setup middlewares, admin models and rights

Author: sudo-which-qp

app/Enums/StatusCode.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace App\Enums;
+
+enum StatusCode: int
+{
+
+    case Ok = 200;
+    case Continue = 201;
+    case BadRequest = 400;
+    case Unauthorized = 401;
+    case Forbidden = 403;
+    case NotFound = 404;
+    case MethodNotAllowed = 405;
+    case UnprocessableEntity = 422;
+    case InternalServerError = 500;
+}

app/Http/Controllers/ProfileController.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class Admin
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
+     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        if (!Auth::guard('admin')->check()) {
+            $notification = array(
+                'title' => 'Sorry!',
+                'message' => 'You need to login first',
+                'alert-type' => 'warning',
+            );
+
+            return redirect()->route('/')->with($notification);
+        }
+        return $next($request);
+    }
+}

app/Http/Middleware/Admin.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Auth\Middleware\Authenticate as Middleware;
+
+class Authenticate extends Middleware
+{
+    /**
+     * Get the path the user should be redirected to when they are not authenticated.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return string|null
+     */
+    protected function redirectTo($request)
+    {
+        if (! $request->expectsJson()) {
+            return route('login');
+        }
+    }
+}

app/Http/Middleware/Authenticate.php

@@ -0,0 +1,46 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Models\User;
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Symfony\Component\HttpFoundation\Response;
+
+class CheckUserHasVerify
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next): Response
+    {
+        $user = Auth::user();
+        $mUser = User::where('id', $user->id)->first();
+        if (is_null($user)) {
+            return response()->json([
+                'status' => 404,
+                'success' => false,
+                'message' => 'This account does not exist.',
+                'data' => null,
+            ], 404,);
+        }
+        if ($user->email_verified_at == null) {
+
+            $token = $mUser->createToken('token')->plainTextToken;
+            $unverifiedData = [
+                'token' => $token,
+            ];
+
+            return response()->json([
+                'status' => 401,
+                'success' => false,
+                'message' => 'This account is not yet verified.',
+                'data' => $unverifiedData,
+            ], 401,);
+        }
+        return $next($request);
+    }
+}

app/Http/Middleware/CheckUserHasVerify.php

@@ -0,0 +1,42 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Models\User;
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Symfony\Component\HttpFoundation\Response;
+
+class CheckUserIsSuspended
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next): Response
+    {
+        $user = Auth::user();
+        $mUser = User::where('id', $user->id)->first();
+        if (is_null($mUser)) {
+            return response()->json([
+                'status' => 404,
+                'success' => false,
+                'message' => 'This account does not exist.',
+                'data' => null,
+            ], 404,);
+        }
+
+        if ($mUser->is_suspended === 1) {
+            return response()->json([
+                'status' => 401,
+                'success' => false,
+                'message' => 'This account is suspended',
+                'data' => null,
+            ], 401,);
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/CheckUserIsSuspended.php

@@ -0,0 +1,112 @@
+<?php
+
+namespace Illuminate\Http\Middleware;
+
+use Closure;
+use Fruitcake\Cors\CorsService;
+use Illuminate\Contracts\Container\Container;
+use Illuminate\Http\Request;
+
+class HandleCors
+{
+    /**
+     * The container instance.
+     *
+     * @var \Illuminate\Contracts\Container\Container
+     */
+    protected $container;
+
+    /**
+     * The CORS service instance.
+     *
+     * @var \Fruitcake\Cors\CorsService
+     */
+    protected $cors;
+
+    /**
+     * Create a new middleware instance.
+     *
+     * @param  \Illuminate\Contracts\Container\Container  $container
+     * @param  \Fruitcake\Cors\CorsService  $cors
+     * @return void
+     */
+    public function __construct(Container $container, CorsService $cors)
+    {
+        $this->container = $container;
+        $this->cors = $cors;
+    }
+
+    /**
+     * Handle the incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return \Illuminate\Http\Response
+     */
+    public function handle($request, Closure $next)
+    {
+        if (! $this->hasMatchingPath($request)) {
+            return $next($request);
+        }
+
+        $this->cors->setOptions($this->container['config']->get('cors', []));
+
+        if ($this->cors->isPreflightRequest($request)) {
+            $response = $this->cors->handlePreflightRequest($request);
+
+            $this->cors->varyHeader($response, 'Access-Control-Request-Method');
+
+            return $response;
+        }
+
+        $response = $next($request);
+
+        if ($request->getMethod() === 'OPTIONS') {
+            $this->cors->varyHeader($response, 'Access-Control-Request-Method');
+        }
+
+        return $this->cors->addActualRequestHeaders($response, $request);
+    }
+
+    /**
+     * Get the path from the configuration to determine if the CORS service should run.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return bool
+     */
+    protected function hasMatchingPath(Request $request): bool
+    {
+        $paths = $this->getPathsByHost($request->getHost());
+
+        foreach ($paths as $path) {
+            if ($path !== '/') {
+                $path = trim($path, '/');
+            }
+
+            if ($request->fullUrlIs($path) || $request->is($path)) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    /**
+     * Get the CORS paths for the given host.
+     *
+     * @param  string  $host
+     * @return array
+     */
+    protected function getPathsByHost(string $host)
+    {
+        $paths = $this->container['config']->get('cors.paths', []);
+
+        if (isset($paths[$host])) {
+            return $paths[$host];
+        }
+
+        return array_filter($paths, function ($path) {
+            return is_string($path);
+        });
+    }
+}

app/Http/Middleware/HandleCors.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance as Middleware;
+
+class PreventRequestsDuringMaintenance extends Middleware
+{
+    /**
+     * The URIs that should be reachable while maintenance mode is enabled.
+     *
+     * @var array<int, string>
+     */
+    protected $except = [
+        //
+    ];
+}