feat: api login

.env.example

@@ -4,6 +4,9 @@ APP_KEY=
 APP_DEBUG=true
 APP_URL=http://localhost
 
+# for CORS
+SANCTUM_STATEFUL_DOMAINS=[http://localhost:3000]
+
 LOG_CHANNEL=stack
 LOG_DEPRECATIONS_CHANNEL=null
 LOG_LEVEL=debug

app/Helper/JSONResponse.php

@@ -0,0 +1,25 @@
+<?php
+namespace App\Helper;
+
+class JSONResponse {
+  static function Success($arr=[]) {
+    $arr["result"]="success";
+    return response()->json($arr);
+  }
+  static function Error($msg,$arr=[]) {
+    $arr["result"]="error";
+    $arr['message']=$msg;
+    return response()->json($arr);
+  }
+  static function Debug($data) {
+    return response()->json(["result"=>"debug", "data"=>$data]);
+  }
+  static function Unauthorized($arr=[]) {
+    $arr["result"]="unauthorized";
+    return response()->json($arr);
+  }
+  static function Forbidden($arr=[]) {
+    $arr["result"]="forbidden";
+    return response()->json($arr);
+  }
+}

app/Http/Controllers/api/LoginController.php

@@ -0,0 +1,36 @@
+<?php
+
+namespace App\Http\Controllers\api;
+
+use App\Helper\JSONResponse;
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Hash;
+
+class LoginController extends Controller {
+    public static function login(Request $request) {
+        $request->validate(
+            ['username' => 'required|string'],
+            ['password' => 'required|string' ]
+        );
+
+        $user = User::where('username', 'ilike', $request->username)
+                    ->orWhere('password', 'ilike', $request->username)
+                    ->first();
+        if(!$user || Hash::check($user->password, $user->password)) {
+            throw new \Exception('username / password are incorrect');
+        }
+
+        if(!$user->is_active) {
+            throw new \Exception('User is inactive');
+        }
+
+        $token = $user->createToken('auth_token')->plainTextToken;
+        return JSONResponse::Success(['session' => [
+                                        'username' => $user->username,
+                                        'email' => $user->email,
+                                        'token' => $token]
+                                    ]);
+    }
+}

routes/api.php

@@ -1,5 +1,6 @@
 <?php
 
+use App\Http\Controllers\api\LoginController;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Route;
 
@@ -14,6 +15,6 @@ use Illuminate\Support\Facades\Route;
 |
 */
 
-Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
+Route::controller(LoginController::class)->group(function() {
-    return $request->user();
+    Route::post('/login', 'login');
 });