feat(user): SoftDelete
This commit is contained in:
parent
2b63ff47e9
commit
d3d81aa6c2
|
|
@ -13,7 +13,7 @@ use Symfony\Component\HttpFoundation\Response;
|
||||||
|
|
||||||
class AuthController extends Controller
|
class AuthController extends Controller
|
||||||
{
|
{
|
||||||
public function register(RegisterRequest $request): JsonResponse
|
public function register(RegisterRequest $request): JsonResponse
|
||||||
{
|
{
|
||||||
$data = $request->validated();
|
$data = $request->validated();
|
||||||
|
|
||||||
|
|
@ -43,7 +43,7 @@ public function register(RegisterRequest $request): JsonResponse
|
||||||
], Response::HTTP_CREATED);
|
], Response::HTTP_CREATED);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function login(LoginRequest $request): JsonResponse
|
public function login(LoginRequest $request): JsonResponse
|
||||||
{
|
{
|
||||||
$data = $request->validated();
|
$data = $request->validated();
|
||||||
|
|
||||||
|
|
@ -79,8 +79,6 @@ public function register(RegisterRequest $request): JsonResponse
|
||||||
'message' => __('auth.logout_success'),
|
'message' => __('auth.logout_success'),
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Determine the token name to use for the access token.
|
* Determine the token name to use for the access token.
|
||||||
*
|
*
|
||||||
|
|
@ -92,4 +90,19 @@ public function register(RegisterRequest $request): JsonResponse
|
||||||
|
|
||||||
return $deviceName !== '' ? $deviceName : 'api-token';
|
return $deviceName !== '' ? $deviceName : 'api-token';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function softDelete(Request $request): JsonResponse
|
||||||
|
{
|
||||||
|
$user = $request->user(); // ou $request->user('sanctum')
|
||||||
|
|
||||||
|
if (!$user) {
|
||||||
|
return response()->json(['message' => 'Unauthenticated.'], 401);
|
||||||
|
}
|
||||||
|
|
||||||
|
$user->delete(); // <= Soft delete si SoftDeletes est activé
|
||||||
|
|
||||||
|
return response()->json([
|
||||||
|
'message' => __('auth.soft_delete_success'),
|
||||||
|
]);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,7 @@ use App\Models\User;
|
||||||
use Illuminate\Http\Request;
|
use Illuminate\Http\Request;
|
||||||
use Illuminate\Support\Facades\Hash;
|
use Illuminate\Support\Facades\Hash;
|
||||||
use App\Http\Requests\Auth\UpdatePasswordRequest;
|
use App\Http\Requests\Auth\UpdatePasswordRequest;
|
||||||
|
use Illuminate\Http\JsonResponse;
|
||||||
|
|
||||||
class UsersController extends Controller
|
class UsersController extends Controller
|
||||||
{
|
{
|
||||||
|
|
@ -96,4 +97,19 @@ class UsersController extends Controller
|
||||||
'message' => 'Password updated successfully',
|
'message' => 'Password updated successfully',
|
||||||
]);
|
]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function softDeleteById(Request $request, User $user): JsonResponse
|
||||||
|
{
|
||||||
|
if ($user->trashed()) {
|
||||||
|
return response()->json([
|
||||||
|
'message' => 'User already soft deleted.',
|
||||||
|
], 409);
|
||||||
|
}
|
||||||
|
|
||||||
|
$user->delete();
|
||||||
|
|
||||||
|
return response()->json([
|
||||||
|
'message' => __('auth.soft_delete_success'),
|
||||||
|
]);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,30 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Http\Middleware;
|
||||||
|
|
||||||
|
use Closure;
|
||||||
|
use Illuminate\Http\Request;
|
||||||
|
use Symfony\Component\HttpFoundation\Response;
|
||||||
|
|
||||||
|
class EnsureUserIsAdmin
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Handle an incoming request.
|
||||||
|
*
|
||||||
|
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
|
||||||
|
*/
|
||||||
|
public function handle(Request $request, Closure $next): Response
|
||||||
|
{
|
||||||
|
/** @var \App\Models\User $user */
|
||||||
|
$user = $request->user();
|
||||||
|
|
||||||
|
if (
|
||||||
|
!$user ||
|
||||||
|
($user->role !== \App\Enums\UserRole::ADMIN)
|
||||||
|
) {
|
||||||
|
abort(403, 'Unauthorized action.');
|
||||||
|
}
|
||||||
|
|
||||||
|
return $next($request);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -9,18 +9,23 @@ use Illuminate\Support\Facades\Route;
|
||||||
use App\Http\Controllers\HuntsController;
|
use App\Http\Controllers\HuntsController;
|
||||||
use App\Http\Controllers\HuntStepsController;
|
use App\Http\Controllers\HuntStepsController;
|
||||||
use App\Http\Controllers\UsersController;
|
use App\Http\Controllers\UsersController;
|
||||||
|
use App\Http\Middleware\EnsureUserIsAdmin;
|
||||||
use App\Http\Middleware\EnsureUserIsOrga;
|
use App\Http\Middleware\EnsureUserIsOrga;
|
||||||
|
|
||||||
Route::prefix('auth')->group(function (): void {
|
Route::prefix('auth')->group(function (): void {
|
||||||
Route::post('register', [AuthController::class, 'register']);
|
Route::post('register', [AuthController::class, 'register']);
|
||||||
Route::post('login', [AuthController::class, 'login']);
|
Route::post('login', [AuthController::class, 'login']);
|
||||||
|
|
||||||
// Route::get('{provider}/redirect', [ProviderRedirectController::class, 'redirect']);
|
// Route::get('{provider}/redirect', [ProviderRedirectController::class, 'redirect']);
|
||||||
// Route::get('{provider}/callback', [ProviderCallbackController::class, 'callback']);
|
// Route::get('{provider}/callback', [ProviderCallbackController::class, 'callback']);
|
||||||
});
|
});
|
||||||
|
|
||||||
// List hunts
|
// List hunts
|
||||||
|
|
||||||
|
//Ensure is Admin
|
||||||
|
Route::middleware(['auth:sanctum', EnsureUserIsAdmin::class])->group(function () {
|
||||||
|
Route::post('users/{user}/delete', [UsersController::class, 'softDeleteById'])->withTrashed();
|
||||||
|
});
|
||||||
|
|
||||||
// Ensure is Orga
|
// Ensure is Orga
|
||||||
Route::middleware(['auth:sanctum', EnsureUserIsOrga::class])->group(function () {
|
Route::middleware(['auth:sanctum', EnsureUserIsOrga::class])->group(function () {
|
||||||
Route::post('hunts', [HuntsController::class, 'store']);
|
Route::post('hunts', [HuntsController::class, 'store']);
|
||||||
|
|
@ -33,6 +38,8 @@ Route::middleware(['auth:sanctum', EnsureUserIsOrga::class])->group(function ()
|
||||||
Route::middleware('auth:sanctum')->group(function (): void {
|
Route::middleware('auth:sanctum')->group(function (): void {
|
||||||
Route::get('hunts', [HuntsController::class, 'index']);
|
Route::get('hunts', [HuntsController::class, 'index']);
|
||||||
Route::get('hunts/{hunt}', [HuntsController::class, 'show']);
|
Route::get('hunts/{hunt}', [HuntsController::class, 'show']);
|
||||||
|
//Auth
|
||||||
|
Route::post('auth/delete', [AuthController::class, 'softDelete']);
|
||||||
// User
|
// User
|
||||||
Route::get('users/leaderboard', [UsersController::class, 'leaderboard']);
|
Route::get('users/leaderboard', [UsersController::class, 'leaderboard']);
|
||||||
Route::put('users/update/username', [UsersController::class, 'updateUsername']);
|
Route::put('users/update/username', [UsersController::class, 'updateUsername']);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue