mirror of
https://github.com/dyzulk/trustlab-api.git
synced 2026-01-26 13:22:05 +07:00
49 lines
1.4 KiB
PHP
49 lines
1.4 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Models\User;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Auth;
|
|
use Illuminate\Support\Facades\Cache;
|
|
|
|
class MagicLinkController extends Controller
|
|
{
|
|
/**
|
|
* Handle Magic Link login
|
|
*/
|
|
public function login(Request $request)
|
|
{
|
|
$token = $request->query('token');
|
|
|
|
if (!$token) {
|
|
return response()->json(['error' => 'Token missing'], 400);
|
|
}
|
|
|
|
$userId = Cache::get("magic_link_{$token}");
|
|
|
|
if (!$userId) {
|
|
return response()->json(['error' => 'Invalid or expired magic link'], 401);
|
|
}
|
|
|
|
$user = User::findOrFail($userId);
|
|
|
|
// Consume token to prevent replay attacks
|
|
Cache::forget("magic_link_{$token}");
|
|
|
|
// Log the user in to the web guard (sets trustlab_session cookie)
|
|
// Since SESSION_DOMAIN is .dyzulk.com, this cookie is shared with the frontend
|
|
Auth::guard('web')->login($user);
|
|
|
|
// Also create a Sanctum token for the frontend to use in headers
|
|
$authToken = $user->createToken('magic_auth_token')->plainTextToken;
|
|
|
|
// Redirect to Frontend Callback
|
|
// The frontend will handle the token and redirect to /dashboard
|
|
$frontendUrl = config('app.frontend_url') ?: 'https://trustlab.dyzulk.com';
|
|
$callbackUrl = "{$frontendUrl}/auth/callback?token={$authToken}";
|
|
|
|
return redirect($callbackUrl);
|
|
}
|
|
}
|