Professional Documents
Culture Documents
otp
otp
{
$request->validate([
'email' => 'required|email',
'password' => 'required|string',
]);
if (Auth::attempt($credentials)) {
$email = $request->email;
$otp = (new Otp)->generate($email, 'alpha_numeric', 7, 15);
return response()->json([
'message' => 'OTP SENT TO YOUR EMAIL ADDRESS',
'otp' => $otp,
'temp_token' => $tempToken
]);
}
$tempToken = $request->temp_token;
$email = Cache::get($tempToken);
if (!$email) {
return response()->json(['message' => 'Invalid or expired temporary
token'], 401);
}
$otp = $request->otp;
$response = (new Otp)->validate($email, $otp);
if ($response->status) {
// Remove the temporary token after successful verification
Cache::forget($tempToken);
Auth::login($user);
$tokens = $user->tokens;
foreach ($tokens as $token) {
$token->revoke();
RefreshToken::where('access_token_id', $token->id)-
>update(['revoked' => true]);
}
$cookie = cookie(
'access_token', $token, 60 * 24 * 7, '/', 'localhost', false,
true // HttpOnly
);
return response()->json([
'token' => $token,
])->cookie($cookie);
}