |
313 | Headers;
314 |
315 | 1. Accept: application/json
316 | 2. Content-Type: application/json
317 |
318 | IMPORTANT! At the end of resetUrl, we will have to add to /token/ email/.
319 |
320 | Example resetUrl;
321 |
322 | ```127.0.0.1:8000//profile/forgot-password-reset//```
323 |
324 | The token and email must be in <>. Please note that the important note is token and email. Otherwise there will be an error.
325 |
326 | Let's request now.
327 |
328 | 
329 |
330 | The transaction was successful and the email reset mail came in our inbox.
331 |
332 | 
333 |
334 | Now click on the link provided on the button. Let's go with the signature.
335 | (<> the token and email we sent in was filled in and sent back to us and we will have to catch it)
336 |
337 | ```
338 |
339 |
340 |
341 |
374 | ```
375 |
376 | I have reset the password by capturing the token and email values when the page is created and posting the new parallax with the axios to the address below. You can use different methods.
377 |
378 | Insomnia via post to this address we can perform the operation. (OPTIONAL)
379 |
380 | ```http://127.0.0.1:8000/api/auth/forgot-password-reset/```
381 |
382 | 
383 |
384 | That's all we can do for now. But in the future there will be more features. Obviously, I have tailored this warehouse to my own needs. It can gain more features than returns.
385 |
386 | An important note: I tried to explain the Vue framework as simple as possible. I felt like I didn't have to know the vue because every laravel uses it. People are using React and Jquery too. That's why I had to keep it pretty simple.
387 |
388 | [For more attention on vue.](https://vuejs.org/)
389 |
390 | Things To-do
391 | -
392 | In fact this will be shaped according to the number of people who use it (ie, the stars) and my needs. I will try to keep the package up-to-date if there is a simpler usage in new laravel versions.
393 |
394 | I plan to add in the future;
395 |
396 | 1. Socialite
397 | 2. This project is a clone written with laravel / passport
398 | 3. Multi Permission (Authorization)
399 | 4. Vue and React Page
400 | 5. Clone of this project written with adonis.js.
401 |
402 |
403 | Is there a problem?
404 | -
405 | Don't hesitate to write me if you get a mistake.
406 |
407 | Instagram: tolga._.yildiz
408 | E-mail : yildiztolgaa@gmail.com
409 |
--------------------------------------------------------------------------------