scan.fyi/app/Http/Controllers/Auth/MagicLinkController.php

<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use App\Mail\MagicLoginLink;
use App\Services\MagicLinkAuthService;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\URL;
use Illuminate\Validation\ValidationException;

class MagicLinkController extends Controller
{
    public function __construct(
        protected MagicLinkAuthService $authService
    ) {}

    /**
     * Show the login form.
     */
    public function showLoginForm()
    {
        return view('auth.login');
    }

    /**
     * Send a magic link to the user's email.
     */
    public function sendLink(Request $request)
    {
        $request->validate([
            'email' => 'required|email',
        ]);

        $email = $request->email;
        $ip = $request->ip();
        $userAgent = $request->userAgent();

        try {
            $token = $this->authService->sendMagicLink($email, $ip, $userAgent);

            // Generate signed URL valid for 15 minutes
            $loginUrl = URL::temporarySignedRoute(
                'magic-link.verify',
                now()->addMinutes(15),
                ['token' => $token->plain_token]
            );

            // Queue the magic link email
            Mail::to($email)->queue(new MagicLoginLink($loginUrl, $token->plain_code, 15));

            return back()->with('status', 'Check your email for a login link and code!');
        } catch (ValidationException $e) {
            throw $e;
        }
    }

    /**
     * Show the code verification form.
     */
    public function showCodeForm(Request $request)
    {
        return view('auth.verify-code');
    }

    /**
     * Verify the magic link token.
     */
    public function verifyLink(Request $request)
    {
        // Validate the signed URL
        if (!$request->hasValidSignature()) {
            return redirect()->route('login')->with('error', 'Invalid or expired magic link.');
        }

        $token = $request->token;

        if ($this->authService->verifyMagicLink($token)) {
            $request->session()->regenerate();

            return redirect()->route('dashboard');
        }

        return redirect()->route('login')->with('error', 'Invalid or expired magic link.');
    }

    /**
     * Verify the magic code.
     */
    public function verifyCode(Request $request)
    {
        $request->validate([
            'email' => 'required|email',
            'code' => 'required|digits:6',
        ]);

        $email = $request->email;
        $code = $request->code;

        try {
            if ($this->authService->verifyCode($email, $code)) {
                $request->session()->regenerate();

                return redirect()->route('dashboard');
            }

            return back()->withErrors([
                'code' => 'Invalid or expired code.',
            ]);
        } catch (ValidationException $e) {
            throw $e;
        }
    }

    /**
     * Log the user out.
     */
    public function logout(Request $request)
    {
        Auth::logout();

        $request->session()->invalidate();
        $request->session()->regenerateToken();

        return redirect('/');
    }
}