add token based api auth

device-app/routes/api.php

@@ -4,8 +4,11 @@ use App\Models\Device;
 use App\Models\LocationTransaction;
 use App\Models\OwnerTransaction;
 use App\Models\PurchasingInformation;
+use App\Models\User;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Hash;
 use Illuminate\Support\Facades\Route;
 
 /*
@@ -19,7 +22,25 @@ use Illuminate\Support\Facades\Route;
 |
 */
 
-Route::get('/export', function () {
+Route::post('/login', function (Request $request) {
+    $fields = $request->validate(
+        [
+            'user' => 'required',
+            'password' => 'required'
+        ]
+
+    );
+    $user = User::where('rz_username', $fields['user'])->first();
+    if (!$user || !Hash::check($fields['password'], $user->hashed_password)) {
+        return response([
+            'message' => 'Bad login'
+        ], 401);
+    }
+    $token = $user->createToken('token');
+    return ['token' => $token->plainTextToken];
+});
+
+Route::middleware('auth:sanctum')->get('/export', function () {
 
     return response()->json([
         'Devices' => Device::all(),
@@ -29,7 +50,7 @@ Route::get('/export', function () {
     ]);
 });
 
-Route::post('/import', function (Request $request) {
+Route::middleware('auth:sanctum')->post('/import', function (Request $request) {
     $data = $request->json()->all();
     $devices = $data['devices'];
     $purchasingInformations = $data['purchasing_information'];