mercredi 21 juin 2017

Laravel Lumen create user only by admin

i am new to lumen and laravel and im trying to make an application to generate api token using lumen for user

i made login and registration but i want only admin can create the user, can anyone help me how to do that or point me at the right direction?

heres my code :

UserController

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use App\User;

class UserController extends Controller
{
/**
 * Register new user
 *
 * @param $request Request
 */
public function register(Request $request)
{
    $hasher = app()->make('hash');
    $username = $request->input('username');
    $email = $request->input('email');
    $password = $hasher->make($request->input('password'));
    $register = User::create([
        'username'=> $username,
        'email'=> $email,
        'password'=> $password,
    ]);
    if ($register) {
        $res['success'] = true;
        $res['message'] = 'Success register!';
        return response($res);
    }
    else{
        $res['success'] = false;
        $res['message'] = 'Failed to register!';
        return response($res);
    }
}
/**
 * Get user by id
 *
 * URL /user/{id}
 */
public function get_user(Request $request, $id)
{
    $user = User::where('id', $id)->get();
    if ($user) {
          $res['success'] = true;
          $res['message'] = $user;

          return response($res);
    }else{
      $res['success'] = false;
      $res['message'] = 'Cannot find user!';

      return response($res);
    }
}
}

LoginController

<?php
namespace App\Http\Controllers;

use Illuminate\Http\Request;
use App\User;

class LoginController extends Controller
{
/**
 * Index login controller
 *
 * When user success login will retrive callback as api_token
 */
public function index(Request $request)
{
    $hasher = app()->make('hash');
    $email = $request->input('email');
    $password = $request->input('password');
    $login = User::where('email', $email)->first();
    if (!$login) {
        $res['success'] = false;
        $res['message'] = 'Your email or password incorrect!';
        return response($res);
    }
    else {
        if ($hasher->check($password, $login->password)) {
            $api_token = sha1(time());
            $create_token = User::where('id', $login->id)->update(['api_token' => $api_token]);
            if ($create_token) {
                $res['success'] = true;
                $res['api_token'] = $api_token;
                $res['message'] = $login;
                return response($res);
            }
        }
        else {
            $api_token = sha1(time());
            $create_token = User::where('id', $login->id)->update(['api_token' => $api_token]);
                $res['success'] = true;
                $res['api_token'] = $api_token;
                $res['message'] = $login;
            return response($res);
        }
    }
}
}

Authenticate Middleware

<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Contracts\Auth\Factory as Auth;

class Authenticate
{
/**
 * The authentication guard factory instance.
 *
 * @var \Illuminate\Contracts\Auth\Factory
 */
protected $auth;

/**
 * Create a new middleware instance.
 *
 * @param  \Illuminate\Contracts\Auth\Factory  $auth
 * @return void
 */
public function __construct(Auth $auth)
{
    $this->auth = $auth;
}

/**
 * Handle an incoming request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Closure  $next
 * @param  string|null  $guard
 * @return mixed
 */
public function handle($request, Closure $next, $guard = null)
{
    if ($this->auth->guard($guard)->guest()) {
        if ($request->has('api_token')) {
            $token = $request->input('api_token');
            $check_token = User::where('api_token', $token)->first();
            if ($check_token == null) {
                $res['success'] = false;
                $res['message'] = 'Permission not allowed!';

                return response($res);
            }
        }else{
            $res['success'] = false;
            $res['message'] = 'Login please!';

            return response($res);
        }
    }
    return $next($request);
}
}



from Newest questions tagged laravel-5 - Stack Overflow http://ift.tt/2sXxXI3
via IFTTT

Aucun commentaire:

Enregistrer un commentaire