Compare commits
No commits in common. "ab7b5c0a97098a845a01d3b5086010707799c006" and "3c0a6007d05345ec34b5c9d79231cba43d5c4e76" have entirely different histories.
ab7b5c0a97
...
3c0a6007d0
|
@ -26,25 +26,7 @@ class PublicUserController extends Controller
|
||||||
'password' => Hash::make($request->input('password'))
|
'password' => Hash::make($request->input('password'))
|
||||||
]);
|
]);
|
||||||
$user->save();
|
$user->save();
|
||||||
session()->put('user', $user->id);
|
session('user', $user->id);
|
||||||
session()->save();
|
session()->save();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function login(Request $request)
|
|
||||||
{
|
|
||||||
$user = User::where([ 'email' => $request->input('email') ])->get();
|
|
||||||
if ($user->count() == 0) {
|
|
||||||
return response()
|
|
||||||
->json('bad_password', 400);
|
|
||||||
}
|
|
||||||
|
|
||||||
$user = $user[0];
|
|
||||||
if (Hash::check($request->input('password'), $user->password)) {
|
|
||||||
session()->put('user', $user->id);
|
|
||||||
session()->save();
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
return response()
|
|
||||||
->json('bad_password', 400);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -94,8 +94,6 @@ paths:
|
||||||
post:
|
post:
|
||||||
tags:
|
tags:
|
||||||
- Users
|
- Users
|
||||||
description: |-
|
|
||||||
I know its not secure because anyone can reset anyones password. But here's a counterpoint: its not required to be secure, and i dont care
|
|
||||||
requestBody:
|
requestBody:
|
||||||
content:
|
content:
|
||||||
application/json:
|
application/json:
|
||||||
|
@ -105,13 +103,17 @@ paths:
|
||||||
email:
|
email:
|
||||||
type: string
|
type: string
|
||||||
example: 'jdoe@example.com'
|
example: 'jdoe@example.com'
|
||||||
new_pass:
|
|
||||||
type: string
|
|
||||||
example: 'very_strong_password123456'
|
|
||||||
responses:
|
responses:
|
||||||
200:
|
200:
|
||||||
description: |-
|
description: |-
|
||||||
The password is reset
|
A reset password link is sent to the email, if such an account exists.
|
||||||
|
|
||||||
|
If no mailer is set and it is debug mode, link will be available in `X-Reset-Link`
|
||||||
|
400:
|
||||||
|
description: |-
|
||||||
|
Invalid email
|
||||||
|
|
||||||
|
This error also might be sent by laravel if your body is corrupted
|
||||||
|
|
||||||
/api/users/private/list:
|
/api/users/private/list:
|
||||||
get:
|
get:
|
||||||
|
|
|
@ -10,7 +10,6 @@ Route::get('/', function() {
|
||||||
Route::prefix('/api')->group(function() {
|
Route::prefix('/api')->group(function() {
|
||||||
Route::controller(PublicUserController::class)->prefix('/users')->group(function() {
|
Route::controller(PublicUserController::class)->prefix('/users')->group(function() {
|
||||||
Route::put('/register', 'register');
|
Route::put('/register', 'register');
|
||||||
Route::post('/login', 'login');
|
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue