Hamza/nabeh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2e7cd11f855a8972d91a540e47e3f79089612caa
nabeh/backend/app/Controllers/AuthController.php
Hamza-Ayed aae860486a Deploy: 2026-05-21 01:58:32
2026-05-21 01:58:32 +03:00

148 lines
4.4 KiB
PHP
Raw Blame History

<?php
namespace App\Controllers;
use App\Core\Request;
use App\Core\Response;
use App\Core\Security;
use App\Models\User;
use App\Models\Company;
class AuthController extends BaseController
{
/**
* Register a new company and admin user
*/
public function register(Request $request, Response $response): void
{
$errors = $this->validate($request, [
'company_name' => 'required|min:3',
'user_name' => 'required|min:3',
'email' => 'required|email',
'password' => 'required|strong_password'
]);
if (!empty($errors)) {
$response->json(['errors' => $errors], 400);
return;
}
$data = $request->getBody();
// Check if user already exists securely via Blind Index
$existingUser = User::findByEmail($data['email']);
if ($existingUser) {
$response->json(['errors' => ['email' => ['This email is already registered.']]], 409);
return;
}
try {
// Create Company
$companyId = Company::create([
'name' => $data['company_name']
]);
// Create Admin User for this Company
$userId = User::createSecure([
'company_id' => $companyId,
'name' => $data['user_name'],
'email' => strtolower(trim($data['email'])),
'password' => $data['password'],
'role' => 'admin'
]);
$response->json([
'message' => 'Company and Admin user registered successfully.',
'company_id' => $companyId,
'user_id' => $userId
], 201);
} catch (\Exception $e) {
error_log("Registration Error: " . $e->getMessage());
$response->json(['error' => 'An error occurred during registration.'], 500);
}
}
/**
* Login existing user and return JWT
*/
public function login(Request $request, Response $response): void
{
$errors = $this->validate($request, [
'email' => 'required|email',
'password' => 'required'
]);
if (!empty($errors)) {
$response->json(['errors' => $errors], 400);
return;
}
$data = $request->getBody();
// Find user by email blind index
$user = User::findByEmail($data['email']);
if (!$user) {
$response->json(['error' => 'Invalid email or password'], 401);
return;
}
// Verify password hash
if (!Security::verifyPassword($data['password'], $user['password'])) {
$response->json(['error' => 'Invalid email or password'], 401);
return;
}
if ($user['status'] !== 'active') {
$response->json(['error' => 'Your account is inactive or suspended.'], 403);
return;
}
// Generate standard JWT token with full required payload
$payload = [
'user_id' => $user['id'],
'company_id' => $user['company_id'],
'role' => $user['role']
];
$token = Security::generateJWT($payload);
$response->json([
'message' => 'Login successful',
'token' => $token,
'user' => [
'id' => $user['id'],
'company_id' => $user['company_id'],
'name' => $user['name'],
'role' => $user['role']
]
], 200);
}
/**
* Get current logged in user details
* (Protected by AuthMiddleware)
*/
public function me(Request $request, Response $response): void
{
$user = User::find($request->user_id);
if (!$user || (int)$user['company_id'] !== (int)$request->company_id) {
$response->json(['error' => 'User not found'], 404);
return;
}
$response->json([
'user' => [
'id' => $user['id'],
'company_id' => $user['company_id'],
'name' => $user['name'],
'email' => Security::decrypt($user['email']), // Decrypt email before sending back
'role' => $user['role'],
'status' => $user['status'],
'created_at' => $user['created_at']
]
]);
}
}
Reference in New Issue View Git Blame Copy Permalink