Created
April 22, 2021 19:51
-
-
Save thewebartisan7/67f271d1d6caebfb818c693f0aa05869 to your computer and use it in GitHub Desktop.
Authenticate Session Controller Laravel Sanctum
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| namespace App\Http\Controllers\Auth; | |
| use App\Http\Controllers\Controller; | |
| use Illuminate\Http\Request; | |
| use Illuminate\Validation\ValidationException; | |
| use Illuminate\Support\Facades\Auth; | |
| use Illuminate\Support\Facades\RateLimiter; | |
| use Illuminate\Auth\Events\Lockout; | |
| use Illuminate\Support\Str; | |
| use App\Http\Resources\UserResource; | |
| class AuthenticatedSessionController extends Controller | |
| { | |
| /** | |
| * Handle an incoming authentication request. | |
| * | |
| * @param Request $request | |
| * @return UserResource | |
| * @throws ValidationException | |
| */ | |
| public function store(Request $request) : UserResource | |
| { | |
| if (RateLimiter::tooManyAttempts($throttleKey = Str::lower($request->email).'|'.$request->ip(), 5)) { | |
| event(new Lockout($request)); | |
| $seconds = RateLimiter::availableIn($throttleKey); | |
| throw ValidationException::withMessages([ | |
| 'email' => trans('auth.throttle', [ | |
| 'seconds' => $seconds, | |
| 'minutes' => ceil($seconds / 60), | |
| ]), | |
| ]); | |
| } | |
| $request->validate([ | |
| 'email' => 'required|string|email', | |
| 'password' => 'required|string' | |
| ]); | |
| if (!Auth::guard('web')->attempt($request->only('email', 'password'), $request->remember)) { | |
| RateLimiter::hit($throttleKey); | |
| throw ValidationException::withMessages([ | |
| 'email' => __('auth.failed'), | |
| ]); | |
| } | |
| RateLimiter::clear($throttleKey); | |
| $request->session()->regenerate(); | |
| return new UserResource(Auth::user()); | |
| } | |
| /** | |
| * Destroy an authenticated session. | |
| * | |
| * @param Request $request | |
| * @return \Illuminate\Http\JsonResponse | |
| */ | |
| public function destroy(Request $request) : \Illuminate\Http\JsonResponse | |
| { | |
| Auth::guard('web')->logout(); | |
| $request->session()->invalidate(); | |
| $request->session()->regenerateToken(); | |
| return response()->json(null); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment