|
|
|
|
@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
@@ -7,6 +7,7 @@ use App\Http\Controllers\Controller;
|
|
|
|
|
use App\Services\AuditLogService; |
|
|
|
|
use App\Services\LdapAuthService; |
|
|
|
|
use App\Services\LdapJwtService; |
|
|
|
|
use App\Services\LdapPasswordResetService; |
|
|
|
|
use Illuminate\Http\JsonResponse; |
|
|
|
|
use Illuminate\Http\Request; |
|
|
|
|
|
|
|
|
|
@ -17,7 +18,8 @@ class AuthController extends Controller
@@ -17,7 +18,8 @@ class AuthController extends Controller
|
|
|
|
|
public function __construct( |
|
|
|
|
private readonly LdapAuthService $ldapAuth, |
|
|
|
|
private readonly LdapJwtService $ldapJwt, |
|
|
|
|
private readonly AuditLogService $audit |
|
|
|
|
private readonly AuditLogService $audit, |
|
|
|
|
private readonly LdapPasswordResetService $passwordReset, |
|
|
|
|
) { |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@ -94,4 +96,25 @@ class AuthController extends Controller
@@ -94,4 +96,25 @@ class AuthController extends Controller
|
|
|
|
|
], |
|
|
|
|
]); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
public function apiForgotPassword(Request $request): JsonResponse |
|
|
|
|
{ |
|
|
|
|
$data = $request->validate([ |
|
|
|
|
'username' => ['required', 'string', 'max:100', 'regex:/^[a-zA-Z0-9._-]+$/'], |
|
|
|
|
]); |
|
|
|
|
|
|
|
|
|
try { |
|
|
|
|
$this->passwordReset->sendResetLink($data['username']); |
|
|
|
|
$this->audit->logPublic('api.v1.auth.password.forgot', $data['username'], $request, [ |
|
|
|
|
'username' => $data['username'], |
|
|
|
|
'source' => 'api', |
|
|
|
|
]); |
|
|
|
|
} catch (\Throwable) { |
|
|
|
|
// Do not reveal whether user exists or email failed. |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
return $this->ok([ |
|
|
|
|
'message' => 'Jika akun ditemukan dan memiliki email terdaftar, link reset password telah dikirim. Link berlaku selama 60 menit.', |
|
|
|
|
]); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|