144 lines
3.6 KiB
PHP
144 lines
3.6 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Models\User;
|
|
use App\Models\EmployeeCounter;
|
|
use Illuminate\Support\Facades\DB;
|
|
use Illuminate\Support\Facades\Hash;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Support\Facades\Redis;
|
|
|
|
class AuthController extends Controller
|
|
{
|
|
private function generateEmployeeId()
|
|
{
|
|
return DB::transaction(function () {
|
|
|
|
$year = date('Y');
|
|
|
|
$counter = EmployeeCounter::lockForUpdate()
|
|
->where('year', $year)
|
|
->first();
|
|
|
|
if (!$counter) {
|
|
$counter = EmployeeCounter::create([
|
|
'year' => $year,
|
|
'last_number' => 0
|
|
]);
|
|
}
|
|
|
|
$counter->last_number += 1;
|
|
$counter->save();
|
|
|
|
$runningNumber = str_pad($counter->last_number, 3, '0', STR_PAD_LEFT);
|
|
|
|
return 'S' . $year . $runningNumber;
|
|
});
|
|
}
|
|
|
|
public function showRegister()
|
|
{
|
|
return view('auth.register');
|
|
}
|
|
|
|
public function showLogin()
|
|
{
|
|
if (Auth::check()) {
|
|
return redirect('/dashboard');
|
|
}
|
|
|
|
return view('auth.login');
|
|
}
|
|
|
|
public function login(Request $request)
|
|
{
|
|
$request->validate([
|
|
'login' => 'required',
|
|
'password' => 'required'
|
|
]);
|
|
|
|
$loginType = filter_var($request->login, FILTER_VALIDATE_EMAIL) ? 'email' : 'employee_id';
|
|
|
|
$credentials = [
|
|
$loginType => $request->login,
|
|
'password' => $request->password
|
|
];
|
|
|
|
$user = User::where($loginType, $request->login)->first();
|
|
|
|
if (!$user) {
|
|
return back()->withErrors([
|
|
'login' => 'Account not registered.'
|
|
]);
|
|
}
|
|
|
|
if (!$user->is_approved) {
|
|
return back()->withErrors([
|
|
'login' => 'Account not approved by admin.'
|
|
]);
|
|
}
|
|
|
|
if (Auth::attempt($credentials)) {
|
|
|
|
$request->session()->regenerate();
|
|
|
|
session(['token_version' => Auth::user()->token_version]);
|
|
|
|
Redis::lpush('login_logs', json_encode([
|
|
'user_id' => Auth::id(),
|
|
'event' => 'login',
|
|
'ip' => request()->ip(),
|
|
'time' => now()
|
|
]));
|
|
|
|
return redirect('/dashboard');
|
|
}
|
|
|
|
return back()->withErrors([
|
|
'login' => 'ID Pekerja / Email atau Password salah.'
|
|
]);
|
|
}
|
|
|
|
public function logout(Request $request)
|
|
{
|
|
$userId = Auth::id(); // ambil dulu sebelum logout
|
|
|
|
Redis::lpush('login_logs', json_encode([
|
|
'user_id' => $userId,
|
|
'event' => 'logout',
|
|
'ip' => request()->ip(),
|
|
'time' => now()
|
|
]));
|
|
|
|
Auth::logout();
|
|
|
|
$request->session()->invalidate();
|
|
$request->session()->regenerateToken();
|
|
|
|
return redirect('/login');
|
|
}
|
|
|
|
public function register(Request $request)
|
|
{
|
|
$request->validate([
|
|
'name' => 'required|max:255',
|
|
'email' => 'required|email|unique:users',
|
|
'password' => 'required|min:8|confirmed'
|
|
]);
|
|
|
|
User::create([
|
|
'name' => $request->name,
|
|
'employee_id' => $this->generateEmployeeId(),
|
|
'email' => $request->email,
|
|
'password' => Hash::make($request->password),
|
|
'is_approved' => false,
|
|
'token_version' => 1,
|
|
]);
|
|
|
|
return redirect('/login')
|
|
->with('message', 'Registration successful. Waiting for admin approval.');
|
|
}
|
|
}
|