/**
* store a resource
* @param Request $request http request
* @param mixed $id id of the resource for updating
* @return jsend jsend with newly stored source
*/
function store(Request $request, $id = null)
{
////////////////
// Load Data //
////////////////
if ($id) {
$data = Model::find($id);
if (!$data) {
return app()->abort(404);
}
} else {
$data = new Model();
}
///////////////////////////////////
// Assign posted data to Data //
///////////////////////////////////
$data->fill($request->input());
///////////
// Store //
///////////
if ($data->save()) {
return response()->json(JSend::success(['data' => $data])->asArray());
} else {
return response()->json(JSend::fail($data->getErrors())->asArray());
}
}
function saving($model)
{
$errors = new MessageBag();
///////////
// RULES //
///////////
if (is_null($model->_id)) {
$id = 0;
} else {
$id = $model->_id;
}
//////////////
// VALIDATE //
//////////////
$client = Client::key($model->key)->where('_id', '<>', $id)->first();
if ($client) {
$errors->add('Key', 'Key must be unique');
}
$client = Client::secret($model->key)->where('_id', '<>', $id)->first();
if ($client) {
$errors->add('Secret', 'Secret must be unique');
}
if ($errors->count()) {
$model->setErrors($errors);
return false;
}
}
/**
* issue token for password grant type
*
* 1. authentication client
* 2. authentication user
* 3. open session & generated access token
* @param array request parameter, host
* @return boolean
*/
public function password($request_param, $host)
{
//1. authentication client
\Log::info(' IP PASSWORD : '******'secret'])->key($request_param['key'])->grantname($request_param['grant_type'])->ip($host)->first();
if (!$client) {
$this->errors->add('Access', 'Client tidak valid');
}
//2. authentication user
if (!$this->errors->count()) {
if (isset($request_param['email'])) {
$logging_user = UserModel::where('email', $request_param['email'])->first();
$validating_password = Hash::check($request_param['password'], $logging_user['password']);
} else {
$logging_user = UserModel::where('username', $request_param['username'])->first();
$validating_password = Hash::check($request_param['password'], $logging_user['password']);
}
if (!$validating_password) {
$this->errors->add('Access', 'Invalid User');
} else {
$logged_user = $logging_user->toArray();
}
}
//3. open session & generated access token
if (!$this->errors->count()) {
$tokens['access_token'] = $this->generateAccessToken($client);
$tokens['refresh_token'] = $this->generateRefreshToken($client);
$tokens['expired_at'] = $this->generateExpiredTime();
$clients = $client->toArray();
unset($clients['key']);
unset($clients['secret']);
unset($clients['grants']);
foreach ($client['grants'] as $key => $value) {
$clients['scopes'] = $value['scopes'];
}
$issue_token = array_merge($tokens, ['client' => $clients]);
$open_session = new SessionModel();
$open_session->fill(['tokens' => [$issue_token], 'user' => $logged_user]);
if (!$open_session->save()) {
$this->errors->add('Access', $open_session->getError());
} else {
$tokens['whoami'] = $logged_user;
$this->tokens = $tokens;
}
}
if ($this->errors->count()) {
return false;
}
return true;
}
