validate([ 'name' => 'required|string|max:255', 'email' => 'required|string|email|max:255|unique:users', 'password' => 'required|string|min:6|confirmed', 'role' => 'required|in:pelanggan,karyawan,pemilik', ]); $user = User::create([ 'name' => $request->name, 'email' => $request->email, 'password' => Hash::make($request->password), 'role' => $request->role, ]); event(new Registered($user)); // Kirim email verifikasi otomatis return response()->json(['message' => 'Registrasi berhasil, silakan cek email untuk verifikasi'], 201); } public function login(Request $request) { $request->validate([ 'email' => 'required|string|email', 'password' => 'required|string', ]); $user = User::where('email', $request->email)->first(); if (! $user || ! Hash::check($request->password, $user->password)) { throw ValidationException::withMessages([ 'email' => ['Email atau password salah.'], ]); } // Tambahan: hanya izinkan login jika sudah disetujui if ($user->role === 'karyawan' && ! $user->is_approved) { return response()->json(['message' => 'Akun Anda belum disetujui oleh pemilik.'], 403); } $token = $user->createToken('auth_token')->plainTextToken; return response()->json([ 'access_token' => $token, 'token_type' => 'Bearer', 'user' => $user, ]); } // User info public function user(Request $request) { return $request->user(); } // Logout public function logout(Request $request) { $request->user()->tokens()->delete(); return response()->json(['message'=>'Logged out']); } }