source: app/Http/Controllers/SessionsController.php@ 5372778

main
Last change on this file since 5372778 was 5372778, checked in by bube-ristovska <ristovska725@…>, 4 months ago

Middleware for permissions based on officer, policeman or both

  • Property mode set to 100644
File size: 2.9 KB
RevLine 
[75151c6]1<?php
2
3namespace App\Http\Controllers;
4
[cf84baa]5use App\Models\Officer;
[75151c6]6use Illuminate\Http\Request;
[cf84baa]7use Illuminate\Support\Facades\Auth;
8use Illuminate\Support\Facades\DB;
9use Illuminate\Support\Facades\Session;
[8a258ab]10use Illuminate\Support\Facades\Hash;
[75151c6]11
12class SessionsController extends Controller
13{
[8a258ab]14 function verifyPassword($inputPassword, $storedHash, $salt)
15 {
16 $hashedInputPassword = crypt($inputPassword . $salt, $storedHash);
17
18 return $hashedInputPassword === $storedHash;
19 }
[cf84baa]20 public function store()
21 {
22 $credentials = request()->validate([
23 'badge_no' => 'required',
24 'password' => 'required'
25 ]);
26 $password = $credentials['password'];
27 $badge_no = $credentials['badge_no'];
[69e9f5d]28 // mozhe da se najavi kako policaec i kako officer, znaeme koj e koj po znachkata
29
[cf84baa]30 $policeman = true;
[69e9f5d]31 $is_policeman = DB::select('select * from policeman where badge_no = :badge_no;', ['badge_no' => $badge_no]);
32 $is_officer = DB::select('select * from officer where o_badge_no = :badge_no;', ['badge_no' => $badge_no]);
33 if($is_officer==null && $is_policeman==null) {
34 return back()->withErrors(['password' => 'Invalid credentials']);
[cf84baa]35 }
[69e9f5d]36 if($is_officer!=null) {
37 $pass = DB::select('select o_password from officer where o_badge_no = :o_badge_no;', ['o_badge_no' => $badge_no]);
[8a258ab]38 $salt = DB::select('select salt from officer where o_badge_no = :o_badge_no;', ['o_badge_no' => $badge_no]);
[69e9f5d]39 $policeman = false;
40 } else {
41 $pass = DB::select('select p_password from policeman where badge_no = :badge_no;', ['badge_no' => $badge_no]);
[8a258ab]42 $salt = DB::select('select salt from policeman where badge_no = :badge_no;', ['badge_no' => $badge_no]);
43
[cf84baa]44 }
45
46 foreach ($pass[0] as $key => $val) {
47 $value = $val;
48 break; // Break after the first key-value pair
49 }
[8a258ab]50 foreach ($salt[0] as $key => $val) {
51 $value2 = $val;
52 break; // Break after the first key-value pair
53 }
54 if ($this->verifyPassword($password, $value, $value2)) {
[cf84baa]55 // Authentication passed
[5372778]56 Session::put('auth', true);
[cf84baa]57 Session::put('badge_no', $badge_no);
58 Session::put('is_policeman', $policeman);
[d9c4096]59 if($policeman){
[69e9f5d]60 Session::put('pe_id', $is_policeman[0]->pe_id);
[092fcda]61 Session::put('p_id', $is_policeman[0]->p_id);
[d9c4096]62 } else {
[69e9f5d]63 Session::put('pe_id', $is_officer[0]->pe_id);
[d9c4096]64 }
[7e9dadd]65 return view('welcome');
[cf84baa]66 }
67
68 // Authentication failed
69 return back()->withErrors(['password' => 'Invalid credentials']);
70 }
71
72 public function logout()
73 {
74 Session::forget('badge_no');
[69e9f5d]75 Session::forget('p_id');
76 Session::forget('pe_id');
[cf84baa]77 Session::forget('is_policeman');
78 return redirect('/login');
79 }
[75151c6]80}
Note: See TracBrowser for help on using the repository browser.