marco/webmoney
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9c9d6443e7
webmoney/backend/app/Http/Controllers/Api/AuthController.php
marcoitaloesp-ai 9c9d6443e7
v1.57.0: Redesign category modals + i18n updates + demo transactions fix 
- Redesigned category create/edit modal with elegant wizard-style UI
- Redesigned batch categorization modal with visual cards and better preview
- Added missing i18n translations (common.continue, creating, remove)
- Added budgets.general and wizard translations for ES, PT-BR, EN
- Fixed 3 demo user transactions that were missing categories
2025-12-18 19:06:07 +00:00

523 lines
19 KiB
PHP
Raw Blame History

<?php
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\Models\User;
use App\Models\EmailVerificationToken;
use App\Services\UserSetupService;
use App\Mail\AccountActivationMail;
use Illuminate\Http\Request;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\Log;
class AuthController extends Controller
{
/**
* Register a new user (without auto-login - requires PayPal payment and email activation)
*/
public function register(Request $request): JsonResponse
{
try {
$validator = Validator::make($request->all(), [
'name' => 'required|string|max:255',
'email' => 'required|string|email|max:255|unique:users',
'password' => 'required|string|min:8|confirmed',
'plan_id' => 'nullable|exists:plans,id',
], [
'name.required' => 'El nombre es obligatorio',
'email.required' => 'El email es obligatorio',
'email.email' => 'El email debe ser válido',
'email.unique' => 'Este email ya está registrado',
'password.required' => 'La contraseña es obligatoria',
'password.min' => 'La contraseña debe tener al menos 8 caracteres',
'password.confirmed' => 'Las contraseñas no coinciden',
]);
if ($validator->fails()) {
return response()->json([
'success' => false,
'message' => 'Error de validación',
'errors' => $validator->errors()
], 422);
}
// Create user WITHOUT email verification (will be verified after PayPal payment)
$user = User::create([
'name' => $request->name,
'email' => $request->email,
'password' => Hash::make($request->password),
'email_verified_at' => null, // NOT verified yet
]);
// DISABLED: Create default categories and data for the new user
// TODO: Re-enable when category templates are ready
// $setupService = new UserSetupService();
// $setupService->setupNewUser($user->id);
// Create a temporary token for PayPal flow (expires in 1 hour)
$tempToken = $user->createToken('registration-flow', ['registration'])->plainTextToken;
return response()->json([
'success' => true,
'message' => 'Usuario registrado. Procede al pago para activar tu cuenta.',
'data' => [
'user' => [
'id' => $user->id,
'name' => $user->name,
'email' => $user->email,
'email_verified' => false,
],
'token' => $tempToken,
'requires_payment' => true,
'requires_activation' => true,
]
], 201);
} catch (\Exception $e) {
Log::error('Registration error: ' . $e->getMessage());
return response()->json([
'success' => false,
'message' => 'Error al registrar usuario',
'error' => $e->getMessage()
], 500);
}
}
/**
* Login user
*/
public function login(Request $request): JsonResponse
{
try {
$validator = Validator::make($request->all(), [
'email' => 'required|email',
'password' => 'required',
], [
'email.required' => 'El email es obligatorio',
'email.email' => 'El email debe ser válido',
'password.required' => 'La contraseña es obligatoria',
]);
if ($validator->fails()) {
return response()->json([
'success' => false,
'message' => 'Error de validación',
'errors' => $validator->errors()
], 422);
}
$user = User::where('email', $request->email)->first();
if (!$user || !Hash::check($request->password, $user->password)) {
return response()->json([
'success' => false,
'message' => 'Credenciales incorrectas'
], 401);
}
// Check if email is verified (account activated)
if (!$user->email_verified_at) {
return response()->json([
'success' => false,
'message' => 'Tu cuenta aún no está activada. Revisa tu email para activarla.',
'error' => 'email_not_verified',
'data' => [
'email_verified' => false,
'can_resend' => true,
]
], 403);
}
// Check if user has an active subscription (skip for demo users)
if (!$user->is_demo) {
$hasActiveSubscription = $user->subscriptions()->active()->exists();
if (!$hasActiveSubscription) {
return response()->json([
'success' => false,
'message' => 'No tienes una suscripción activa. Por favor, completa el pago.',
'error' => 'no_subscription',
'data' => [
'email_verified' => true,
'has_subscription' => false,
]
], 403);
}
}
$token = $user->createToken('auth-token')->plainTextToken;
return response()->json([
'success' => true,
'message' => $user->is_demo ? 'Bienvenido al modo demostración' : 'Inicio de sesión exitoso',
'data' => [
'user' => [
'id' => $user->id,
'name' => $user->name,
'email' => $user->email,
'email_verified' => true,
'is_demo' => $user->is_demo ?? false,
],
'token' => $token,
]
], 200);
} catch (\Exception $e) {
Log::error('Login error: ' . $e->getMessage());
return response()->json([
'success' => false,
'message' => 'Error al iniciar sesión',
'error' => $e->getMessage()
], 500);
}
}
/**
* Activate account via email token
*/
public function activateAccount(Request $request): JsonResponse
{
try {
$validator = Validator::make($request->all(), [
'token' => 'required|string|size:64',
]);
if ($validator->fails()) {
return response()->json([
'success' => false,
'message' => 'Token inválido',
], 422);
}
$verificationToken = EmailVerificationToken::findValid($request->token);
if (!$verificationToken) {
return response()->json([
'success' => false,
'message' => 'El enlace de activación es inválido o ha expirado.',
'error' => 'invalid_token',
], 400);
}
$user = $verificationToken->user;
// Activate the user
$user->update(['email_verified_at' => now()]);
$verificationToken->markAsUsed();
// Create auth token for immediate login
$authToken = $user->createToken('auth-token')->plainTextToken;
return response()->json([
'success' => true,
'message' => '¡Tu cuenta ha sido activada! Ya puedes acceder al sistema.',
'data' => [
'user' => [
'id' => $user->id,
'name' => $user->name,
'email' => $user->email,
'email_verified' => true,
],
'token' => $authToken,
]
]);
} catch (\Exception $e) {
Log::error('Activation error: ' . $e->getMessage());
return response()->json([
'success' => false,
'message' => 'Error al activar la cuenta',
], 500);
}
}
/**
* Resend activation email
*/
public function resendActivation(Request $request): JsonResponse
{
try {
$validator = Validator::make($request->all(), [
'email' => 'required|email|exists:users,email',
]);
if ($validator->fails()) {
return response()->json([
'success' => false,
'message' => 'Email no encontrado',
], 404);
}
$user = User::where('email', $request->email)->first();
if ($user->email_verified_at) {
return response()->json([
'success' => false,
'message' => 'Esta cuenta ya está activada',
], 400);
}
// Check if user has completed payment
$subscription = $user->subscriptions()->active()->first();
if (!$subscription) {
return response()->json([
'success' => false,
'message' => 'Primero debes completar el pago de tu suscripción',
], 400);
}
// Create new verification token and send email
$verificationToken = EmailVerificationToken::createForUser($user);
$frontendUrl = config('app.frontend_url', 'https://webmoney.cnxifly.com');
$activationUrl = "{$frontendUrl}/activate?token={$verificationToken->token}";
Mail::to($user->email)->send(new AccountActivationMail(
$user,
$activationUrl,
$subscription->plan->name
));
return response()->json([
'success' => true,
'message' => 'Email de activación reenviado. Revisa tu bandeja de entrada.',
]);
} catch (\Exception $e) {
Log::error('Resend activation error: ' . $e->getMessage());
return response()->json([
'success' => false,
'message' => 'Error al reenviar el email',
], 500);
}
}
/**
* Cancel registration - delete unactivated user account
* Used when PayPal payment is canceled or fails
*/
public function cancelRegistration(Request $request): JsonResponse
{
try {
$validator = Validator::make($request->all(), [
'email' => 'required|email|exists:users,email',
]);
if ($validator->fails()) {
return response()->json([
'success' => false,
'message' => 'Usuario no encontrado',
], 404);
}
$user = User::where('email', $request->email)->first();
// Only allow deletion if account is NOT activated
if ($user->email_verified_at) {
return response()->json([
'success' => false,
'message' => 'Esta cuenta ya está activada y no puede ser eliminada',
], 400);
}
// Delete associated data
$user->tokens()->delete(); // Delete all tokens
EmailVerificationToken::where('user_id', $user->id)->delete();
$user->subscriptions()->delete();
$user->delete();
Log::info("Unactivated user account deleted: {$request->email}");
return response()->json([
'success' => true,
'message' => 'Registro cancelado. Puedes intentar nuevamente.',
]);
} catch (\Exception $e) {
Log::error('Cancel registration error: ' . $e->getMessage());
return response()->json([
'success' => false,
'message' => 'Error al cancelar el registro',
], 500);
}
}
/**
* Logout user (revoke token)
*/
public function logout(Request $request): JsonResponse
{
try {
$request->user()->currentAccessToken()->delete();
return response()->json([
'success' => true,
'message' => 'Sesión cerrada exitosamente'
], 200);
} catch (\Exception $e) {
return response()->json([
'success' => false,
'message' => 'Error al cerrar sesión',
'error' => $e->getMessage()
], 500);
}
}
/**
* Get authenticated user
*/
public function me(Request $request): JsonResponse
{
try {
$user = $request->user();
return response()->json([
'success' => true,
'data' => [
'user' => [
'id' => $user->id,
'name' => $user->name,
'first_name' => $user->first_name,
'last_name' => $user->last_name,
'full_name' => $user->full_name,
'email' => $user->email,
'phone_country_code' => $user->phone_country_code,
'phone' => $user->phone,
'full_phone' => $user->full_phone,
'accept_whatsapp' => $user->accept_whatsapp,
'accept_emails' => $user->accept_emails,
'avatar' => $user->avatar,
'country' => $user->country,
'timezone' => $user->timezone,
'locale' => $user->locale,
]
]
], 200);
} catch (\Exception $e) {
return response()->json([
'success' => false,
'message' => 'Error al obtener datos del usuario',
'error' => $e->getMessage()
], 500);
}
}
/**
* Update user profile (all profile fields including password)
*/
public function updateProfile(Request $request): JsonResponse
{
try {
$user = $request->user();
$rules = [
'first_name' => 'sometimes|required|string|max:255',
'last_name' => 'sometimes|required|string|max:255',
'email' => 'sometimes|required|string|email|max:255|unique:users,email,' . $user->id,
'phone_country_code' => 'nullable|string|max:5',
'phone' => 'nullable|string|max:20',
'accept_whatsapp' => 'nullable|boolean',
'accept_emails' => 'nullable|boolean',
'country' => 'nullable|string|size:2',
'timezone' => 'nullable|string|max:50',
'locale' => 'nullable|string|max:5',
'current_password' => 'required_with:new_password',
'new_password' => 'nullable|string|min:8|confirmed',
];
$messages = [
'first_name.required' => 'O nome é obrigatório',
'first_name.max' => 'O nome deve ter no máximo 255 caracteres',
'last_name.required' => 'O sobrenome é obrigatório',
'last_name.max' => 'O sobrenome deve ter no máximo 255 caracteres',
'email.required' => 'O email é obrigatório',
'email.email' => 'O email deve ser válido',
'email.unique' => 'Este email já está em uso',
'current_password.required_with' => 'A senha atual é obrigatória para alterar a senha',
'new_password.min' => 'A nova senha deve ter pelo menos 8 caracteres',
'new_password.confirmed' => 'As senhas não coincidem',
];
$validator = Validator::make($request->all(), $rules, $messages);
if ($validator->fails()) {
return response()->json([
'success' => false,
'message' => 'Erro de validação',
'errors' => $validator->errors()
], 422);
}
// Verificar senha atual se estiver alterando senha
if ($request->filled('new_password')) {
if (!Hash::check($request->current_password, $user->password)) {
return response()->json([
'success' => false,
'message' => 'Senha atual incorreta',
'errors' => ['current_password' => ['A senha atual está incorreta']]
], 422);
}
$user->password = Hash::make($request->new_password);
}
// Atualizar campos do perfil
$profileFields = [
'first_name', 'last_name', 'email',
'phone_country_code', 'phone',
'accept_whatsapp', 'accept_emails',
'country', 'timezone', 'locale'
];
foreach ($profileFields as $field) {
if ($request->has($field)) {
$user->$field = $request->$field;
}
}
// Atualizar name baseado em first_name e last_name
if ($request->has('first_name') || $request->has('last_name')) {
$user->name = trim(($user->first_name ?? '') . ' ' . ($user->last_name ?? ''));
}
$user->save();
return response()->json([
'success' => true,
'message' => 'Perfil atualizado com sucesso',
'data' => [
'user' => [
'id' => $user->id,
'name' => $user->name,
'first_name' => $user->first_name,
'last_name' => $user->last_name,
'full_name' => $user->full_name,
'email' => $user->email,
'phone_country_code' => $user->phone_country_code,
'phone' => $user->phone,
'full_phone' => $user->full_phone,
'accept_whatsapp' => $user->accept_whatsapp,
'accept_emails' => $user->accept_emails,
'avatar' => $user->avatar,
'country' => $user->country,
'timezone' => $user->timezone,
'locale' => $user->locale,
]
]
], 200);
} catch (\Exception $e) {
return response()->json([
'success' => false,
'message' => 'Erro ao atualizar perfil',
'error' => $e->getMessage()
], 500);
}
}
}
Reference in New Issue View Git Blame Copy Permalink