131 lines
3.3 KiB
PHP
Executable file
131 lines
3.3 KiB
PHP
Executable file
<?php
|
|
|
|
namespace App\Http\Controllers\Auth;
|
|
|
|
use App\Http\Controllers\Controller;
|
|
use App\Mail\MagicLoginLink;
|
|
use App\Services\MagicLinkAuthService;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Support\Facades\Mail;
|
|
use Illuminate\Support\Facades\URL;
|
|
use Illuminate\Validation\ValidationException;
|
|
|
|
class MagicLinkController extends Controller
|
|
{
|
|
public function __construct(
|
|
protected MagicLinkAuthService $authService
|
|
) {}
|
|
|
|
/**
|
|
* Show the login form.
|
|
*/
|
|
public function showLoginForm()
|
|
{
|
|
return view('auth.login');
|
|
}
|
|
|
|
/**
|
|
* Send a magic link to the user's email.
|
|
*/
|
|
public function sendLink(Request $request)
|
|
{
|
|
$request->validate([
|
|
'email' => 'required|email',
|
|
]);
|
|
|
|
$email = $request->email;
|
|
$ip = $request->ip();
|
|
$userAgent = $request->userAgent();
|
|
|
|
try {
|
|
$token = $this->authService->sendMagicLink($email, $ip, $userAgent);
|
|
|
|
// Generate signed URL valid for 15 minutes
|
|
$loginUrl = URL::temporarySignedRoute(
|
|
'magic-link.verify',
|
|
now()->addMinutes(15),
|
|
['token' => $token->plain_token]
|
|
);
|
|
|
|
// Queue the magic link email
|
|
Mail::to($email)->queue(new MagicLoginLink($loginUrl, $token->plain_code, 15));
|
|
|
|
return redirect()->route('verify-code')
|
|
->with('status', 'Check your email for your login code!')
|
|
->with('email', $email);
|
|
} catch (ValidationException $e) {
|
|
throw $e;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Show the code verification form.
|
|
*/
|
|
public function showCodeForm(Request $request)
|
|
{
|
|
return view('auth.verify-code');
|
|
}
|
|
|
|
/**
|
|
* Verify the magic link token.
|
|
*/
|
|
public function verifyLink(Request $request)
|
|
{
|
|
// Validate the signed URL
|
|
if (!$request->hasValidSignature()) {
|
|
return redirect()->route('login')->with('error', 'Invalid or expired magic link.');
|
|
}
|
|
|
|
$token = $request->token;
|
|
|
|
if ($this->authService->verifyMagicLink($token)) {
|
|
$request->session()->regenerate();
|
|
|
|
return redirect()->route('dashboard');
|
|
}
|
|
|
|
return redirect()->route('login')->with('error', 'Invalid or expired magic link.');
|
|
}
|
|
|
|
/**
|
|
* Verify the magic code.
|
|
*/
|
|
public function verifyCode(Request $request)
|
|
{
|
|
$request->validate([
|
|
'email' => 'required|email',
|
|
'code' => 'required|digits:6',
|
|
]);
|
|
|
|
$email = $request->email;
|
|
$code = $request->code;
|
|
|
|
try {
|
|
if ($this->authService->verifyCode($email, $code)) {
|
|
$request->session()->regenerate();
|
|
|
|
return redirect()->route('dashboard');
|
|
}
|
|
|
|
return back()->withErrors([
|
|
'code' => 'Invalid or expired code.',
|
|
]);
|
|
} catch (ValidationException $e) {
|
|
throw $e;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Log the user out.
|
|
*/
|
|
public function logout(Request $request)
|
|
{
|
|
Auth::logout();
|
|
|
|
$request->session()->invalidate();
|
|
$request->session()->regenerateToken();
|
|
|
|
return redirect('/');
|
|
}
|
|
}
|