test borked

app/Http/Controllers/Auth/MagicLinkController.php

@@ -0,0 +1,129 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Mail\MagicLoginLink;
+use App\Services\MagicLinkAuthService;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Mail;
+use Illuminate\Support\Facades\URL;
+use Illuminate\Validation\ValidationException;
+
+class MagicLinkController extends Controller
+{
+    public function __construct(
+        protected MagicLinkAuthService $authService
+    ) {}
+
+    /**
+     * Show the login form.
+     */
+    public function showLoginForm()
+    {
+        return view('auth.login');
+    }
+
+    /**
+     * Send a magic link to the user's email.
+     */
+    public function sendLink(Request $request)
+    {
+        $request->validate([
+            'email' => 'required|email',
+        ]);
+
+        $email = $request->email;
+        $ip = $request->ip();
+        $userAgent = $request->userAgent();
+
+        try {
+            $token = $this->authService->sendMagicLink($email, $ip, $userAgent);
+
+            // Generate signed URL valid for 15 minutes
+            $loginUrl = URL::temporarySignedRoute(
+                'magic-link.verify',
+                now()->addMinutes(15),
+                ['token' => $token->plain_token]
+            );
+
+            // Queue the magic link email
+            Mail::to($email)->queue(new MagicLoginLink($loginUrl, $token->plain_code, 15));
+
+            return back()->with('status', 'Check your email for a login link and code!');
+        } catch (ValidationException $e) {
+            throw $e;
+        }
+    }
+
+    /**
+     * Show the code verification form.
+     */
+    public function showCodeForm(Request $request)
+    {
+        return view('auth.verify-code');
+    }
+
+    /**
+     * Verify the magic link token.
+     */
+    public function verifyLink(Request $request)
+    {
+        // Validate the signed URL
+        if (!$request->hasValidSignature()) {
+            return redirect()->route('login')->with('error', 'Invalid or expired magic link.');
+        }
+
+        $token = $request->token;
+
+        if ($this->authService->verifyMagicLink($token)) {
+            $request->session()->regenerate();
+
+            return redirect()->route('dashboard');
+        }
+
+        return redirect()->route('login')->with('error', 'Invalid or expired magic link.');
+    }
+
+    /**
+     * Verify the magic code.
+     */
+    public function verifyCode(Request $request)
+    {
+        $request->validate([
+            'email' => 'required|email',
+            'code' => 'required|digits:6',
+        ]);
+
+        $email = $request->email;
+        $code = $request->code;
+
+        try {
+            if ($this->authService->verifyCode($email, $code)) {
+                $request->session()->regenerate();
+
+                return redirect()->route('dashboard');
+            }
+
+            return back()->withErrors([
+                'code' => 'Invalid or expired code.',
+            ]);
+        } catch (ValidationException $e) {
+            throw $e;
+        }
+    }
+
+    /**
+     * Log the user out.
+     */
+    public function logout(Request $request)
+    {
+        Auth::logout();
+
+        $request->session()->invalidate();
+        $request->session()->regenerateToken();
+
+        return redirect('/');
+    }
+}