test borked

app/Models/User.php

@@ -4,6 +4,7 @@ namespace App\Models;
 
 // use Illuminate\Contracts\Auth\MustVerifyEmail;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Relations\HasMany;
 use Illuminate\Foundation\Auth\User as Authenticatable;
 use Illuminate\Notifications\Notifiable;
 
@@ -19,8 +20,7 @@ class User extends Authenticatable
      */
     protected $fillable = [
         'name',
-        'email',
-        'password',
+        'email_hash',
     ];
 
     /**
@@ -29,7 +29,7 @@ class User extends Authenticatable
      * @var list<string>
      */
     protected $hidden = [
-        'password',
+        'email_hash',
         'remember_token',
     ];
 
@@ -42,7 +42,32 @@ class User extends Authenticatable
     {
         return [
             'email_verified_at' => 'datetime',
-            'password' => 'hashed',
         ];
     }
+
+    /**
+     * Hash an email address using HMAC-SHA256.
+     */
+    public static function hashEmail(string $email): string
+    {
+        return hash_hmac('sha256', strtolower(trim($email)), config('app.key'));
+    }
+
+    /**
+     * Find a user by their email address.
+     */
+    public static function findByEmail(string $email): ?self
+    {
+        $emailHash = self::hashEmail($email);
+
+        return self::where('email_hash', $emailHash)->first();
+    }
+
+    /**
+     * Get the magic login tokens for the user.
+     */
+    public function magicLoginTokens(): HasMany
+    {
+        return $this->hasMany(MagicLoginToken::class, 'email_hash', 'email_hash');
+    }
 }