feat: improve user authentication classes and response handling

DaniloWA · DaniloWA · commit 287bad0b5356 · 2024-09-23T02:27:19.000-03:00
diff --git a/Traits/HttpResponseException.php b/Traits/HttpResponseException.php
@@ -0,0 +1,36 @@
+<?php
+
+namespace Danilowa\LaravelApiAuth\Traits;
+
+use Danilowa\LaravelResponseBuilder\JsonResponse;
+use Illuminate\Http\Exceptions\HttpResponseException as IlluminateHttpResponseException;
+use Illuminate\Contracts\Validation\Validator;
+
+/**
+ * --------------------------------------------------------------------------
+ * HTTP Response Exception Trait
+ * --------------------------------------------------------------------------
+ *
+ * This trait provides a method to handle validation exceptions by throwing
+ * an HttpResponseException with a structured JSON response containing the
+ * validation errors.
+ */
+trait HttpResponseException
+{
+    /**
+     * Handle a failed validation attempt and throw an HttpResponseException.
+     *
+     * This method constructs a JSON error response using the validation errors
+     * and throws an IlluminateHttpResponseException with the specified status code.
+     *
+     * @param Validator $validator The validator instance containing the validation errors.
+     * @param int $statusCode The HTTP status code for the response (default is 422).
+     * @throws IlluminateHttpResponseException
+     */
+    protected function HttpResponseException(Validator $validator, int $statusCode = 422): void
+    {
+        throw new IlluminateHttpResponseException(
+            JsonResponse::error($statusCode, $validator->errors()->all())
+        );
+    }
+}
diff --git a/composer.json b/composer.json
@@ -1,6 +1,6 @@
 {
   "name": "danilowa/laravel-api-auth",
-  "version": "1.0.0",
+  "version": "1.0.1",
   "description": "A simple and configurable Laravel package for easy API authentication with standardized responses.",
   "type": "library",
   "license": "MIT",
@@ -22,8 +22,8 @@
   "authors": [
     {
       "name": "Danilo Oliveira",
-      "email": "seu-email@example.com",
-      "homepage": "https://seu-site.com",
+      "email": "daniloworkdev@gmail.com",
+      "homepage": "http://www.daniloo.dev",
       "role": "Developer"
     }
   ],
@@ -41,7 +41,8 @@
       "Danilowa\\LaravelApiAuth\\Routes\\": "src/Routes/",
       "Danilowa\\LaravelApiAuth\\DTOs\\": "src/DTOs/",
       "Danilowa\\LaravelApiAuth\\Providers\\": "src/Providers/",
-      "Danilowa\\LaravelApiAuth\\Services\\": "src/Services/"
+      "Danilowa\\LaravelApiAuth\\Services\\": "src/Services/",
+      "Danilowa\\LaravelApiAuth\\Traits\\": "src/Traits/"
     }
   },
   "autoload-dev": {
@@ -61,4 +62,4 @@
     "optimize-autoloader": true,
     "preferred-install": "dist"
   }
-}
+}
diff --git a/config/apiauth.php b/config/apiauth.php
@@ -22,7 +22,7 @@
      * The fully qualified class name of the user model that will be used
      * for authentication. Update this value if you have a custom user model.
      */
-    'user_model' => 'App\Models\User::class',
+    'user_model' => \App\Models\User::class,
 
     /**
      * --------------------------------------------------------------------------
@@ -57,10 +57,13 @@
      */
     'messages' => [
         'user_created' => 'User created successfully!',
+        'user_not_logged_in' => 'User not logged in.',
         'user_logged_in' => 'User logged in!',
         'credentials_incorrect' => 'The provided credentials are incorrect.',
         'tokens_revoked' => 'Tokens revoked successfully!',
+        'token_revoked' => 'Token revoked successfully!',
         'default_error' => 'An error occurred.',
+        'no_active_token' => 'No active token found.',
     ],
 
     /**
@@ -79,6 +82,13 @@
                 // You can add or remove custom rules as needed here
             ],
         ],
+        'logout' => [
+            'rules' => [
+                'email' => 'required|email',
+                'password' => 'required|string',
+                // You can add or remove custom rules as needed here
+            ],
+        ],
         'registration' => [
             'rules' => [
                 'name' => 'required|string|max:255',
diff --git a/src/Controllers/AuthenticationController.php b/src/Controllers/AuthenticationController.php
@@ -2,14 +2,15 @@
 
 namespace Danilowa\LaravelApiAuth\Controllers;
 
-use Illuminate\Http\Request;
 use Illuminate\Http\JsonResponse;
 use Illuminate\Routing\Controller;
 use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
 use Danilowa\LaravelApiAuth\DTOs\UserLoginData;
+use Danilowa\LaravelApiAuth\DTOs\UserLogoutData;
 use Danilowa\LaravelApiAuth\DTOs\UserRegistrationData;
 use Danilowa\LaravelApiAuth\Services\AccessTokenService;
+use Danilowa\LaravelResponseBuilder\JsonResponse as JsonResponseBuilder;
 
 class AuthenticationController extends Controller
 {
@@ -29,20 +30,23 @@ public function __construct(AccessTokenService $accessTokenService)
     /**
      * Register a new user and create an access token.
      *
-     * @param UserRegistrationData $request
-     * @return JsonResponse
+     * This method handles the registration of a new user.
+     * It validates the provided data, creates a new user in the database,
+     * and generates an access token for the user.
+     *
+     * @param UserRegistrationData $request The user registration data transfer object.
+     * @return JsonResponse A JSON response containing the newly created user and their access token.
      */
     public function register(UserRegistrationData $request): JsonResponse
     {
-        $user = $this->userModel::create([
-            'name' => $request->name,
-            'email' => $request->email,
-            'password' => Hash::make($request->password),
-        ]);
+        $data = $request->only(array_keys(config('apiauth.validation.registration.rules')));
+        $data['password'] = Hash::make($request->password);
+
+        $user = $this->userModel::create($data);
 
         $token = $this->accessTokenService->createToken($user, $request->token_name ?? $this->defaultTokenName);
 
-        return JsonResponse::success([
+        return JsonResponseBuilder::success([
             'user' => $user,
             'token' => $token->plainTextToken,
         ], $this->getMessage('user_created'), 201);
@@ -51,19 +55,22 @@ public function register(UserRegistrationData $request): JsonResponse
     /**
      * Log a user in and create an access token.
      *
-     * @param UserLoginData $request
-     * @return JsonResponse
+     * This method attempts to authenticate a user using the provided credentials.
+     * If successful, it generates an access token for the authenticated user.
+     *
+     * @param UserLoginData $request The user login data transfer object.
+     * @return JsonResponse A JSON response containing the access token and the authenticated user.
      */
     public function login(UserLoginData $request): JsonResponse
     {
-        if (!Auth::attempt($request->only('email', 'password'))) {
-            return JsonResponse::error(401, $this->getMessage('credentials_incorrect'));
+        if (!Auth::attempt($request->only(array_keys(config('apiauth.validation.login.rules'))))) {
+            return JsonResponseBuilder::error(401, $this->getMessage('credentials_incorrect'));
         }
 
         $user = Auth::user();
         $token = $this->accessTokenService->createToken($user, $request->token_name ?? $this->defaultTokenName);
 
-        return JsonResponse::success([
+        return JsonResponseBuilder::success([
             'token' => $token->plainTextToken,
             'user' => $user,
         ], $this->getMessage('user_logged_in'));
@@ -72,42 +79,55 @@ public function login(UserLoginData $request): JsonResponse
     /**
      * Log the user out, revoking their access tokens.
      *
-     * @param Request $request
-     * @return JsonResponse
+     * This method allows a user to log out by revoking their access tokens.
+     * It checks whether the user is authenticated and whether they have any active tokens.
+     *
+     * @param UserLogoutData $request The user logout data transfer object.
+     * @return JsonResponse A JSON response indicating the outcome of the logout process.
      */
-    public function logout(Request $request): JsonResponse
+    public function logout(UserLogoutData $request): JsonResponse
     {
+        if (!Auth::attempt($request->only('email', 'password'))) {
+            return JsonResponseBuilder::error(401, $this->getMessage('credentials_incorrect'));
+        }
+
+        $user = $this->userModel::find($request->user()->id);
         $revokeAll = config('apiauth.revoke_all_tokens');
 
-        if ($revokeAll) {
-            $request->user()->tokens()->delete();
-            return JsonResponse::success([], $this->getMessage('tokens_revoked'));
+        if ($user->tokens()->count() === 0) {
+            return JsonResponseBuilder::error(404, $this->getMessage('no_active_token'));
         }
 
-        $token = $request->user()->currentAccessToken();
-        if (!$token) {
-            return JsonResponse::error(404, $this->getMessage('no_active_token'));
+        if ($revokeAll) {
+            $user->tokens()->delete();
+            return JsonResponseBuilder::success([], $this->getMessage('tokens_revoked'));
         }
 
+        $token = $user->tokens()->first();
         $this->accessTokenService->revokeToken($token);
-        return JsonResponse::success([], $this->getMessage('tokens_revoked'));
+        return JsonResponseBuilder::success([], $this->getMessage('token_revoked'));
     }
 
     /**
      * Get the currently authenticated user.
      *
-     * @return JsonResponse
+     * This method retrieves the currently authenticated user's information.
+     *
+     * @return JsonResponse A JSON response containing the authenticated user's data.
      */
     public function currentUser(): JsonResponse
     {
-        return JsonResponse::success(Auth::user());
+        return JsonResponseBuilder::success(Auth::user());
     }
 
     /**
      * Retrieve a message from the configuration.
      *
-     * @param string $key
-     * @return string
+     * This private method fetches a message from the configuration based on the provided key.
+     * If the key does not exist, it returns a default message.
+     *
+     * @param string $key The key for the message in the configuration.
+     * @return string The corresponding message or a default message if not found.
      */
     private function getMessage(string $key): string
     {
diff --git a/src/DTOs/UserLoginData.php b/src/DTOs/UserLoginData.php
@@ -2,28 +2,47 @@
 
 namespace Danilowa\LaravelApiAuth\DTOs;
 
+use Illuminate\Contracts\Validation\Validator;
 use Illuminate\Foundation\Http\FormRequest;
+use Danilowa\LaravelApiAuth\Traits\HttpResponseException;
 
 /**
  * --------------------------------------------------------------------------
- * User Login Data
+ * User Login Data Transfer Object
  * --------------------------------------------------------------------------
  *
  * This class handles the validation rules for user login requests.
- * It extends the FormRequest class to utilize Laravel's validation features.
+ * It extends the FormRequest class to utilize Laravel's validation features
+ * and provides a structured way to validate user login data.
  */
 class UserLoginData extends FormRequest
 {
+    use HttpResponseException;
+
     /**
      * Get the validation rules that apply to the request.
      *
+     * This method retrieves the validation rules defined in the configuration
+     * for user login, ensuring that the data meets the specified criteria.
+     *
      * @return array The validation rules for user login.
      */
-    public function rules()
+    public function rules(): array
     {
-        // Retrieve the validation rules from the configuration
-        $rules = config('apiauth.validation.login.rules');
+        return config('apiauth.validation.login.rules');
+    }
 
-        return $rules;
+    /**
+     * Handle a failed validation attempt.
+     *
+     * This method is triggered when validation fails, providing a custom
+     * response that includes the validation errors.
+     *
+     * @param Validator $validator The validator instance containing the errors.
+     * @return void
+     */
+    protected function failedValidation(Validator $validator): void
+    {
+        $this->HttpResponseException($validator, 422);
     }
 }
diff --git a/src/DTOs/UserLogoutData.php b/src/DTOs/UserLogoutData.php
@@ -0,0 +1,42 @@
+<?php
+
+namespace Danilowa\LaravelApiAuth\DTOs;
+
+use Illuminate\Contracts\Validation\Validator;
+use Illuminate\Foundation\Http\FormRequest;
+use Danilowa\LaravelApiAuth\Traits\HttpResponseException;
+
+/**
+ * --------------------------------------------------------------------------
+ * User Logout Data
+ * --------------------------------------------------------------------------
+ *
+ * This class handles the validation rules for user logout requests.
+ * It extends the FormRequest class to utilize Laravel's validation features.
+ */
+class UserLogoutData extends FormRequest
+{
+    use HttpResponseException;
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array The validation rules for user logout.
+     */
+    public function rules(): array
+    {
+        // Retrieve the validation rules from the configuration
+        return config('apiauth.validation.logout.rules');
+    }
+
+    /**
+     * Handle a failed validation attempt.
+     *
+     * @param Validator $validator The validator instance containing the validation errors.
+     * @throws Illuminate\Http\Exceptions\HttpResponseException
+     */
+    protected function failedValidation(Validator $validator): void
+    {
+        $this->HttpResponseException($validator, 422);
+    }
+}
diff --git a/src/DTOs/UserRegistrationData.php b/src/DTOs/UserRegistrationData.php
@@ -2,7 +2,9 @@
 
 namespace Danilowa\LaravelApiAuth\DTOs;
 
+use Illuminate\Contracts\Validation\Validator;
 use Illuminate\Foundation\Http\FormRequest;
+use Danilowa\LaravelApiAuth\Traits\HttpResponseException;
 
 /**
  * --------------------------------------------------------------------------
@@ -14,16 +16,27 @@
  */
 class UserRegistrationData extends FormRequest
 {
+    use HttpResponseException;
+
     /**
      * Get the validation rules that apply to the request.
      *
      * @return array The validation rules for user registration.
      */
-    public function rules()
+    public function rules(): array
     {
         // Retrieve the validation rules from the configuration
-        $rules = config('apiauth.validation.registration.rules');
+        return config('apiauth.validation.registration.rules');
+    }
 
-        return $rules;
+    /**
+     * Handle a failed validation attempt.
+     *
+     * @param Validator $validator The validator instance containing the validation errors.
+     * @throws Illuminate\Http\Exceptions\HttpResponseException
+     */
+    protected function failedValidation(Validator $validator): void
+    {
+        $this->HttpResponseException($validator, 422);
     }
 }
diff --git a/src/Providers/ApiAuthServiceProvider.php b/src/Providers/ApiAuthServiceProvider.php
