Support OAuth login on iPhone

2024-11-08 20:22:42 +01:00 · 2016-10-06 15:46:27 +03:00 · 2016-10-06 15:46:27 +03:00 · d046679dab
commit d046679dab
parent ddea0b9cc2
3 changed files with 20 additions and 5 deletions
--- a/app/Http/Controllers/AccountApiController.php
+++ b/app/Http/Controllers/AccountApiController.php
@ -6,6 +6,7 @@ use Response;
 use Cache;
 use Socialite;
 use Exception;
+use App\Services\AuthService;
 use App\Models\Account;
 use App\Ninja\Repositories\AccountRepository;
 use Illuminate\Http\Request;
@ -184,17 +185,29 @@ class AccountApiController extends BaseAPIController

    }

-    public function validateOauthToken(Request $request)
+    public function oauthLogin(Request $request)
    {
+        $user = false;
        $token = $request->input('token');
        $provider = $request->input('provider');

        try {
            $user = Socialite::driver($provider)->userFromToken($token);
        } catch (Exception $exception) {
-            return $this->response($exception->getMessage());
+            return $this->errorResponse(['message' => $exception->getMessage()], 401);
        }

-        return $user ? RESULT_SUCCESS : RESULT_FAILURE;
+        if ($user) {
+            $providerId = AuthService::getProviderId($provider);
+            $user = $this->accountRepo->findUserByOauth($providerId, $user->id);
+        }
+
+        if ($user) {
+            Auth::login($user);
+            return $this->processLogin($request);
+        } else {
+            sleep(ERROR_DELAY);
+            return $this->errorResponse(['message' => 'Invalid credentials'], 401);
+        }
    }
 }
--- a/app/Http/Middleware/ApiCheck.php
+++ b/app/Http/Middleware/ApiCheck.php
@ -23,7 +23,9 @@ class ApiCheck {
    */
    public function handle($request, Closure $next)
    {
-        $loggingIn = $request->is('api/v1/login') || $request->is('api/v1/register');
+        $loggingIn = $request->is('api/v1/login')
+            || $request->is('api/v1/register')
+            || $request->is('api/v1/oauth_login');
        $headers = Utils::getApiHeaders();
        $hasApiSecret = false;

--- a/app/Http/routes.php
+++ b/app/Http/routes.php
@ -284,6 +284,7 @@ Route::group(['middleware' => 'api', 'prefix' => 'api/v1'], function()
 {
    Route::get('ping', 'AccountApiController@ping');
    Route::post('login', 'AccountApiController@login');
+    Route::post('oauth_login', 'AccountApiController@oauthLogin');
    Route::post('register', 'AccountApiController@register');
    Route::get('static', 'AccountApiController@getStaticData');
    Route::get('accounts', 'AccountApiController@show');
@ -308,7 +309,6 @@ Route::group(['middleware' => 'api', 'prefix' => 'api/v1'], function()
    Route::post('update_notifications', 'AccountApiController@updatePushNotifications');
    Route::get('dashboard', 'DashboardApiController@index');
    Route::resource('documents', 'DocumentAPIController');
-    Route::post('validate_outh_token', 'AccountApiController@validateOauthToken');

    // Vendor
    Route::resource('vendors', 'VendorApiController');