Browse Source

feat(api): tambah POST /api/v1/auth/forgot-password endpoint

master
Budi Setiawan 3 weeks ago
parent
commit
861540d626
  1. BIN
      server-connection/geonet-console-deploy.tar.gz
  2. 23
      server-connection/geonet-console/app/Http/Controllers/AuthController.php
  3. 3
      server-connection/geonet-console/routes/api.php

BIN
server-connection/geonet-console-deploy.tar.gz

Binary file not shown.

23
server-connection/geonet-console/app/Http/Controllers/AuthController.php

@ -5,6 +5,7 @@ namespace App\Http\Controllers;
use App\Services\AuditLogService; use App\Services\AuditLogService;
use App\Services\LdapAuthService; use App\Services\LdapAuthService;
use App\Services\LdapPasswordResetService; use App\Services\LdapPasswordResetService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\RedirectResponse; use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\View\View; use Illuminate\View\View;
@ -100,6 +101,28 @@ class AuthController extends Controller
); );
} }
public function apiForgotPassword(Request $request): JsonResponse
{
$data = $request->validate([
'username' => ['required', 'string', 'max:100', 'regex:/^[a-zA-Z0-9._-]+$/'],
]);
try {
$this->passwordReset->sendResetLink($data['username']);
$this->audit->logPublic('auth.password.forgot', $data['username'], $request, [
'username' => $data['username'],
'source' => 'api',
]);
} catch (\Throwable) {
// Do not reveal whether user exists or email failed.
}
return response()->json([
'data' => ['message' => 'Jika akun ditemukan dan memiliki email terdaftar, link reset password telah dikirim.'],
'error' => null,
]);
}
public function showResetPassword(string $token): View|RedirectResponse public function showResetPassword(string $token): View|RedirectResponse
{ {
$username = $this->passwordReset->validateToken($token); $username = $this->passwordReset->validateToken($token);

3
server-connection/geonet-console/routes/api.php

@ -17,6 +17,9 @@ Route::prefix('v1')->group(function () {
Route::post('/auth/refresh', [AuthController::class, 'refresh']) Route::post('/auth/refresh', [AuthController::class, 'refresh'])
->middleware('throttle:30,1') ->middleware('throttle:30,1')
->name('api.v1.auth.refresh'); ->name('api.v1.auth.refresh');
Route::post('/auth/forgot-password', [AuthController::class, 'apiForgotPassword'])
->middleware('throttle:3,1')
->name('api.v1.auth.forgot-password');
Route::get('/auth/token-guide', [TokenGuideController::class, 'show']) Route::get('/auth/token-guide', [TokenGuideController::class, 'show'])
->name('api.v1.auth.token-guide'); ->name('api.v1.auth.token-guide');

Loading…
Cancel
Save