feat(user): SoftDelete

This commit is contained in:
NathanCorberan 2026-01-08 12:39:05 +01:00
parent 2b63ff47e9
commit d3d81aa6c2
4 changed files with 71 additions and 5 deletions

View File

@ -79,8 +79,6 @@ public function register(RegisterRequest $request): JsonResponse
'message' => __('auth.logout_success'),
]);
}
/**
* Determine the token name to use for the access token.
*
@ -92,4 +90,19 @@ public function register(RegisterRequest $request): JsonResponse
return $deviceName !== '' ? $deviceName : 'api-token';
}
public function softDelete(Request $request): JsonResponse
{
$user = $request->user(); // ou $request->user('sanctum')
if (!$user) {
return response()->json(['message' => 'Unauthenticated.'], 401);
}
$user->delete(); // <= Soft delete si SoftDeletes est activé
return response()->json([
'message' => __('auth.soft_delete_success'),
]);
}
}

View File

@ -6,6 +6,7 @@ use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use App\Http\Requests\Auth\UpdatePasswordRequest;
use Illuminate\Http\JsonResponse;
class UsersController extends Controller
{
@ -96,4 +97,19 @@ class UsersController extends Controller
'message' => 'Password updated successfully',
]);
}
public function softDeleteById(Request $request, User $user): JsonResponse
{
if ($user->trashed()) {
return response()->json([
'message' => 'User already soft deleted.',
], 409);
}
$user->delete();
return response()->json([
'message' => __('auth.soft_delete_success'),
]);
}
}

View File

@ -0,0 +1,30 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class EnsureUserIsAdmin
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
/** @var \App\Models\User $user */
$user = $request->user();
if (
!$user ||
($user->role !== \App\Enums\UserRole::ADMIN)
) {
abort(403, 'Unauthorized action.');
}
return $next($request);
}
}

View File

@ -9,18 +9,23 @@ use Illuminate\Support\Facades\Route;
use App\Http\Controllers\HuntsController;
use App\Http\Controllers\HuntStepsController;
use App\Http\Controllers\UsersController;
use App\Http\Middleware\EnsureUserIsAdmin;
use App\Http\Middleware\EnsureUserIsOrga;
Route::prefix('auth')->group(function (): void {
Route::post('register', [AuthController::class, 'register']);
Route::post('login', [AuthController::class, 'login']);
// Route::get('{provider}/redirect', [ProviderRedirectController::class, 'redirect']);
// Route::get('{provider}/callback', [ProviderCallbackController::class, 'callback']);
});
// List hunts
//Ensure is Admin
Route::middleware(['auth:sanctum', EnsureUserIsAdmin::class])->group(function () {
Route::post('users/{user}/delete', [UsersController::class, 'softDeleteById'])->withTrashed();
});
// Ensure is Orga
Route::middleware(['auth:sanctum', EnsureUserIsOrga::class])->group(function () {
Route::post('hunts', [HuntsController::class, 'store']);
@ -33,6 +38,8 @@ Route::middleware(['auth:sanctum', EnsureUserIsOrga::class])->group(function ()
Route::middleware('auth:sanctum')->group(function (): void {
Route::get('hunts', [HuntsController::class, 'index']);
Route::get('hunts/{hunt}', [HuntsController::class, 'show']);
//Auth
Route::post('auth/delete', [AuthController::class, 'softDelete']);
// User
Route::get('users/leaderboard', [UsersController::class, 'leaderboard']);
Route::put('users/update/username', [UsersController::class, 'updateUsername']);