dwindown/dewemoji
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a90525635377d22da20a12dbcc89f85b02b2370b
dewemoji/app/app/Http/Controllers/Api/V1/UserController.php
Dwindi Ramadhana a905256353 Update pricing UX, billing flows, and API rules
2026-02-12 00:52:40 +07:00

172 lines
5.0 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Controllers\Api\V1;
use App\Http\Controllers\Controller;
use App\Models\User;
use App\Models\UserApiKey;
use App\Services\Auth\ApiKeyService;
use Carbon\Carbon;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
class UserController extends Controller
{
public function __construct(
private readonly ApiKeyService $keys
) {
}
public function register(Request $request): JsonResponse
{
$data = $request->validate([
'email' => 'required|email|max:255|unique:users,email',
'password' => 'required|min:8|max:255',
'name' => 'nullable|string|max:120',
]);
$name = $data['name'] ?? strtok($data['email'], '@');
$user = User::create([
'name' => $name ?: 'User',
'email' => $data['email'],
'password' => Hash::make($data['password']),
'tier' => 'free',
]);
$issued = null;
if ((string) $user->tier === 'personal') {
$issued = $this->keys->issueKey($user, 'default');
}
return response()->json([
'ok' => true,
'user' => [
'id' => $user->id,
'email' => $user->email,
'tier' => $user->tier,
],
'api_key' => $issued['plain'] ?? null,
]);
}
public function login(Request $request): JsonResponse
{
$data = $request->validate([
'email' => 'required|email|max:255',
'password' => 'required|string|max:255',
]);
/** @var User|null $user */
$user = User::where('email', $data['email'])->first();
if (!$user || !Hash::check($data['password'], $user->password)) {
return response()->json([
'ok' => false,
'error' => 'invalid_credentials',
], 401);
}
$issued = null;
if ((string) $user->tier === 'personal') {
$issued = $this->keys->issueKey($user, 'login');
}
return response()->json([
'ok' => true,
'user' => [
'id' => $user->id,
'email' => $user->email,
'tier' => $user->tier,
],
'api_key' => $issued['plain'] ?? null,
]);
}
public function logout(Request $request): JsonResponse
{
$key = $this->keys->parseKey($request);
if ($key === '') {
return response()->json(['ok' => true]);
}
$hash = $this->keys->hashKey($key);
UserApiKey::where('key_hash', $hash)->update([
'revoked_at' => Carbon::now(),
]);
return response()->json(['ok' => true]);
}
public function listApiKeys(Request $request): JsonResponse
{
$user = $this->keys->resolveUser($request);
if (!$user) {
return response()->json(['ok' => false, 'error' => 'unauthorized'], 401);
}
$items = UserApiKey::where('user_id', $user->id)
->orderByDesc('id')
->get()
->map(fn (UserApiKey $key) => [
'id' => $key->id,
'prefix' => $key->key_prefix,
'name' => $key->name,
'created_at' => $key->created_at,
'last_used_at' => $key->last_used_at,
'revoked_at' => $key->revoked_at,
]);
return response()->json([
'ok' => true,
'items' => $items,
]);
}
public function createApiKey(Request $request): JsonResponse
{
$user = $this->keys->resolveUser($request);
if (!$user) {
return response()->json(['ok' => false, 'error' => 'unauthorized'], 401);
}
if ((string) $user->tier !== 'personal') {
return response()->json(['ok' => false, 'error' => 'personal_required'], 403);
}
$data = $request->validate([
'name' => 'nullable|string|max:100',
]);
$issued = $this->keys->issueKey($user, $data['name'] ?? null);
return response()->json([
'ok' => true,
'api_key' => $issued['plain'],
'key' => [
'id' => $issued['record']->id,
'prefix' => $issued['record']->key_prefix,
'name' => $issued['record']->name,
'created_at' => $issued['record']->created_at,
],
]);
}
public function revokeApiKey(Request $request, string $key): JsonResponse
{
$user = $this->keys->resolveUser($request);
if (!$user) {
return response()->json(['ok' => false, 'error' => 'unauthorized'], 401);
}
$hash = $this->keys->hashKey($key);
$updated = UserApiKey::where('user_id', $user->id)
->where('key_hash', $hash)
->whereNull('revoked_at')
->update(['revoked_at' => Carbon::now()]);
return response()->json([
'ok' => true,
'revoked' => $updated > 0,
]);
}
}
Reference in New Issue View Git Blame Copy Permalink