Skip to content

Commit

Permalink
🔥 Remove signup endpoint of APIv1
Browse files Browse the repository at this point in the history 
belongs to #1772
  • Loading branch information
@MrKrisKrisu
MrKrisKrisu committed Aug 9, 2023
1 parent d319963 commit b9b11f9
Show file tree
Hide file tree
Showing 6 changed files with 30 additions and 388 deletions.
17 changes: 14 additions & 3 deletions API_CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,18 @@ In this we try to keep track of changes to the API.
Primarily this should document changes that are not backwards compatible or belongs to already documented endpoints.
This is to help you keep track of the changes and to help you update your code accordingly.

## 2023-08-09

Drop endpoint `POST /api/v1/auth/signup` ([#1772](https://github.com/Traewelling/traewelling/issues/1772))

> **warning**
> Endpoint `POST /api/v1/auth/login` will be removed in the future as well.
> Please migrate to OAuth2 as soon as possible.
## 2023-08-06.2

Renamed ~~`overriddenDeparture`~~ to `manualDeparture` and ~~`overriddenArrival`~~ to `manualArrival` in all endpoints which
Renamed ~~`overriddenDeparture`~~ to `manualDeparture` and ~~`overriddenArrival`~~ to `manualArrival` in all endpoints
which
return a `Status` object ([#1809](https://github.com/Traewelling/traewelling/pull/1809))

Affected endpoints:
Expand All @@ -25,7 +34,8 @@ Affected endpoints:

> [!IMPORTANT]
> **Backwards compatibility will be kept until 2023-10**
> The old attributes ~~`real_departure`~~ and ~~`real_arrival`~~ will still work until 2023-10, then they will be removed.
> The old attributes ~~`real_departure`~~ and ~~`real_arrival`~~ will still work until 2023-10, then they will be
> removed.
> Affected endpoints will return both named attributes until then.
## 2023-08-06.1
Expand All @@ -35,4 +45,5 @@ endpoint `PUT /api/v1/status/{id}` ([#1809](https://github.com/Traewelling/traew

> [!IMPORTANT]
> **Backwards compatibility will be kept until 2023-10**
> The old attributes ~~`real_departure`~~ and ~~`real_arrival`~~ will still work until 2023-10, then they will be removed.
> The old attributes ~~`real_departure`~~ and ~~`real_arrival`~~ will still work until 2023-10, then they will be
> removed.
153 changes: 8 additions & 145 deletions app/Http/Controllers/API/v1/AuthController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,167 +4,30 @@

use App\Http\Controllers\Backend\Auth\LoginController;
use App\Http\Resources\UserSettingsResource;
use App\Models\User;
use App\Providers\AuthServiceProvider;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
use App\Providers\AuthServiceProvider;
use Illuminate\Validation\ValidationException;

class AuthController extends Controller
{
/**
* @OA\Post(
* path="/auth/signup",
* operationId="registerUser",
* tags={"Auth"},
* summary="register new user",
* @OA\RequestBody(
* required=true,
* @OA\JsonContent(
* @OA\Property(
* property="username",
* type="string",
* minLength=3,
* maxLength=25,
* pattern="^[a-zA-Z0-9_]*$",
* description="Username",
* example="Gertrud123"
* ),
* @OA\Property (
* property="name",
* type="string",
* maxLength=50,
* ),
* @OA\Property (
* property="email",
* example="[email protected]"
* ),
* @OA\Property(
* property="password",
* description="password",
* type="string",
* minLength=8,
* maxLength=255,
* example="thisisnotasecurepassword123"
* ),
* @OA\Property (
* property="password_confirmation",
* description="confirmation of the password-field.",
* type="string",
* minLength=8,
* maxLength=255,
* example="thisisnotasecurepassword123"
* )
* )
* ),
* @OA\Response(
* response=200,
* description="successful operation",
* @OA\JsonContent(
* @OA\Property(property="data", type="object",
* ref="#/components/schemas/BearerTokenResponse"
* )
* )
* ),
* @OA\Response(response=401, description="Other (not specified) error occured"),
* @OA\Response(response=422, description="Username or email is already taken, or other input error")
* )
*
*
* @param Request $request
*
* @return JsonResponse
* @throws ValidationException
* @api v1
*/
public function register(Request $request): JsonResponse {
$validator = Validator::make($request->all(), [
'username' => ['required', 'unique:users', 'min:3', 'max:25', 'regex:/^[a-zA-Z0-9_]*$/'],
'name' => ['required', 'max:50'],
'email' => ['required', 'email', 'unique:users', 'max:255'],
'password' => ['required', 'confirmed', 'max:255'],
]);

if ($validator->fails()) {
return response()->json([
'status' => 'error',
'errors' => $validator->errors()
], 422);
}

$validated = $validator->validated();
$validated['password'] = Hash::make($validated['password']);
$validated['last_login'] = now();
$user = User::create($validated);

if ($user->wasRecentlyCreated) {
$userToken = $user->createToken('token', array_keys(AuthServiceProvider::$scopes));
return $this->sendResponse(
data: [
'token' => $userToken->accessToken,
'expires_at' => $userToken->token->expires_at->toIso8601String()
],
code: 201
);
}
return $this->sendError("Sorry! Registration is not successful.", 401);
}

/**
* @OA\Post(
* path="/auth/login",
* operationId="loginUser",
* tags={"Auth"},
* summary="Login with username & password",
* @OA\RequestBody(
* required=true,
* @OA\JsonContent(
* @OA\Property(
* property="login",
* type="string",
* minLength=8,
* maxLength=255,
* description="Username or email",
* example="[email protected]"
* ),
* @OA\Property(
* property="password",
* description="password",
* type="string",
* minLength=8,
* maxLength=255,
* example="thisisnotasecurepassword123"
* )
* )
* ),
* @OA\Response(
* response=200,
* description="successful operation",
* @OA\JsonContent(
* @OA\Property(property="data", type="object",
* ref="#/components/schemas/BearerTokenResponse"
* )
* )
* ),
* @OA\Response(response=400, description="Bad request"),
* @OA\Response(response=401, description="Non-matching credentials")
* )
*
*
* @param Request $request
*
* @return JsonResponse
* @api v1
* @deprecated Remove before 2023-10! Maybe earlier - if possible. Deprecation is already announced since
* November'22.
*/
public function login(Request $request): JsonResponse {
$validated = $request->validate(['login' => ['required', 'max:255'], 'password' => ['required', 'min:8', 'max:255']]);

if (LoginController::login($validated['login'], $validated['password'])) {
$token = $request->user()->createToken('token', array_keys(AuthServiceProvider::$scopes));
return $this->sendResponse(['token' => $token->accessToken,
'expires_at' => $token->token->expires_at->toIso8601String()])
return $this->sendResponse([
'WARNING' => 'This endpoint (login) is deprecated and will be removed in the following weeks. Please migrate to use OAuth2. More information: https://github.com/Traewelling/traewelling/issues/1772',
'token' => $token->accessToken,
'expires_at' => $token->token->expires_at->toIso8601String(),
])
->header('Authorization', $token->accessToken);
}
return $this->sendError('Non-matching credentials', 401);
Expand Down
3 changes: 1 addition & 2 deletions routes/api.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,8 +33,7 @@
Route::group(['prefix' => 'v1', 'middleware' => ['return-json']], static function() {
Route::group(['prefix' => 'auth'], function() {
Route::post('login', [v1Auth::class, 'login']);
Route::post('signup', [v1Auth::class, 'register']);
Route::group(['middleware' => 'auth:api'], function() {
Route::group(['middleware' => 'auth:api'], static function() {
Route::post('refresh', [v1Auth::class, 'refresh']);
Route::post('logout', [v1Auth::class, 'logout']);
Route::get('user', [v1Auth::class, 'user']);
Expand Down
140 changes: 3 additions & 137 deletions storage/api-docs/api-docs.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,137 +23,6 @@
}
],
"paths": {
"/auth/signup": {
"post": {
"tags": [
"Auth"
],
"summary": "register new user",
"operationId": "registerUser",
"requestBody": {
"required": true,
"content": {
"application/json": {
"schema": {
"properties": {
"username": {
"description": "Username",
"type": "string",
"maxLength": 25,
"minLength": 3,
"pattern": "^[a-zA-Z0-9_]*$",
"example": "Gertrud123"
},
"name": {
"type": "string",
"maxLength": 50
},
"email": {
"example": "[email protected]"
},
"password": {
"description": "password",
"type": "string",
"maxLength": 255,
"minLength": 8,
"example": "thisisnotasecurepassword123"
},
"password_confirmation": {
"description": "confirmation of the password-field.",
"type": "string",
"maxLength": 255,
"minLength": 8,
"example": "thisisnotasecurepassword123"
}
},
"type": "object"
}
}
}
},
"responses": {
"200": {
"description": "successful operation",
"content": {
"application/json": {
"schema": {
"properties": {
"data": {
"$ref": "#/components/schemas/BearerTokenResponse"
}
},
"type": "object"
}
}
}
},
"401": {
"description": "Other (not specified) error occured"
},
"422": {
"description": "Username or email is already taken, or other input error"
}
}
}
},
"/auth/login": {
"post": {
"tags": [
"Auth"
],
"summary": "Login with username & password",
"operationId": "loginUser",
"requestBody": {
"required": true,
"content": {
"application/json": {
"schema": {
"properties": {
"login": {
"description": "Username or email",
"type": "string",
"maxLength": 255,
"minLength": 8,
"example": "[email protected]"
},
"password": {
"description": "password",
"type": "string",
"maxLength": 255,
"minLength": 8,
"example": "thisisnotasecurepassword123"
}
},
"type": "object"
}
}
}
},
"responses": {
"200": {
"description": "successful operation",
"content": {
"application/json": {
"schema": {
"properties": {
"data": {
"$ref": "#/components/schemas/BearerTokenResponse"
}
},
"type": "object"
}
}
}
},
"400": {
"description": "Bad request"
},
"401": {
"description": "Non-matching credentials"
}
}
}
},
"/auth/logout": {
"post": {
"tags": [
Expand Down Expand Up @@ -2007,9 +1876,6 @@
"401": {
"description": "Unauthorized"
},
"404": {
"description": "No statuses found"
},
"403": {
"description": "User not authorized to access this"
}
Expand Down Expand Up @@ -5757,9 +5623,9 @@
"scheme": "https",
"flows": {
"authorizationCode": {
"authorizationUrl": "http://localhost/oauth/authorize",
"tokenUrl": "http://localhost/oauth/token",
"refreshUrl": "http://localhost/auth/refresh",
"authorizationUrl": "http://localhost:8000/oauth/authorize",
"tokenUrl": "http://localhost:8000/oauth/token",
"refreshUrl": "http://localhost:8000/auth/refresh",
"scopes": {
"read-statuses": "see all statuses",
"read-notifications": "see your notifications",
Expand Down
Loading

0 comments on commit b9b11f9

Please sign in to comment.