Demo-Project/Laravel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Laravel/app/Http/Controllers/Auth/AuthController.php
David Melendez e25d53d054 init commit
2026-01-14 22:38:44 +01:00

587 lines
20 KiB
PHP
Raw Permalink Blame History

<?php
/**
* Authentication Controller
* Professional Resume Builder - Enterprise Auth System
*
* @author David Valera Melendez <david@valera-melendez.de>
* @created 2025-08-08
* @location Made in Germany 🇩🇪
*/
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Http\Requests\Auth\LoginRequest;
use App\Http\Requests\Auth\RegisterRequest;
use App\Http\Requests\Auth\UpdateProfileRequest;
use App\Interfaces\UserRepositoryInterface;
use App\Services\AuthService;
use App\Services\ProfileCompletionService;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
use Illuminate\View\View;
use Illuminate\Http\JsonResponse;
use Illuminate\Validation\ValidationException;
use Exception;
/**
* Authentication Controller
* Handles user authentication, registration, and session management with repository pattern
*/
class AuthController extends Controller
{
/**
* User repository instance
*/
private UserRepositoryInterface $userRepository;
/**
* AuthService instance
*/
private AuthService $authService;
/**
* Profile completion service instance
*/
private ProfileCompletionService $profileCompletionService;
/**
* Maximum login attempts before lockout
*/
private const MAX_LOGIN_ATTEMPTS = 5;
/**
* Account lockout duration in minutes
*/
private const LOCKOUT_DURATION = 15;
/**
* Create a new controller instance with dependency injection
*/
public function __construct(
UserRepositoryInterface $userRepository,
AuthService $authService,
ProfileCompletionService $profileCompletionService
) {
$this->userRepository = $userRepository;
$this->authService = $authService;
$this->profileCompletionService = $profileCompletionService;
$this->middleware('guest')->except(['logout', 'profile', 'updateProfile', 'activity']);
$this->middleware('auth')->only(['logout', 'profile', 'updateProfile', 'activity']);
}
/**
* Show the login form
*/
public function showLoginForm(): View
{
return view('auth.login', [
'title' => 'Sign In - Professional Resume Builder',
'description' => 'Access your professional resume builder account'
]);
}
/**
* Handle a login request with enhanced maintainability
*
* @param LoginRequest $request
* @return RedirectResponse
*/
public function login(LoginRequest $request): RedirectResponse
{
try {
$credentials = $request->validated();
$loginResult = $this->authService->attemptLogin($credentials);
return $this->handleLoginResult($loginResult, $request);
} catch (ValidationException $e) {
return $this->handleLoginValidationError($e, $request);
} catch (Exception $e) {
return $this->handleLoginSystemError($e, $request);
}
}
/**
* Handle the result of a login attempt
*
* @param array $loginResult
* @param LoginRequest $request
* @return RedirectResponse
*/
private function handleLoginResult(array $loginResult, LoginRequest $request): RedirectResponse
{
if ($loginResult['success']) {
return $this->handleSuccessfulLogin($loginResult, $request);
}
return $this->handleFailedLogin($loginResult, $request);
}
/**
* Handle successful login response
*
* @param array $loginResult
* @param LoginRequest $request
* @return RedirectResponse
*/
private function handleSuccessfulLogin(array $loginResult, LoginRequest $request): RedirectResponse
{
$request->session()->regenerate();
Log::info('User logged in successfully', [
'user_id' => $loginResult['user']->id,
'email' => $loginResult['user']->email,
'ip_address' => $request->ip(),
'user_agent' => $request->userAgent(),
'login_method' => 'standard'
]);
$welcomeMessage = $this->getWelcomeMessage($loginResult['user']);
$redirectUrl = $this->getPostLoginRedirectUrl($loginResult['user']);
return redirect()->intended($redirectUrl)->with('success', $welcomeMessage);
}
/**
* Handle failed login response
*
* @param array $loginResult
* @param LoginRequest $request
* @return RedirectResponse
*/
private function handleFailedLogin(array $loginResult, LoginRequest $request): RedirectResponse
{
$errorMessage = $this->getLoginErrorMessage($loginResult['reason']);
Log::warning('Login attempt failed', [
'email' => $request->input('email'),
'reason' => $loginResult['reason'],
'ip_address' => $request->ip(),
'user_agent' => $request->userAgent()
]);
return back()
->withErrors(['email' => $errorMessage])
->onlyInput('email');
}
/**
* Handle validation errors during login
*
* @param ValidationException $e
* @param LoginRequest $request
* @return RedirectResponse
*/
private function handleLoginValidationError(ValidationException $e, LoginRequest $request): RedirectResponse
{
Log::warning('Login validation error', [
'email' => $request->input('email'),
'errors' => $e->errors(),
'ip_address' => $request->ip()
]);
return back()
->withErrors($e->errors())
->onlyInput('email');
}
/**
* Handle system errors during login
*
* @param Exception $e
* @param LoginRequest $request
* @return RedirectResponse
*/
private function handleLoginSystemError(Exception $e, LoginRequest $request): RedirectResponse
{
Log::error('Login system error', [
'error_message' => $e->getMessage(),
'error_trace' => $e->getTraceAsString(),
'email' => $request->input('email'),
'ip_address' => $request->ip(),
'timestamp' => now()
]);
return back()
->withErrors(['email' => 'A system error occurred. Please try again or contact support.'])
->onlyInput('email');
}
/**
* Get personalized welcome message
*
* @param User $user
* @return string
*/
private function getWelcomeMessage(User $user): string
{
$timeOfDay = $this->getTimeOfDay();
$firstName = $user->first_name ?? 'there';
return "Good {$timeOfDay}, {$firstName}! Welcome back to your professional resume builder.";
}
/**
* Get post-login redirect URL based on user profile and activity state
*
* Intelligently determines the most appropriate landing page based on:
* - Profile completion percentage (incomplete profiles → profile page)
* - Resume creation status (no resumes → dashboard for guidance)
* - Default → main dashboard
*
* @param User $user The authenticated user
* @return string The route name for redirection
*/
private function getPostLoginRedirectUrl(User $user): string
{
$profileCompletion = $this->profileCompletionService->calculateCompletion($user);
if ($profileCompletion < 50) {
return route('profile');
}
$userStats = $this->userRepository->getUserStatistics($user->id);
if (($userStats['resumes_count'] ?? 0) === 0) {
return route('dashboard');
}
return route('dashboard');
}
/**
* Get appropriate error message based on failure reason
*
* @param string $reason
* @return string
*/
private function getLoginErrorMessage(string $reason): string
{
switch ($reason) {
case 'account_locked':
return 'Account is temporarily locked due to too many failed attempts. Please try again later.';
case 'account_inactive':
return 'Your account has been deactivated. Please contact support.';
case 'invalid_credentials':
return 'The provided credentials do not match our records.';
case 'too_many_attempts':
return 'Too many failed attempts. Account has been locked for security.';
case 'rate_limited':
return 'Too many login attempts. Please wait before trying again.';
default:
return 'Login failed. Please check your credentials and try again.';
}
}
/**
* Get time of day greeting
*
* @return string
*/
private function getTimeOfDay(): string
{
$hour = now()->hour;
if ($hour < 12) {
return 'morning';
} elseif ($hour < 17) {
return 'afternoon';
} else {
return 'evening';
}
}
/**
* Show the registration form
*/
public function showRegistrationForm(): View
{
return view('auth.register', [
'title' => 'Create Account - Professional Resume Builder',
'description' => 'Join thousands of professionals creating outstanding resumes'
]);
}
/**
* Handle a registration request
*/
public function register(RegisterRequest $request): RedirectResponse
{
try {
$userData = $request->validated();
$user = $this->authService->createUser($userData);
if ($user) {
Auth::login($user);
// Log successful registration
logger()->info('User registered successfully', [
'user_id' => $user->id,
'email' => $user->email,
'ip' => $request->ip(),
'user_agent' => $request->userAgent()
]);
return redirect()->route('dashboard')
->with('success', 'Welcome! Your account has been created successfully.');
}
return back()->withErrors([
'email' => 'Unable to create account. Please try again.',
])->withInput();
} catch (\Exception $e) {
logger()->error('Registration error', [
'error' => $e->getMessage(),
'email' => $request->input('email'),
'ip' => $request->ip()
]);
return back()->withErrors([
'email' => 'An error occurred during registration. Please try again.',
])->withInput();
}
}
/**
* Handle logout request
*/
public function logout(Request $request): RedirectResponse
{
// Log the logout
logger()->info('User logged out', [
'user_id' => Auth::id(),
'ip' => $request->ip()
]);
Auth::logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return redirect()->route('login')
->with('success', 'You have been successfully logged out.');
}
/**
* Show user profile with comprehensive analytics
*/
public function profile(): View
{
try {
$user = Auth::user();
// Get user statistics from repository
$userStats = $this->userRepository->getUserStatistics($user->id);
// Get profile completion analysis from service
$profileCompletion = $this->profileCompletionService->calculateCompletion($user);
$profileAnalysis = $this->profileCompletionService->getDetailedAnalysis($user);
// Prepare view data
$viewData = [
'title' => 'Profile Settings - Professional Resume Builder',
'user' => $user,
'userStats' => $userStats,
'profileCompletion' => $profileCompletion,
'profileAnalysis' => $profileAnalysis,
'accountSecurity' => [
'two_factor_enabled' => $user->two_factor_secret !== null,
'email_verified' => $user->email_verified_at !== null,
'is_locked' => $this->userRepository->isAccountLocked($user->email)
]
];
// Log profile view for analytics
Log::info('User profile viewed', [
'user_id' => $user->id,
'profile_completion' => $profileCompletion,
'ip_address' => request()->ip(),
'timestamp' => now()
]);
return view('auth.profile', $viewData);
} catch (Exception $e) {
Log::error('Error loading user profile', [
'error_message' => $e->getMessage(),
'user_id' => Auth::id(),
'ip_address' => request()->ip(),
'timestamp' => now()
]);
// Fallback with minimal data
return view('auth.profile', [
'title' => 'Profile Settings',
'user' => Auth::user(),
'userStats' => [],
'profileCompletion' => 0,
'error' => 'Unable to load profile data completely'
]);
}
}
/**
* Update user profile using professional form request validation
*
* Handles comprehensive profile updates with:
* - Repository pattern for data persistence
* - Structured logging for security audit trails
* - Real-time profile completion calculation
* - User-friendly completion status messaging
*
* @param UpdateProfileRequest $request Validated profile update data
* @return RedirectResponse Response with success message or error state
* @throws Exception When profile update fails due to system errors
*/
public function updateProfile(UpdateProfileRequest $request): RedirectResponse
{
try {
$user = Auth::user();
$updateData = $request->validated();
$updatedUser = $this->userRepository->update($user->id, $updateData);
Log::info('User profile updated successfully', [
'user_id' => $user->id,
'updated_fields' => array_keys($updateData),
'ip_address' => $request->ip(),
'user_agent' => $request->userAgent(),
'timestamp' => now()
]);
$completionPercentage = $this->profileCompletionService
->calculateCompletion($updatedUser);
$message = "Profile updated successfully! ";
if ($completionPercentage < 100) {
$message .= "Your profile is {$completionPercentage}% complete.";
} else {
$message .= "Your profile is now 100% complete!";
}
return back()->with('success', $message);
} catch (Exception $e) {
Log::error('Profile update failed', [
'error_message' => $e->getMessage(),
'error_trace' => $e->getTraceAsString(),
'user_id' => Auth::id(),
'request_data' => $request->except(['password', 'password_confirmation']),
'ip_address' => $request->ip(),
'timestamp' => now()
]);
return back()
->withErrors(['error' => 'Unable to update profile. Please try again.'])
->withInput();
}
}
/**
* Retrieve comprehensive user activity and analytics data
*
* Provides detailed activity analytics including:
* - User profile and authentication information
* - Login activity patterns and security metrics
* - Profile completion analysis with detailed breakdown
* - Account security status and recommendations
* - Usage statistics (resumes, templates, exports)
*
* @return JsonResponse Structured activity data with metadata
* @throws Exception When analytics data retrieval fails
*/
public function activity(): JsonResponse
{
try {
$user = Auth::user();
$userStats = $this->userRepository->getUserStatistics($user->id);
$profileCompletion = $this->profileCompletionService
->calculateCompletion($user);
$profileAnalysis = $this->profileCompletionService
->getDetailedAnalysis($user);
$activityData = [
'user_info' => [
'id' => $user->id,
'name' => $user->first_name . ' ' . $user->last_name,
'email' => $user->email,
'member_since' => $user->created_at->format('F Y'),
'account_status' => $user->status ?? 'active'
],
'login_activity' => [
'last_login' => $user->last_login_at ? $user->last_login_at->format('Y-m-d H:i:s') : null,
'last_login_ip' => $user->last_login_ip,
'total_logins' => $userStats['total_logins'] ?? 0,
'failed_attempts' => $user->login_attempts ?? 0
],
'profile_metrics' => [
'completion_percentage' => $profileCompletion,
'completed_fields' => $profileAnalysis['completed_fields'],
'missing_fields' => $profileAnalysis['missing_fields'],
'completion_score' => $profileAnalysis['weighted_score']
],
'account_security' => [
'two_factor_enabled' => $user->two_factor_secret !== null,
'email_verified' => $user->email_verified_at !== null,
'password_updated' => $user->password_updated_at ? $user->password_updated_at->format('Y-m-d') : null,
'is_locked' => $this->userRepository->isAccountLocked($user->email)
],
'activity_summary' => [
'resumes_created' => $userStats['resumes_count'] ?? 0,
'templates_used' => $userStats['templates_used'] ?? 0,
'exports_generated' => $userStats['exports_count'] ?? 0,
'profile_views' => $userStats['profile_views'] ?? 0
]
];
Log::info('User activity data requested', [
'user_id' => $user->id,
'ip_address' => request()->ip(),
'timestamp' => now()
]);
return response()->json([
'success' => true,
'data' => $activityData,
'meta' => [
'generated_at' => now()->toISOString(),
'version' => '1.0'
]
]);
} catch (Exception $e) {
Log::error('Failed to retrieve user activity data', [
'error_message' => $e->getMessage(),
'user_id' => Auth::id(),
'ip_address' => request()->ip(),
'timestamp' => now()
]);
return response()->json([
'success' => false,
'message' => 'Unable to retrieve activity data',
'error' => app()->environment('local') ? $e->getMessage() : 'Internal server error'
], 500);
}
}
/**
* Show forgot password form
*/
public function showForgotPasswordForm(): View
{
return view('auth.forgot-password', [
'title' => 'Reset Password - Professional Resume Builder',
'description' => 'Enter your email to receive password reset instructions'
]);
}
}
Reference in New Issue View Git Blame Copy Permalink