From 4752b23f359079f5123e5b51f59cf089fb7fdb72 Mon Sep 17 00:00:00 2001 From: TimmensOne Date: Mon, 27 Mar 2023 15:29:49 +0200 Subject: [PATCH 1/3] add user register/login form and authentication --- ChatGPT/HTML Registration Form | 28 ++++++++++ .../app/Http/Controllers/UserController.php | 53 +++++++++++++++++++ device-app/app/Models/Device.php | 17 +++--- device-app/app/Models/User.php | 33 +++++++++--- .../2014_10_12_000000_create_users_table.php | 2 +- .../database/seeders/DatabaseSeeder.php | 41 ++++++-------- device-app/resources/views/layout.blade.php | 5 +- .../resources/views/users/login.blade.php | 25 +++++++++ .../resources/views/users/register.blade.php | 43 +++++++++++++++ device-app/routes/web.php | 21 ++++---- 10 files changed, 216 insertions(+), 52 deletions(-) create mode 100644 ChatGPT/HTML Registration Form create mode 100644 device-app/app/Http/Controllers/UserController.php create mode 100644 device-app/resources/views/users/login.blade.php create mode 100644 device-app/resources/views/users/register.blade.php diff --git a/ChatGPT/HTML Registration Form b/ChatGPT/HTML Registration Form new file mode 100644 index 0000000..570c0d4 --- /dev/null +++ b/ChatGPT/HTML Registration Form @@ -0,0 +1,28 @@ +reate me a simple register form in html with these inputs: rz_username, full_name, organisation_unit, password and password confirmation + +Sure, here's a simple registration form in HTML with the inputs you specified: + +html + +
+ +

+ + +

+ + +

+ + +

+ + +

+ + +
+ +In this form, each input has a label to describe it and a unique id attribute for accessibility and styling purposes. Each input also has a name attribute, which is what will be sent to the server when the form is submitted. + +Note that the password and password_confirm inputs are of type password, which will hide the text the user enters. This is important for security reasons. The required attribute is added to each input to ensure that the user fills out all the required fields before submitting the form. \ No newline at end of file diff --git a/device-app/app/Http/Controllers/UserController.php b/device-app/app/Http/Controllers/UserController.php new file mode 100644 index 0000000..c8495f0 --- /dev/null +++ b/device-app/app/Http/Controllers/UserController.php @@ -0,0 +1,53 @@ +validate([ + 'rz_username' => ['required', Rule::unique('users', 'rz_username')], + 'full_name' => ['required', 'min:3'], + 'organisation_unit' => 'required', + 'password' => 'required|min:6' + //'password' => 'required|confirmed|min:6' + ]); + + // Hash Password + $formFields['hashed_password'] = bcrypt($formFields['password']); + + $user = User::create($formFields); + + auth()->login($user); + return redirect('/home'); + } + + public function login() + { + return view('users.login'); + } + + public function authenticate(Request $request) + { + $formFields = $request->validate([ + 'rz_username' => 'required', + 'password' => 'required' + ]); + + if (auth()->attempt($formFields)) { + $request->session()->regenerate(); + + return redirect('/home'); + } + } +} diff --git a/device-app/app/Models/Device.php b/device-app/app/Models/Device.php index 627f121..bb38700 100644 --- a/device-app/app/Models/Device.php +++ b/device-app/app/Models/Device.php @@ -7,18 +7,21 @@ class Device extends Model { + use HasFactory; + /** - * Timestamps are disabled. - * @var boolean - */ - public $timestamps = false; - /** - * The primary key associated with the table Devices. + * The primary key associated with the devices table. * @var string */ protected $primaryKey = 'device_id'; + /** + * The attributes that are mass assignable. + * + * @var array + */ protected $fillable = ['device_id', 'title', 'device_type', 'description', 'accessories', 'rz_username_buyer', 'serial_number', 'image_url']; - use HasFactory; + //Timestamps are disabled. + public $timestamps = false; } \ No newline at end of file diff --git a/device-app/app/Models/User.php b/device-app/app/Models/User.php index 23b4063..d191d05 100644 --- a/device-app/app/Models/User.php +++ b/device-app/app/Models/User.php @@ -12,25 +12,36 @@ class User extends Authenticatable { use HasApiTokens, HasFactory, Notifiable; + /** + * The primary key associated with the users table. + * @var string + */ + protected $primaryKey = 'rz_username'; + /** * The attributes that are mass assignable. * * @var array */ protected $fillable = [ - 'name', - 'email', - 'password', + 'rz_username', + 'full_name', + 'organisation_unit', + 'has_admin_privileges', + 'hashed_password' ]; + //Timestamps are disabled. + public $timestamps = false; + /** * The attributes that should be hidden for serialization. * * @var array */ protected $hidden = [ - 'password', - 'remember_token', + 'hashed_password', + //'remember_token', ]; /** @@ -38,7 +49,13 @@ class User extends Authenticatable * * @var array */ - protected $casts = [ - 'email_verified_at' => 'datetime', - ]; + //protected $casts = [ + // 'email_verified_at' => 'datetime', + //]; + + //override variable 'password' + public function getAuthPassword() + { + return $this->hashed_password; + } } diff --git a/device-app/database/migrations/2014_10_12_000000_create_users_table.php b/device-app/database/migrations/2014_10_12_000000_create_users_table.php index 9406518..5731486 100644 --- a/device-app/database/migrations/2014_10_12_000000_create_users_table.php +++ b/device-app/database/migrations/2014_10_12_000000_create_users_table.php @@ -15,7 +15,7 @@ public function up(): void $table->string('rz_username')->unique(); $table->string('full_name'); $table->string('organisation_unit'); - $table->boolean('has_admin_privileges'); + $table->boolean('has_admin_privileges')->default(false); $table->string('hashed_password'); }); } diff --git a/device-app/database/seeders/DatabaseSeeder.php b/device-app/database/seeders/DatabaseSeeder.php index 346f4c1..db15d0b 100644 --- a/device-app/database/seeders/DatabaseSeeder.php +++ b/device-app/database/seeders/DatabaseSeeder.php @@ -24,32 +24,21 @@ public function run(): void Device::factory(2)->create(); - //Device::factory()->create([ - // 'device_id' => '1', - // 'title' => 'Test Device One', - // 'device_type' => 'type1', - // 'description' => 'des', - // 'accessories' => 'acc', - // 'rz_username_buyer' => 'rzb', - // 'serial_number' => '123', - // 'image_url' => 'www.url.de' - //]); + User::create([ - //User::create([ - // [ - // 'rz_username' => 'admin', - // 'full_name' => 'Admin', - // 'organisation_unit' => '11111111', - // 'has_admin_privileges' => true, - // 'hashed_password' => 'vollgeheim' - // ], - // [ - // 'rz_username' => 'user', - // 'full_name' => 'User', - // 'organisation_unit' => '66666666', - // 'has_admin_privileges' => false, - // 'hashed_password' => 'test123' - // ] - //]); + 'rz_username' => 'admin', + 'full_name' => 'Admin', + 'organisation_unit' => '11111111', + 'has_admin_privileges' => true, + 'hashed_password' => bcrypt('vollgeheim') + ]); + + User::create([ + 'rz_username' => 'user', + 'full_name' => 'User', + 'organisation_unit' => '66666666', + 'has_admin_privileges' => false, + 'hashed_password' => bcrypt('test123') + ]); } } diff --git a/device-app/resources/views/layout.blade.php b/device-app/resources/views/layout.blade.php index 630b1dc..001735a 100644 --- a/device-app/resources/views/layout.blade.php +++ b/device-app/resources/views/layout.blade.php @@ -8,7 +8,10 @@
diff --git a/device-app/resources/views/users/login.blade.php b/device-app/resources/views/users/login.blade.php new file mode 100644 index 0000000..01572d3 --- /dev/null +++ b/device-app/resources/views/users/login.blade.php @@ -0,0 +1,25 @@ +@extends('layout') + +@section('content') +

Login Form

+
+ @csrf + + + @error('rz_username') +

{{ $message }}

+ @enderror +
+ + + @error('hashed_password') +

{{ $message }}

+ @enderror +
+ +
+

Don't have an account?

+ Register +
+
+@endsection diff --git a/device-app/resources/views/users/register.blade.php b/device-app/resources/views/users/register.blade.php new file mode 100644 index 0000000..e407240 --- /dev/null +++ b/device-app/resources/views/users/register.blade.php @@ -0,0 +1,43 @@ +@extends('layout') + +@section('content') +

Registration Form

+
+ @csrf + + + @error('rz_username') +

{{$message}}

+ @enderror +
+ + + @error('full_name') +

{{$message}}

+ @enderror +
+ + + @error('organisation_unit') +

{{$message}}

+ @enderror +
+ + + @error('password') +

{{$message}}

+ @enderror +
+ {{-- + < + @error('password_confirmation') +

{{$message}}

+ @enderror +
--}} + +
+

Already have an account?

+ Login +
+
+@endsection diff --git a/device-app/routes/web.php b/device-app/routes/web.php index 1d564ad..b76dcd0 100644 --- a/device-app/routes/web.php +++ b/device-app/routes/web.php @@ -1,8 +1,8 @@ Date: Mon, 27 Mar 2023 16:16:47 +0200 Subject: [PATCH 2/3] add logout and authentification --- .../app/Http/Controllers/UserController.php | 10 ++++++++++ device-app/resources/views/layout.blade.php | 15 ++++++++++++--- device-app/routes/web.php | 14 ++++++++------ 3 files changed, 30 insertions(+), 9 deletions(-) diff --git a/device-app/app/Http/Controllers/UserController.php b/device-app/app/Http/Controllers/UserController.php index c8495f0..43a6d22 100644 --- a/device-app/app/Http/Controllers/UserController.php +++ b/device-app/app/Http/Controllers/UserController.php @@ -50,4 +50,14 @@ public function authenticate(Request $request) return redirect('/home'); } } + + public function logout(Request $request) + { + auth()->logout(); + + $request->session()->invalidate(); + $request->session()->regenerateToken(); + + return redirect('/home'); + } } diff --git a/device-app/resources/views/layout.blade.php b/device-app/resources/views/layout.blade.php index 001735a..b7482a3 100644 --- a/device-app/resources/views/layout.blade.php +++ b/device-app/resources/views/layout.blade.php @@ -9,9 +9,18 @@
diff --git a/device-app/routes/web.php b/device-app/routes/web.php index b76dcd0..8908730 100644 --- a/device-app/routes/web.php +++ b/device-app/routes/web.php @@ -22,15 +22,15 @@ // index - show all devices Route::get('/devices', [DeviceController::class, 'index']); // create - show device create form -Route::get('/devices/create', [DeviceController::class, 'create']); +Route::get('/devices/create', [DeviceController::class, 'create'])->middleware('auth'); // store - store new device -Route::post('/devices', [DeviceController::class, 'store']); +Route::post('/devices', [DeviceController::class, 'store'])->middleware('auth'); // edit - show edit form -Route::get('devices/{device}/edit', [DeviceController::class, 'edit']); +Route::get('devices/{device}/edit', [DeviceController::class, 'edit'])->middleware('auth'); // update - update device -Route::put('devices/{device}', [DeviceController::class, 'update']); +Route::put('devices/{device}', [DeviceController::class, 'update'])->middleware('auth'); // destroy - delete device -Route::delete('devices/{device}', [DeviceController::class, 'destroy']); +Route::delete('devices/{device}', [DeviceController::class, 'destroy'])->middleware('auth'); // show - show sigle device Route::get('/devices/{device}', [DeviceController::class, 'show']); @@ -39,6 +39,8 @@ // store - store new user Route::post('/users', [UserController::class, 'store']); // login - show user login form -Route::get('/login', [UserController::class, 'login']); +Route::get('/login', [UserController::class, 'login'])->name('login'); // authenticate - log in user Route::post('/users/authenticate', [UserController::class, 'authenticate']); +// logout - log out user +Route::post('/logout', [UserController::class, 'logout']); From b6d8ecedffdee79953cbe86c6b9f28327ea2e97e Mon Sep 17 00:00:00 2001 From: TimmensOne Date: Mon, 27 Mar 2023 16:50:25 +0200 Subject: [PATCH 3/3] basic authentification (#10) (#17) --- device-app/resources/views/layout.blade.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/device-app/resources/views/layout.blade.php b/device-app/resources/views/layout.blade.php index b7482a3..71b4c80 100644 --- a/device-app/resources/views/layout.blade.php +++ b/device-app/resources/views/layout.blade.php @@ -10,7 +10,7 @@
  • Home
    • @auth -
  • Welcome {{ auth()->user()->name }}
    • +
  • Welcome {{ auth()->user()->full_name }}
  • @csrf