Sprint 4

app/Http/Controllers/Api/PokemonController.php

@@ -0,0 +1,95 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\Request;
+use App\Models\pokemon;
+use Illuminate\Support\Facades\Validator;
+
+
+class PokemonController extends Controller
+{
+    //index: obtiene todos los pokemones
+    public function index()
+    {
+        $pokemons = pokemon::all();
+        return response()->json(['pokemons' => $pokemons], 200);
+    }
+    //show: obtiene un pokemon por id
+    public function show($id)
+    {
+        $pokemon = pokemon::find($id);
+        if ($pokemon) {
+            return response()->json(['pokemon' => $pokemon], 200);
+        } else {
+            return response()->json(['message' => 'Pokemon not found'], 404);
+        }
+    }
+    //store: crea un nuevo pokemon
+    public function store(Request $request)
+    {
+        $validator = Validator::make($request->all(), [
+            'name' => 'required|string|max:255',
+            'image' => 'required|string|url',
+        ]);
+
+        if ($validator->fails()) {
+            return response()->json(['error' => $validator->errors()], 422);
+        }
+
+        $pokemon = pokemon::create($request->all());
+        return response()->json(['pokemon' => $pokemon], 201);
+    }
+    //update: actualiza un pokemon por id
+    public function update(Request $request, $id)
+    {
+        $pokemon = pokemon::find($id);
+        if ($pokemon) {
+            $validator = Validator::make($request->all(), [
+                'name' => 'string|max:255',
+                'image' => 'url',
+            ]);
+
+            if ($validator->fails()) {
+                return response()->json(['errors' => $validator->errors()], 422);
+            }
+
+            $pokemon->update($request->all());
+            return response()->json(['pokemon' => $pokemon], 200);
+        } else {
+            return response()->json(['message' => 'Pokemon not found'], 404);
+        }
+    }
+    //updatePartial: actualiza parcialmente un pokemon por id
+    public function updatePartial(Request $request, $id)
+    {
+        $pokemon = pokemon::find($id);
+        if ($pokemon) {
+            $validator = Validator::make($request->all(), [
+                'name' => 'string|max:255',
+                'image' => 'url',
+            ]);
+
+            if ($validator->fails()) {
+                return response()->json(['errors' => $validator->errors()], 422);
+            }
+
+            $pokemon->update($request->only(array_keys($request->all())));
+            return response()->json(['pokemon' => $pokemon], 200);
+        } else {
+            return response()->json(['message' => 'Pokemon not found'], 404);
+        }
+    }
+    //destroy: elimina un pokemon por id
+    public function destroy($id)
+    {
+        $pokemon = pokemon::find($id);
+        if ($pokemon) {
+            $pokemon->delete();
+            return response()->json(['message' => 'Pokemon deleted successfully'], 200);
+        } else {
+            return response()->json(['message' => 'Pokemon not found'], 404);
+        }
+    }
+}

app/Http/Controllers/AuthController.php

@@ -0,0 +1,107 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Validator;
+use Illuminate\Support\Facades\Hash;
+use Tymon\JWTAuth\Facades\JWTAuth;
+use Tymon\JWTAuth\Exceptions\JWTException;
+use Illuminate\Support\Facades\Auth;
+
+class AuthController extends Controller
+{
+    public function register(Request $request)
+    {
+        //validate the request with library
+        $validator = Validator::make($request->all(), [
+            'name' => 'required|string|max:255',
+            'email' => 'required|string|email|max:255|unique:users',
+            'password' => 'required|string|min:8|confirmed',
+            'role' => 'string|in:user,admin',
+        ]);
+        if ($validator->fails()) {
+            return response()->json($validator->errors(), 422);
+        }
+        //create user
+        $user = \App\Models\User::create([
+            'name' => $request->name,
+            'email' => $request->email,
+            'password' => bcrypt($request->password),
+            'role' => $request->role ? $request->role : 'user',
+        ]);
+        //return user
+        return response()->json([
+            'user' => $user,
+            'message' => 'User created successfully',
+        ], 201);
+    }
+
+    public function login(Request $request)
+    {
+        //validate the request with library
+        $validator = Validator::make($request->all(), [
+            'email' => 'required|string|email',
+            'password' => 'required|string|min:8',
+        ]);
+        if ($validator->fails()) {
+            return response()->json($validator->errors(), 422);
+        }
+        //check if user exists
+        $user = \App\Models\User::where('email', $request->email)->first();
+        if (!$user || !Hash::check($request->password, $user->password)) {
+            return response()->json([
+                'message' => 'Invalid credentials',
+            ], 401);
+        }
+        //create token
+        $token = JWTAuth::attempt($request->only('email', 'password'));
+        return response()->json([
+            'token' => $token,
+            'user' => $user,
+        ]);
+        //validate the credentials with library
+        try {
+            if(!$token=JWTAuth::attempt($credentials)){
+                return response()->json(['error' => 'invalid_credentials'], 401);
+
+            }
+            return response()->json([
+                'message' => 'User logged in successfully',
+                'token' => $token,
+            ], 200);
+        } catch (JWTException $e) {
+            return response()->json(['error' => 'could_not_create_token'], 500);
+        }
+
+
+    }
+
+    //get user
+    public function getUser()
+    {
+        $user= Auth::user();
+        return response()->json([
+            'message' => 'User retrieved successfully',
+            'data' => $user,
+        ],200);
+    }
+
+    //logout
+    public function logout()
+    {
+        try {
+            JWTAuth::invalidate(JWTAuth::getToken());
+            return response()->json([
+                'message' => 'User logged out successfully',
+            ], 200);
+        } catch (JWTException $e) {
+            return response()->json([
+                'message' => 'Failed to logout, please try again',
+            ], 500);
+        }
+    }
+
+
+
+}

app/Http/Middleware/IsAdmin.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class IsAdmin
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next): Response
+    {
+        $user= auth('api')->user();
+        if ($user && $user->role == 'admin') {
+            return $next($request);
+        } else {
+            return response()->json([
+                'message' => 'Unauthorized'
+            ], 403);
+        }
+    }
+}

app/Http/Middleware/IsUserAuth.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class IsUserAuth
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next): Response
+    {
+        if (auth('api')->user()){
+            return $next($request);
+        }else{
+            return response()->json([
+                'message' => 'Unauthorized'
+            ], 401);
+        }
+
+    }
+}

app/Models/User.php

@@ -6,8 +6,9 @@
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Foundation\Auth\User as Authenticatable;
 use Illuminate\Notifications\Notifiable;
+use Tymon\JWTAuth\Contracts\JWTSubject;
 
-class User extends Authenticatable
+class User extends Authenticatable implements JWTSubject
 {
     use HasFactory, Notifiable;
 
@@ -20,6 +21,7 @@ class User extends Authenticatable
         'name',
         'email',
         'password',
+        'role',
     ];
 
     /**
@@ -44,4 +46,19 @@ protected function casts(): array
             'password' => 'hashed',
         ];
     }
+    public function getJWTIdentifier()
+    {
+        return $this->getKey();
+    }
+
+    /**
+     * Return a key value array, containing any custom claims to be added to the JWT.
+     *
+     * @return array
+     */
+    public function getJWTCustomClaims()
+    {
+        return [];
+    }
 }
+

app/Models/pokemon.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Model;
+
+class pokemon extends Model
+{
+public $timestamps = false;
+
+    use HasFactory;
+    protected $table = 'pokemons';
+    protected $fillable = [
+        'name',
+        'image'
+    ];
+}

bootstrap/app.php

@@ -7,6 +7,7 @@
 return Application::configure(basePath: dirname(__DIR__))
     ->withRouting(
         web: __DIR__.'/../routes/web.php',
+        api: __DIR__.'/../routes/api.php',
         commands: __DIR__.'/../routes/console.php',
         health: '/up',
     )

composer.json

@@ -7,7 +7,9 @@
     "require": {
         "php": "^8.2",
         "laravel/framework": "^11.9",
-        "laravel/tinker": "^2.9"
+        "laravel/sanctum": "^4.0",
+        "laravel/tinker": "^2.9",
+        "tymon/jwt-auth": "^2.2"
     },
     "require-dev": {
         "fakerphp/faker": "^1.23",