diff --git a/app/Http/Controllers/Api/LogInController.php b/app/Http/Controllers/Api/LogInController.php index f5028d9f..48ef4e94 100644 --- a/app/Http/Controllers/Api/LogInController.php +++ b/app/Http/Controllers/Api/LogInController.php @@ -3,11 +3,13 @@ namespace App\Http\Controllers\Api; use App\Http\Controllers\Controller; +use App\Models\ApiKey; use App\Models\LoginAttempt; use App\Models\User; use Illuminate\Http\JsonResponse; use Illuminate\Http\Request; use Illuminate\Support\Facades\Auth; +use Illuminate\Support\Str; class LogInController extends Controller { @@ -24,15 +26,22 @@ public function __invoke(Request $request): JsonResponse 'password' => $request->input('password'), ]) ) { + $userId = Auth::user()->id; + LoginAttempt::create([ - 'user_id' => Auth::user()->id, + 'user_id' => $userId, 'ip' => $request->ip(), 'failed' => false, ]); + $apiKey = ApiKey::create([ + 'user_id' => $userId, + 'token' => Str::random(32), + ]); + return response() ->json([ - 'token' => 'TOKEN_GOES_HERE', + 'token' => $apiKey->token, ]); } else { $userByEmail = User::query() diff --git a/app/Http/Controllers/Api/TransactionController.php b/app/Http/Controllers/Api/TransactionController.php index 9767316f..e57113f0 100644 --- a/app/Http/Controllers/Api/TransactionController.php +++ b/app/Http/Controllers/Api/TransactionController.php @@ -4,20 +4,30 @@ use App\Http\Controllers\Controller; use App\Http\Resources\TransactionResource; +use App\Models\ApiKey; use App\Models\Earning; use App\Models\Spending; +use Illuminate\Http\Request; class TransactionController extends Controller { - public function index() + public function index(Request $request) { + $apiKey = ApiKey::query() + ->where('token', $request->header('api-key')) + ->first(); + + if (!$apiKey) { + abort(401); + } + $transactions = collect(); - foreach (Earning::all() as $earning) { + foreach (Earning::query()->where('space_id', $apiKey->user->spaces()->first()->id)->get() as $earning) { $transactions->push($earning); } - foreach (Spending::all() as $spending) { + foreach (Spending::query()->where('space_id', $apiKey->user->spaces()->first()->id)->get() as $spending) { $transactions->push($spending); } diff --git a/app/Models/ApiKey.php b/app/Models/ApiKey.php new file mode 100644 index 00000000..99402b56 --- /dev/null +++ b/app/Models/ApiKey.php @@ -0,0 +1,23 @@ +belongsTo(User::class); + } +} diff --git a/database/migrations/2023_10_26_214009_create_api_keys_table.php b/database/migrations/2023_10_26_214009_create_api_keys_table.php new file mode 100644 index 00000000..fff77562 --- /dev/null +++ b/database/migrations/2023_10_26_214009_create_api_keys_table.php @@ -0,0 +1,23 @@ +id(); + $table->foreignId('user_id')->constrained(); + $table->string('token')->unique(); + $table->timestamps(); + }); + } + + public function down(): void + { + Schema::dropIfExists('api_keys'); + } +}; diff --git a/resources/assets/js/prototype/screens/Login.vue b/resources/assets/js/prototype/screens/Login.vue index 0d63e077..a974d8c6 100644 --- a/resources/assets/js/prototype/screens/Login.vue +++ b/resources/assets/js/prototype/screens/Login.vue @@ -14,6 +14,8 @@ const logIn = () => { const json = response.data; if (json.token) { + localStorage.setItem('api_key', json.token); + router.push('dashboard'); } diff --git a/resources/assets/js/prototype/screens/Transactions/Index.vue b/resources/assets/js/prototype/screens/Transactions/Index.vue index 5c92fabc..f99127ca 100644 --- a/resources/assets/js/prototype/screens/Transactions/Index.vue +++ b/resources/assets/js/prototype/screens/Transactions/Index.vue @@ -56,7 +56,7 @@ const getTransactionsBySpan = (span) => { }; const fetchTransactions = () => { - fetch('/api/transactions') + fetch('/api/transactions', { headers: { 'api-key': localStorage.getItem('api_key') } }) .then(response => response.json()) .then(data => { transactions.value = data;