de656b70a2
- Nuevo modulo de historial de cambios (ServicioHistorial) - Observer para tracking automatico de cambios en servicios - Correccion de variables auxiliar en ServiciosController - Actualizacion de configuraciones y migraciones - Endpoint para consultar historial de cambios Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
230 lines
6.9 KiB
PHP
Executable File
230 lines
6.9 KiB
PHP
Executable File
<?php
|
|
|
|
namespace App\Http\Controllers\Auth;
|
|
|
|
use const App\Http\Controllers\LLAVE_VERSION_APLICACION;
|
|
use const App\Http\Controllers\VERSION_APLICACION;
|
|
use App\Http\Requests\LoginRequest;
|
|
use App\Http\Requests\TokenFirebaseRequest;
|
|
use App\Mail\ResetPassword;
|
|
use App\Models\Parametro;
|
|
use App\Models\RolUser;
|
|
use App\Models\TipoEmpleado;
|
|
use App\Models\User;
|
|
use Cartalyst\Sentinel\Checkpoints\NotActivatedException;
|
|
use Cartalyst\Sentinel\Checkpoints\ThrottlingException;
|
|
use Cartalyst\Sentinel\Native\Facades\Sentinel;
|
|
use Illuminate\Http\Request;
|
|
use App\Http\Controllers\Controller;
|
|
use Illuminate\Support\Facades\DB;
|
|
use Illuminate\Support\Facades\Mail;
|
|
use Tymon\JWTAuth\Exceptions\JWTException;
|
|
use Tymon\JWTAuth\Facades\JWTAuth;
|
|
use Log;
|
|
use Auth;
|
|
|
|
class AuthenticateController extends Controller
|
|
{
|
|
public function getAccessToken(LoginRequest $request)
|
|
{
|
|
|
|
$credentials = $request->only('email', 'password');
|
|
$dispositivo_id = $request->input('dispositivo_id', NULL);
|
|
$version_apk = $request->input('version_apk', false);
|
|
$version_parametro = Parametro::where('llave',LLAVE_VERSION_APLICACION)->first();
|
|
|
|
|
|
try {
|
|
|
|
$usuario = User::where('email', $credentials['email'])->first();
|
|
|
|
|
|
if ($usuario) {
|
|
$tipo = TipoEmpleado::where('id', $usuario->tipo_empleado_id)->first();
|
|
|
|
if (!$tipo->login) {
|
|
return response()->forbidden('No cuentas con los suficientes permisos para acceder a este módulo.');
|
|
}
|
|
}
|
|
|
|
try {
|
|
if (!$user = Sentinel::forceAuthenticate($credentials)) {
|
|
return response()->unauthorized('Usuario y/o contraseña incorrectas.');
|
|
}
|
|
} catch (ThrottlingException $e) {
|
|
return response()->tooManyAttempts('too_many_attempts');
|
|
}
|
|
|
|
$token = JWTAuth::attempt($credentials);
|
|
|
|
if (!$token) {
|
|
return response()->unauthorized('Usuario y/o contraseña incorrectas.');
|
|
}
|
|
|
|
$application = $request->header('Application');
|
|
|
|
if ($application == 'MOVIL' && (!$version_apk || $version_apk != $version_parametro->valor)){
|
|
return response()->unauthorized('Existe una nueva versión disponible, contacta con tu supervisor.');
|
|
}
|
|
|
|
$user = Auth::user();
|
|
|
|
$role_id = RolUser::where('user_id', $user->id)->first();
|
|
$role = Sentinel::findRoleById($role_id->role_id);
|
|
|
|
$this->validarAplicacion($application, $role);
|
|
|
|
if ($dispositivo_id != null) {
|
|
$user->dispositivo_id = $dispositivo_id;
|
|
$user->update();
|
|
}
|
|
|
|
return response()->success(compact('user', 'token', 'role'));
|
|
|
|
|
|
} catch (JWTException $e) {
|
|
// something went wrong whilst attempting to encode the token
|
|
return response()->json(['error' => 'could_not_create_token'], 500);
|
|
|
|
} catch (NotActivatedException $e) {
|
|
|
|
return response()->badRequest($e->getMessage());
|
|
} catch (\Exception $e) {
|
|
|
|
if ($e->getCode() == 400) {
|
|
return response()->badRequest($e->getMessage());
|
|
}
|
|
|
|
if ($e->getCode() == 401) {
|
|
return response()->unauthorized($e->getMessage());
|
|
}
|
|
|
|
if ($e->getCode() == 403) {
|
|
return response()->forbidden($e->getMessage());
|
|
}
|
|
|
|
if ($e->getCode() == 404) {
|
|
return response()->notFound($e->getMessage());
|
|
}
|
|
|
|
if ($e->getCode() == 422) {
|
|
return response()->unprocessable('Error', [$e->getMessage()]);
|
|
}
|
|
|
|
return response()->json(['error' => $e->getMessage()], $e->getCode());
|
|
|
|
}
|
|
}
|
|
|
|
public function validarAplicacion($application, $role)
|
|
{
|
|
|
|
if (!$application)
|
|
throw new \Exception('El header Application es obligatorio.', 400);
|
|
|
|
|
|
if (strtoupper($application) == 'MOVIL') {
|
|
|
|
if (!$role->movil) {
|
|
throw new \Exception('No cuentas con los suficientes permisos para acceder a este módulo.', 403);
|
|
}
|
|
|
|
} elseif (strtoupper($application) == 'WEB') {
|
|
|
|
if (!$role->web) {
|
|
throw new \Exception('No cuentas con los suficientes permisos para acceder a este módulo.', 403);
|
|
}
|
|
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Actualizar json token web
|
|
* Retorna un nuevo token de acceso **JWT**
|
|
*
|
|
* @param App\Http\Request $request
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function refreshAccessToken(Request $request)
|
|
{
|
|
|
|
$token = JWTAuth::parseToken()->refresh();
|
|
|
|
return response()->success(compact('token'));
|
|
|
|
}
|
|
|
|
/**
|
|
*
|
|
* Recuperar Contraseña
|
|
* @param App\Http\Request $request
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function recoverPassword(Request $request)
|
|
{
|
|
$email = $request->input('email', false);
|
|
|
|
$user = User::where('email', $email)->first();
|
|
|
|
if (!$user) {
|
|
return response()->unprocessable('Error', ['El usuario no se encuentra disponible.']);
|
|
}
|
|
|
|
$newpass = str_random(4);
|
|
$newpass = strtolower($newpass);
|
|
$user->password = bcrypt($newpass);
|
|
$user->solicitar = 1;
|
|
$user->save();
|
|
$user['nueva'] = $newpass;
|
|
Mail::to($email)->send(new ResetPassword($user));
|
|
$mensaje = "Acabamos de enviar un correo electrónico con su contraseña.";
|
|
|
|
return response()->success(['result' => $mensaje]);
|
|
}
|
|
|
|
/**
|
|
*
|
|
* Actualizar Contraseña
|
|
* @param App\Http\Request $request
|
|
* @return \Illuminate\Http\Response
|
|
*/
|
|
public function updatePassword(Request $request)
|
|
{
|
|
$user = Auth::user();
|
|
|
|
$data = $request->only([
|
|
'old_password',
|
|
'password',
|
|
'password_confirm'
|
|
]);
|
|
|
|
$current_password = Auth::attempt(['email' => $user->email, 'password' => $data['old_password']]);
|
|
|
|
if ($current_password) {
|
|
if ($data['password'] == $data['password_confirm']) {
|
|
$user->password = bcrypt($data['password']);
|
|
$user->solicitar = 0;
|
|
$user->update();
|
|
return response()->success(['result' => 'Contraseña actualizada correctamente']);
|
|
} else {
|
|
$msg = 'Las contraseñas no coinciden.';
|
|
return response()->unprocessable('Error', [$msg]);
|
|
}
|
|
} else {
|
|
return response()->unprocessable('Error', ['Contraseña actual incorrecta.']);
|
|
}
|
|
}
|
|
|
|
public function tokenFirebase(TokenFirebaseRequest $request)
|
|
{
|
|
|
|
$user = Auth::user();
|
|
|
|
$data = $request->only(['token_firebase']);
|
|
|
|
User::where('id', $user->id)->first()->update($data);
|
|
|
|
return response()->success(['result' => 'ok']);
|
|
}
|
|
}
|