/** * Display a listing of the resource. * * @return \Eos\Http\Response\Format\JsonApi */ public function index() { $user = $this->user(); // if ($user == null) { // throw new UnauthorizedHttpException("Bearer", "You are not authorized to see all users.", null, 0x00C00301); // } if (!policy($user)->canSeeAll($user)) { throw new HttpException(403, "You are not authorized to see all users.", null, [], 0xc00302); } $users = $this->repository->all(); return $this->response->collection($users, new UserTransformer(), ["key" => "users"]); }
/** * Display a listing of the resource. * * @return \Eos\Http\Response\Format\JsonApi */ public function index() { $user = $this->user(); if ($user == null) { throw new UnauthorizedHttpException("Bearer", "You are not authorized to see all permissions.", null, 0xc00401); } if (!policy(Permission::class)->canSeeAll($user)) { throw new HttpException(403, "You are not authorized to see all permissions.", null, [], 0xc00402); } $permissions = $this->repository->all(); return $this->response->collection($permissions, new PermissionTransformer(), ["key" => "permissions"]); }
public function authenticate(Request $request, UserRepository $userRepository) { // grab credentials from the request $credentials = $request->only('email', 'password'); // TODO Move user authentication code somewhere more appropriate $previousException = null; if ($credentials["email"] === null) { $previousException = new NotFoundHttpException("User not found.", null, 0xc00101); } if ($credentials["password"] === null) { // TODO Test after code \Eos\Exceptions\Factory::collection() throw new NotFoundHttpException("User not found.", $previousException, 0xc00102); } else { if ($previousException !== null) { throw $previousException; } } // Try to find user by email $user = $userRepository->findWhere(["email" => $credentials["email"]]); if (count($user) === 0) { // The user could not found by that email throw new NotFoundHttpException("User not found.", null, 0xc00103); } /** * @var \Eos\Entities\User $user */ $user = $user[0]; if (!Hash::check($credentials["password"], $user->password)) { // Password mismatch throw new NotFoundHttpException("User not found.", null, 0xc00104); } try { $token = JWTAuth::fromUser($user); } catch (JWTException $exception) { throw new \Exception("Couldn't create token", 0xc00105); } return response()->json(["token" => $token, "user" => ["first_name" => $user->first_name, "middle_name" => $user->middle_name, "last_name" => $user->last_name, "email" => $user->email]]); }