create temporary token for api authorization

2022-07-29 21:49:43 +07:00
parent 09717c078d
commit cda5225090
7 changed files with 158 additions and 1 deletions
--- a/app/Http/Middleware/HandleInertiaRequests.php
+++ b/app/Http/Middleware/HandleInertiaRequests.php
@@ -65,6 +65,8 @@ class HandleInertiaRequests extends Middleware
                }, $permissions);
            },
            '$menus' => fn () => $request->user()?->menus(),
+
+            '$token' => fn () => session('token'),
        ]);
    }
 }
--- a/app/Listeners/CreateTemporaryToken.php
+++ b/app/Listeners/CreateTemporaryToken.php
@@ -0,0 +1,49 @@
+<?php
+
+namespace App\Listeners;
+
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Queue\InteractsWithQueue;
+use Illuminate\Support\Facades\DB;
+
+class CreateTemporaryToken
+{
+    /**
+     * Create the event listener.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        //
+    }
+
+    /**
+     * Handle the event.
+     *
+     * @param  object  $event
+     * @return void
+     */
+    public function handle($event)
+    {
+        $user = $event->user;
+        
+        $temporaryToken = DB::table('temporary_tokens')
+                            ->where('user_id', $user->id)
+                            ->first();
+
+        if ($temporaryToken) {
+            DB::table('personal_access_tokens')->delete($temporaryToken->token_id);
+        }
+
+        $token = $user->createToken(uniqid());
+        
+        DB::table('temporary_tokens')
+            ->insert([
+                'user_id' => $user->id,
+                'token_id' => $token->accessToken->id,
+            ]);
+
+        session()->put('token', $token->plainTextToken);
+    }
+}
--- a/app/Listeners/DeleteTemporaryToken.php
+++ b/app/Listeners/DeleteTemporaryToken.php
@@ -0,0 +1,39 @@
+<?php
+
+namespace App\Listeners;
+
+use Illuminate\Contracts\Queue\ShouldQueue;
+use Illuminate\Queue\InteractsWithQueue;
+use Illuminate\Support\Facades\DB;
+
+class DeleteTemporaryToken
+{
+    /**
+     * Create the event listener.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        //
+    }
+
+    /**
+     * Handle the event.
+     *
+     * @param  object  $event
+     * @return void
+     */
+    public function handle($event)
+    {
+        $user = $event->user;
+
+        $temporaryToken = DB::table('temporary_tokens')->where('user_id', $user->id)->first();
+
+        if ($temporaryToken) {
+            DB::table('personal_access_tokens')->delete($temporaryToken->token_id);
+        }
+
+        session()->remove('token');
+    }
+}
--- a/app/Providers/EventServiceProvider.php
+++ b/app/Providers/EventServiceProvider.php
@@ -3,6 +3,7 @@
 namespace App\Providers;

 use Illuminate\Auth\Events\Login;
+use Illuminate\Auth\Events\Logout;
 use Illuminate\Auth\Events\Registered;
 use Illuminate\Auth\Listeners\SendEmailVerificationNotification;
 use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
@@ -21,8 +22,13 @@ class EventServiceProvider extends ServiceProvider
        ],

        Login::class => [
+            \App\Listeners\CreateTemporaryToken::class,
            \App\Listeners\SaveUserLoginIpBrowserAndPlatform::class,
        ],
+
+        Logout::class => [
+            \App\Listeners\DeleteTemporaryToken::class,
+        ],
    ];

    /**