Compare commits

..

No commits in common. "ab7b5c0a97098a845a01d3b5086010707799c006" and "3c0a6007d05345ec34b5c9d79231cba43d5c4e76" have entirely different histories.

3 changed files with 9 additions and 26 deletions

View File

@ -26,25 +26,7 @@ class PublicUserController extends Controller
'password' => Hash::make($request->input('password')) 'password' => Hash::make($request->input('password'))
]); ]);
$user->save(); $user->save();
session()->put('user', $user->id); session('user', $user->id);
session()->save(); session()->save();
} }
public function login(Request $request)
{
$user = User::where([ 'email' => $request->input('email') ])->get();
if ($user->count() == 0) {
return response()
->json('bad_password', 400);
}
$user = $user[0];
if (Hash::check($request->input('password'), $user->password)) {
session()->put('user', $user->id);
session()->save();
return;
}
return response()
->json('bad_password', 400);
}
} }

View File

@ -94,8 +94,6 @@ paths:
post: post:
tags: tags:
- Users - Users
description: |-
I know its not secure because anyone can reset anyones password. But here's a counterpoint: its not required to be secure, and i dont care
requestBody: requestBody:
content: content:
application/json: application/json:
@ -105,13 +103,17 @@ paths:
email: email:
type: string type: string
example: 'jdoe@example.com' example: 'jdoe@example.com'
new_pass:
type: string
example: 'very_strong_password123456'
responses: responses:
200: 200:
description: |- description: |-
The password is reset A reset password link is sent to the email, if such an account exists.
If no mailer is set and it is debug mode, link will be available in `X-Reset-Link`
400:
description: |-
Invalid email
This error also might be sent by laravel if your body is corrupted
/api/users/private/list: /api/users/private/list:
get: get:

View File

@ -10,7 +10,6 @@ Route::get('/', function() {
Route::prefix('/api')->group(function() { Route::prefix('/api')->group(function() {
Route::controller(PublicUserController::class)->prefix('/users')->group(function() { Route::controller(PublicUserController::class)->prefix('/users')->group(function() {
Route::put('/register', 'register'); Route::put('/register', 'register');
Route::post('/login', 'login');
}); });
}); });