190 lines
5.6 KiB
PHP
190 lines
5.6 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use Illuminate\Http\Request;
|
|
use App\Models\Pengguna;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Validation\Rule;
|
|
use App\Mail\ForgotPasswordMail;
|
|
use Illuminate\Support\Str;
|
|
use Illuminate\Support\Facades\DB;
|
|
use Carbon\Carbon;
|
|
use Illuminate\Support\Facades\Mail;
|
|
|
|
class PenggunaController extends Controller
|
|
{
|
|
public function register(Request $request)
|
|
{
|
|
$request->validate([
|
|
'nama' => 'required|string|max:255',
|
|
'email' => 'required|email|unique:pengguna',
|
|
'kata_sandi' => 'required|min:6',
|
|
]);
|
|
|
|
$pengguna = Pengguna::create([
|
|
'nama' => $request->nama,
|
|
'email' => $request->email,
|
|
'kata_sandi' => Hash::make($request->kata_sandi),
|
|
]);
|
|
|
|
return response()->json(['message' => 'Registrasi berhasil'], 201);
|
|
}
|
|
|
|
public function login(Request $request)
|
|
{
|
|
$request->validate([
|
|
'email' => 'required|email',
|
|
'kata_sandi' => 'required'
|
|
]);
|
|
|
|
$pengguna = Pengguna::where('email', $request->email)->first();
|
|
|
|
if (!$pengguna || !Hash::check($request->kata_sandi, $pengguna->kata_sandi)) {
|
|
return response()->json(['message' => 'Email atau kata sandi salah'], 401);
|
|
}
|
|
|
|
$token = $pengguna->createToken('API token')->plainTextToken;
|
|
|
|
return response()->json([
|
|
'message' => 'Login berhasil',
|
|
'token' => $token
|
|
]);
|
|
}
|
|
|
|
public function logout(Request $request)
|
|
{
|
|
$request->user()->tokens()->delete();
|
|
|
|
return response()->json(['message' => 'Logout berhasil']);
|
|
}
|
|
|
|
public function profile(Request $request)
|
|
{
|
|
$pengguna = $request->user();
|
|
|
|
return response()->json([
|
|
'nama' => $pengguna->nama,
|
|
'email' => $pengguna->email
|
|
]);
|
|
}
|
|
|
|
public function updateProfile(Request $request)
|
|
{
|
|
$pengguna = $request->user();
|
|
|
|
$request->validate([
|
|
'nama' => 'required|string|max:255',
|
|
'email' => [
|
|
'required',
|
|
'email',
|
|
Rule::unique('pengguna')->ignore($pengguna->id)
|
|
],
|
|
'kata_sandi' => 'nullable|min:8',
|
|
]);
|
|
|
|
$pengguna->nama = $request->nama;
|
|
$pengguna->email = $request->email;
|
|
|
|
if ($request->filled('kata_sandi')) {
|
|
$pengguna->kata_sandi = Hash::make($request->kata_sandi);
|
|
}
|
|
|
|
$pengguna->save();
|
|
|
|
return response()->json([
|
|
'message' => 'Profil berhasil diperbarui',
|
|
'pengguna' => [
|
|
'nama' => $pengguna->nama,
|
|
'email' => $pengguna->email
|
|
]
|
|
]);
|
|
}
|
|
|
|
public function forgotPassword(Request $request)
|
|
{
|
|
$request->validate([
|
|
'email' => 'required|email|exists:pengguna,email',
|
|
]);
|
|
|
|
// Generate plain text token for API
|
|
$plainToken = Str::random(60);
|
|
|
|
// Store hashed token in database
|
|
DB::table('password_resets')->updateOrInsert(
|
|
['email' => $request->email],
|
|
[
|
|
'email' => $request->email,
|
|
'token' => Hash::make($plainToken),
|
|
'created_at' => Carbon::now(),
|
|
]
|
|
);
|
|
|
|
// Buat URL untuk web
|
|
$resetLink = url('/reset-password') . '?token=' . $plainToken . '&email=' . urlencode($request->email);
|
|
|
|
// Kirim email dengan URL web dan mobile deep link
|
|
Mail::to($request->email)->send(new ForgotPasswordMail($resetLink, $plainToken, $request->email));
|
|
|
|
// Return token dalam API response untuk mobile app
|
|
return response()->json([
|
|
'status' => true,
|
|
'message' => 'Kami telah mengirim email reset password.',
|
|
'token' => $plainToken, // Return plain token untuk mobile app
|
|
]);
|
|
}
|
|
|
|
public function resetPassword(Request $request)
|
|
{
|
|
$request->validate([
|
|
'token' => 'required|string',
|
|
'email' => 'required|email|exists:pengguna,email',
|
|
'password' => 'required|string|min:8',
|
|
'password_confirmation' => 'required|same:password',
|
|
]);
|
|
|
|
// Cek token di database
|
|
$passwordReset = DB::table('password_resets')
|
|
->where('email', $request->email)
|
|
->first();
|
|
|
|
if (!$passwordReset) {
|
|
return response()->json([
|
|
'status' => false,
|
|
'message' => 'Token tidak valid atau sudah kadaluarsa.'
|
|
], 400);
|
|
}
|
|
|
|
// Verifikasi token
|
|
if (!Hash::check($request->token, $passwordReset->token)) {
|
|
return response()->json([
|
|
'status' => false,
|
|
'message' => 'Token tidak valid.'
|
|
], 400);
|
|
}
|
|
|
|
// Periksa apakah token sudah kadaluarsa (60 menit)
|
|
$expiresAt = Carbon::parse($passwordReset->created_at)->addMinutes(60);
|
|
if (Carbon::now()->isAfter($expiresAt)) {
|
|
return response()->json([
|
|
'status' => false,
|
|
'message' => 'Token sudah kadaluarsa.'
|
|
], 400);
|
|
}
|
|
|
|
// Reset password
|
|
$pengguna = Pengguna::where('email', $request->email)->first();
|
|
$pengguna->kata_sandi = Hash::make($request->password);
|
|
$pengguna->save();
|
|
|
|
// Hapus token setelah digunakan
|
|
DB::table('password_resets')->where('email', $request->email)->delete();
|
|
|
|
return response()->json([
|
|
'status' => true,
|
|
'message' => 'Password berhasil direset.'
|
|
]);
|
|
}
|
|
}
|