Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Controllers/API/V4/AuthAttemptsController.php
- This file was added.
<?php | |||||
namespace App\Http\Controllers\API\V4; | |||||
use App\AuthAttempt; | |||||
use App\Http\Controllers\Controller; | |||||
use Illuminate\Support\Facades\Cache; | |||||
use Illuminate\Http\Request; | |||||
class AuthAttemptsController extends Controller | |||||
{ | |||||
/** | |||||
* Confirm the authentication attempt. | |||||
* | |||||
machniak: Method documentation, please. Here and below. | |||||
* @param string $id Id of AuthAttempt attempt | |||||
* | |||||
* @return \Illuminate\Http\JsonResponse | |||||
*/ | |||||
public function confirm($id) | |||||
{ | |||||
Done Inline ActionsThis is a JsonResponse. So, the return here and at the end of the method is inconsistent. machniak: This is a JsonResponse. So, the return here and at the end of the method is inconsistent. | |||||
$authAttempt = AuthAttempt::find($id); | |||||
if (!$authAttempt) { | |||||
return $this->errorResponse(404); | |||||
Done Inline ActionsWe're not using findOrFail() method in http controllers, because the error is not that nice. machniak: We're not using findOrFail() method in http controllers, because the error is not that nice. | |||||
} | |||||
Done Inline ActionsI think that accept() and deny() methods just call save() "internally". machniak: I think that accept() and deny() methods just call save() "internally". | |||||
$user = $this->guard()->user(); | |||||
if ($user->id != $authAttempt->user_id) { | |||||
return $this->errorResponse(403); | |||||
} | |||||
\Log::debug("Confirm on {$authAttempt->id}"); | |||||
$authAttempt->accept(); | |||||
return response()->json([], 200); | |||||
} | |||||
/** | |||||
* Deny the authentication attempt. | |||||
* | |||||
* @param string $id Id of AuthAttempt attempt | |||||
* | |||||
* @return \Illuminate\Http\JsonResponse | |||||
*/ | |||||
public function deny($id) | |||||
{ | |||||
$authAttempt = AuthAttempt::find($id); | |||||
if (!$authAttempt) { | |||||
return $this->errorResponse(404); | |||||
} | |||||
$user = $this->guard()->user(); | |||||
if ($user->id != $authAttempt->user_id) { | |||||
return $this->errorResponse(403); | |||||
Done Inline ActionsShould that set a specific $authAttempt->reason? machniak: Should that set a specific $authAttempt->reason? | |||||
Done Inline ActionsThat's just the default case. mollekopf: That's just the default case. | |||||
} | |||||
\Log::debug("Deny on {$authAttempt->id}"); | |||||
$authAttempt->deny(); | |||||
return response()->json([], 200); | |||||
} | |||||
/** | |||||
* Return details of authentication attempt. | |||||
Done Inline Actions'entry' will contain IP and udated_at again. machniak: 'entry' will contain IP and udated_at again. | |||||
* | |||||
* @param string $id Id of AuthAttempt attempt | |||||
* | |||||
* @return \Illuminate\Http\JsonResponse | |||||
*/ | |||||
public function details($id) | |||||
{ | |||||
$authAttempt = AuthAttempt::find($id); | |||||
if (!$authAttempt) { | |||||
return $this->errorResponse(404); | |||||
} | |||||
Done Inline ActionsThis debug message is not very helpful. machniak: This debug message is not very helpful. | |||||
$user = $this->guard()->user(); | |||||
if ($user->id != $authAttempt->user_id) { | |||||
return $this->errorResponse(403); | |||||
} | |||||
return response()->json([ | |||||
'status' => 'success', | |||||
'username' => $user->email, | |||||
'country' => \App\Utils::countryForIP($authAttempt->ip), | |||||
'entry' => $authAttempt->toArray() | |||||
]); | |||||
} | |||||
/** | |||||
* Listing of client authAttempts. | |||||
* | |||||
* All authAttempt attempts from the current user | |||||
* | |||||
* @return \Illuminate\Http\JsonResponse | |||||
*/ | |||||
public function index(Request $request) | |||||
{ | |||||
$user = $this->guard()->user(); | |||||
$pageSize = 10; | |||||
$page = intval($request->input('page')) ?: 1; | |||||
$hasMore = false; | |||||
$result = \App\AuthAttempt::where('user_id', $user->id) | |||||
->orderBy('updated_at', 'desc') | |||||
->limit($pageSize + 1) | |||||
->offset($pageSize * ($page - 1)) | |||||
->get(); | |||||
if (count($result) > $pageSize) { | |||||
$result->pop(); | |||||
$hasMore = true; | |||||
} | |||||
$result = $result->map(function ($authAttempt) { | |||||
return $authAttempt->toArray(); | |||||
}); | |||||
return response()->json($result); | |||||
} | |||||
} |
Method documentation, please. Here and below.