update auth

mrprotocoll · mrprotocoll · commit 04ecc5ec06da · 2024-07-12T13:07:30.000+01:00
diff --git a/.env.ff b/.env.ff
diff --git a/app/Http/Controllers/V1/Controller.php b/app/Http/Controllers/V1/Controller.php
@@ -6,7 +6,7 @@
 
 /**
  * @OA\Info(
- *     title="Mrprototcol",
+ *     title="Documentation",
  *     version="1.0"
  * ),
  * @OA\SecurityScheme(
@@ -19,11 +19,11 @@
  * ),
  * @OA\Server(
  *     description="Base URL",
- *     url="https://mrprotocol.com/api/v1"
+ *     url="https://domain.dev/v1"
  * ),
  * @OA\Server(
  *     description="Local Base URL",
- *     url="http://127.0.0.1:8000/api/v1"
+ *     url="http://127.0.0.1:8000/v1"
  * ),
  * @OA\Response(
  *     response=500,
diff --git a/config/l5-swagger.php b/config/l5-swagger.php
@@ -14,7 +14,7 @@
                 /*
                  * Route for accessing api documentation interface
                 */
-                'api' => 'api/documentation',
+                'api' => 'v1/documentation',
             ],
             'paths' => [
                 /*
diff --git a/config/sanctum.php b/config/sanctum.php
@@ -47,7 +47,7 @@
     |
     */
 
-    'expiration' => null,
+    'expiration' => 60,
 
     /*
     |--------------------------------------------------------------------------
diff --git a/database/migrations/2024_07_01_212031_create_personal_access_tokens_table.php b/database/migrations/2024_07_01_212031_create_personal_access_tokens_table.php
@@ -13,13 +13,14 @@ public function up(): void
     {
         Schema::create('personal_access_tokens', function (Blueprint $table) {
             $table->id();
-            $table->morphs('tokenable');
+            $table->uuidMorphs('tokenable');
             $table->string('name');
             $table->string('token', 64)->unique();
             $table->text('abilities')->nullable();
             $table->timestamp('last_used_at')->nullable();
             $table->timestamp('expires_at')->nullable();
-            $table->timestamps();
+            $table->timestamp('created_at')->useCurrent();
+            $table->timestamp('updated_at')->useCurrent();
         });
     }
 
diff --git a/routes/v1/auth.php b/routes/v1/auth.php
@@ -34,10 +34,11 @@
         ->name('verification.send');
 
     Route::post('/logout', [AuthenticatedSessionController::class, 'destroy'])
-        ->middleware('auth')
+        ->middleware('auth:sanctum')
         ->name('logout');
 
     Route::get('/google/url', [GoogleAuthController::class, 'googleAuthUrl']);
     Route::post('/google/login', [GoogleAuthController::class, 'googleOauthLogin']);
 
+    Route::post('/refresh-token', [AuthenticatedSessionController::class, 'refreshToken']);
 });
diff --git a/src/modules/V1/Auth/Controllers/AuthenticatedSessionController.php b/src/modules/V1/Auth/Controllers/AuthenticatedSessionController.php
@@ -104,11 +104,49 @@ public function store(LoginRequest $request): \Illuminate\Http\JsonResponse
     public function destroy(Request $request): \Illuminate\Http\JsonResponse
     {
         if ( ! Auth::check()) {
-            return ResponseHelper::error('Unauthorized', 401);
+            return ResponseHelper::error('Unauthenticated', 401);
         }
 
         $request->user()->tokens()->delete();
 
         return ResponseHelper::success(message: 'logged out successfully', status: 204);
     }
+
+    /**
+     * @OA\Post(
+     *     path="/auth/refresh-token",
+     *     summary="Refresh the authentication token",
+     *     description="Revokes the existing token and generates a new token for the authenticated user.",
+     *     tags={"Authentication"},
+     *     @OA\Response(
+     *         response=200,
+     *         description="Token refreshed successfully",
+     *         @OA\JsonContent(
+     *             @OA\Property(property="status", type="boolean", example="success"),
+     *             @OA\Property(property="message", type="string", example="Token refreshed"),
+     *             @OA\Property(property="meta", type="object",
+     *                 @OA\Property(property="accessToken", type="string", example="1|abc123..."),
+     *                 @OA\Property(property="expires_in", type="integer", example=60)
+     *             )
+     *         )
+     *     ),
+     *     @OA\Response(response=401, ref="#/components/responses/401"),
+     * )
+     */
+    public function refreshToken(Request $request): \Illuminate\Http\JsonResponse
+    {
+        $user = auth()->user();
+        $user->tokens()->delete(); // Revoke all existing tokens
+
+        $device = Str::limit($request->userAgent(), 255);
+        $token = $user->createToken($device)->plainTextToken;
+
+        return ResponseHelper::success(
+            message: 'Token refreshed',
+            meta: [
+                'accessToken' => $token,
+                'expires_in' => config('sanctum.expiration'),
+            ],
+        );
+    }
 }
diff --git a/storage/api-docs/api-docs.json b/storage/api-docs/api-docs.json
@@ -1,16 +1,16 @@
 {
     "openapi": "3.0.0",
     "info": {
-        "title": "Mrprototcol",
+        "title": "Documentation",
         "version": "1.0"
     },
     "servers": [
         {
-            "url": "https://mrprotocol.com/api/v1",
+            "url": "https://domain.dev/v1",
             "description": "Base URL"
         },
         {
-            "url": "http://127.0.0.1:8000/api/v1",
+            "url": "http://127.0.0.1:8000/v1",
             "description": "Local Base URL"
         }
     ],
@@ -132,6 +132,54 @@
                 ]
             }
         },
+        "/auth/refresh-token": {
+            "post": {
+                "tags": [
+                    "Authentication"
+                ],
+                "summary": "Refresh the authentication token",
+                "description": "Revokes the existing token and generates a new token for the authenticated user.",
+                "operationId": "0620fc3f15b3351c5a388cd1d0ee913f",
+                "responses": {
+                    "200": {
+                        "description": "Token refreshed successfully",
+                        "content": {
+                            "application/json": {
+                                "schema": {
+                                    "properties": {
+                                        "status": {
+                                            "type": "boolean",
+                                            "example": "success"
+                                        },
+                                        "message": {
+                                            "type": "string",
+                                            "example": "Token refreshed"
+                                        },
+                                        "meta": {
+                                            "properties": {
+                                                "accessToken": {
+                                                    "type": "string",
+                                                    "example": "1|abc123..."
+                                                },
+                                                "expires_in": {
+                                                    "type": "integer",
+                                                    "example": 60
+                                                }
+                                            },
+                                            "type": "object"
+                                        }
+                                    },
+                                    "type": "object"
+                                }
+                            }
+                        }
+                    },
+                    "401": {
+                        "$ref": "#/components/responses/401"
+                    }
+                }
+            }
+        },
         "/auth/email/verification-link": {
             "post": {
                 "tags": [
diff --git a/tests/Feature/V1/Auth/AuthenticationTest.php b/tests/Feature/V1/Auth/AuthenticationTest.php
@@ -8,7 +8,6 @@
 
 beforeEach(function (): void {
     $this->seed(RoleSeeder::class);
-    User::factory()->create();
 });
 
 it('logs in successfully with valid credentials and verified email', function (): void {
@@ -38,7 +37,7 @@
     ]);
 });
 
-test('users cannot authenticate with invalid credentials', function (): void {
+it('users cannot authenticate with invalid credentials', function (): void {
     $user = User::factory()->create();
 
     $response = $this->post('/v1/auth/login', [
@@ -54,7 +53,7 @@
     ]);
 });
 
-test('users cannot authenticate with unverified email', function (): void {
+it('users cannot authenticate with unverified email', function (): void {
     $user = User::factory()->create([
         'email_verified_at' => null,
     ]);
@@ -71,3 +70,20 @@
         'message' => 'Email not verified. Kindly verify your email',
     ]);
 });
+
+it('logs out successfully when authenticated', function () {
+    $user = User::factory()->create();
+    $token = $user->createToken('TestDevice')->plainTextToken;
+
+    $response = $this->postJson('/v1/auth/logout', [], ['Authorization' => "Bearer $token"]);
+
+    $response->assertStatus(204);
+
+    $this->assertCount(0, $user->tokens);
+});
+
+it('returns error when not authenticated', function () {
+    $response = $this->postJson('/v1/auth/logout');
+
+    $response->assertStatus(401);
+});

Original file line number	Diff line number	Diff line change
`@@ -47,7 +47,7 @@`
`47`	`47`	`\|`
`48`	`48`	`*/`
`49`	`49`
`50`		`- 'expiration' => null,`
	`50`	`+ 'expiration' => 60,`
`51`	`51`
`52`	`52`	`/*`
`53`	`53`	`\|--------------------------------------------------------------------------`