Update pro login implementation

app/Http/Controllers/HomeController.php

@@ -2,14 +2,18 @@
 
 namespace App\Http\Controllers;
 
+use App\Lib\Backend;
 use DateTime;
 
 use App\Models\Client;
 use App\Models\Bill;
 use App\Models\Note;
 use App\Models\ProTransaction;
+use GuzzleHttp\Cookie\CookieJar;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Cookie;
 use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Http;
 
 class HomeController extends Controller
 {
@@ -29,6 +33,111 @@ class HomeController extends Controller
         return view('app/set_security_questions');
     }
 
+    public function postConfirmSmsAuthToken(Request $request) {
+
+        try {
+
+            $url = env('BACKEND_URL', 'http://localhost:8080') . '/session/confirmSmsAuthToken';
+
+            $data = [
+                'cellNumber' => $request->input('cellNumber'),
+                'token' => $request->input('token'),
+            ];
+
+            $response = Http::asForm()
+                ->withHeaders(['sessionKey'=>$request->cookie('sessionKey')])
+                ->post($url, $data)
+                ->json();
+
+            if(!isset($response['success']) || !$response['success']){
+                $message = 'API error';
+                if(isset($response['error'])) {
+                    $message = $response['error'];
+                    if(isset($response['path'])) $message .= ': ' . $response['path'];
+                }
+                else if(isset($response['message'])) $message = $response['message'];
+                return redirect('/confirm_sms_auth_token')
+                    ->withInput()
+                    ->with('message', $message);
+            }
+
+            return redirect('/');
+
+        } catch (\Exception $e) {
+            return redirect()->back()->with('message', $e->getMessage());
+        }
+    }
+    public function postSetPassword(Request $request) {
+        try {
+
+            $url = env('BACKEND_URL', 'http://localhost:8080') . '/pro/selfPutPassword';
+
+            $data = [
+                'newPassword' => $request->input('newPassword'),
+                'newPasswordConfirmation' => $request->input('newPasswordConfirmation'),
+            ];
+
+            $response = Http::asForm()
+                ->withHeaders(['sessionKey'=>$request->cookie('sessionKey')])
+                ->post($url, $data)
+                ->json();
+
+            if(!isset($response['success']) || !$response['success']){
+                $message = 'API error';
+                if(isset($response['error'])) {
+                    $message = $response['error'];
+                    if(isset($response['path'])) $message .= ': ' . $response['path'];
+                }
+                else if(isset($response['message'])) $message = $response['message'];
+                return redirect('/set_password')
+                    ->withInput()
+                    ->with('message', $message);
+            }
+
+            return redirect('/');
+
+        } catch (\Exception $e) {
+            return redirect()->back()->with('message', $e->getMessage());
+        }
+    }
+    public function postSetSecurityQuestions(Request $request) {
+
+        try {
+
+            $url = env('BACKEND_URL', 'http://localhost:8080') . '/pro/selfPutSecurityQuestions';
+
+            $data = [
+                'securityQuestion1' => $request->input('securityQuestion1'),
+                'securityAnswer1' => $request->input('securityAnswer1'),
+                'securityQuestion2' => $request->input('securityQuestion2'),
+                'securityAnswer2' => $request->input('securityAnswer2'),
+            ];
+
+            $response = Http::asForm()
+                ->withHeaders(['sessionKey'=>$request->cookie('sessionKey')])
+                ->post($url, $data)
+                ->json();
+
+            if(!isset($response['success']) || !$response['success']){
+                $message = 'API error';
+                if(isset($response['error'])) {
+                    $message = $response['error'];
+                    if(isset($response['path'])) $message .= ': ' . $response['path'];
+                }
+                else if(isset($response['message'])) $message = $response['message'];
+                return redirect('/set_password')
+                    ->withInput()
+                    ->with('message', $message);
+            }
+
+            return redirect('/');
+
+        } catch (\Exception $e) {
+            return redirect()->back()->with('message', $e->getMessage());
+        }
+
+    }
+
     public function dashboard(Request $request)
     {
 

app/Http/Middleware/ProAuthenticated.php

@@ -17,15 +17,15 @@ class ProAuthenticated
     public function handle($request, Closure $next)
     {
         $sessionKey = $request->cookie('sessionKey');
-        $appSession = AppSession::where(['session_key' => $sessionKey, 'is_active' => true])->first();
+        $appSession = AppSession::where('session_key', $sessionKey)->where('is_active', true)->first();
         $authenticated = $sessionKey && $appSession;
+        $currentRouteName = $request->route()->getName();
 
         if (!$authenticated) {
             return redirect()->route('login');
         }
 
         // - is_two_step_sms_auth_completed
-        $currentRouteName = $request->route()->getName();
         if (!$appSession->is_two_step_sms_auth_completed) {
             if ($currentRouteName != 'confirm_sms_auth_token') {
                 return redirect()->route('confirm_sms_auth_token');
@@ -34,18 +34,19 @@ class ProAuthenticated
         }
 
         // - is_password_temporary
-        if (!$appSession->is_password_temporary) {
+        if (!!$appSession->pro->is_password_temporary) {
             if ($currentRouteName != 'set_password') {
                 return redirect()->route('set_password');
             }
             return $next($request);
         }
+
         // - are_security_questions_set
-        if (!$appSession->are_security_questions_set) {
+        if (!$appSession->pro->are_security_questions_set) {
             if ($currentRouteName != 'set_security_questions') {
                 return redirect()->route('set_security_questions');
             }
-            return $next($request());
+            return $next($request);
         }
 
         return $next($request);

resources/views/app/confirm_sms_auth_token.blade.php

@@ -4,17 +4,23 @@
 
 <div class="card border-0 rounded-0 mcp-theme-1 bg-transparent">
     <div class="card-header text-center font-weight-bold">
-        Confirm Cell Phone
+        2-Step Verification
     </div>
     <div class="card-body bg-transparent">
-        <form action="/api/pro/confirmSmsAuthToken" method="POST">
+        @if(session()->has('message'))
+            <div class="alert alert-danger">
+                {{session('message')}}
+            </div>
+        @endif
+        <form action="/confirm_sms_auth_token" method="POST">
+            @csrf
             <div class="form-group">
                 <label for="" class="control-label mb-1 text-secondary">Cell Number *</label>
-                <input type="text" class="form-control" value="{{$pro->cell_number}}" readonly>
+                <input type="text" class="form-control" value="{{$pro->cell_number}}" name="cellNumber" readonly required>
             </div>
             <div class="form-group">
                 <label for="" class="control-label mb-1 text-secondary d-flex align-items-center">Token * <span class="ml-auto text-sm">(sent to your phone)</span></label>
-                <input autofocus type="text" class="form-control">
+                <input autofocus type="text" class="form-control" name="token" required>
             </div>
             <div class="form-group mb-0 text-center">
                 <button class="btn btn-primary btn-sm px-4 py-2">Submit</button>

resources/views/app/set_password.blade.php

@@ -1,8 +1,32 @@
-@extends ('layouts.template')
+@extends ('layouts.auth')
 
 @section('content')
-<h1>Your have a temporary password. Set the password</h1>
 
-<form action=""></form>
-@endsection
+    <div class="card border-0 rounded-0 mcp-theme-1 bg-transparent">
+        <div class="card-header text-center font-weight-bold">
+            Set New Password
+        </div>
+        <div class="card-body bg-transparent">
+            @if(session()->has('message'))
+                <div class="alert alert-danger">
+                    {{session('message')}}
+                </div>
+            @endif
+            <form action="/set_password" method="POST">
+                @csrf
+                <div class="form-group">
+                    <label for="" class="control-label mb-1 text-secondary">Password *</label>
+                    <input autofocus type="password" class="form-control" value="" name="newPassword" required>
+                </div>
+                <div class="form-group">
+                    <label for="" class="control-label mb-1 text-secondary d-flex align-items-center">Confirm Password *</label>
+                    <input type="password" class="form-control" name="newPasswordConfirmation" required>
+                </div>
+                <div class="form-group mb-0 text-center">
+                    <button class="btn btn-primary btn-sm px-4 py-2">Submit</button>
+                </div>
+            </form>
+        </div>
+    </div>
 
+@endsection

resources/views/app/set_security_questions.blade.php

@@ -1,6 +1,40 @@
-@extends ('layouts.template')
+@extends ('layouts.auth')
 
 @section('content')
-<h1>You do not have security questions. Set security questions.</h1>
-<form action=""></form>
+
+    <div class="card border-0 rounded-0 mcp-theme-1 bg-transparent">
+        <div class="card-header text-center font-weight-bold">
+            Setup Security Questions
+        </div>
+        <div class="card-body bg-transparent">
+            @if(session()->has('message'))
+                <div class="alert alert-danger">
+                    {{session('message')}}
+                </div>
+            @endif
+            <form action="/set_security_questions" method="POST">
+                @csrf
+                <div class="form-group">
+                    <label for="" class="control-label mb-1 text-secondary">Security Question 1 *</label>
+                    <input autofocus type="text" class="form-control" value="" name="securityQuestion1" required>
+                </div>
+                <div class="form-group">
+                    <label for="" class="control-label mb-1 text-secondary">Security Answer 1 *</label>
+                    <input type="text" class="form-control" value="" name="securityAnswer1" required>
+                </div>
+                <div class="form-group">
+                    <label for="" class="control-label mb-1 text-secondary">Security Question 2 *</label>
+                    <input type="text" class="form-control" value="" name="securityQuestion2" required>
+                </div>
+                <div class="form-group">
+                    <label for="" class="control-label mb-1 text-secondary">Security Answer 2 *</label>
+                    <input type="text" class="form-control" value="" name="securityAnswer2" required>
+                </div>
+                <div class="form-group mb-0 text-center">
+                    <button class="btn btn-primary btn-sm px-4 py-2">Submit</button>
+                </div>
+            </form>
+        </div>
+    </div>
+
 @endsection

resources/views/layouts/auth.blade.php

@@ -13,8 +13,13 @@
     <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.1/css/all.min.css">
     <link href="{{ asset('/css/app.css') }}" rel="stylesheet">
     <link href="{{ asset('/css/style.css') }}" rel="stylesheet">
+
+    <script src="https://code.jquery.com/jquery-3.5.1.min.js" integrity="sha256-9/aliU8dGd2tb6OSsuzixeV4y/faTqgFtohetphbbj0=" crossorigin="anonymous"></script>
+
+    <link rel="stylesheet" href="{{ asset('/css/toastr.min.css') }}">
+    <script src="{{ asset('js/toastr.min.js') }}" type="application/javascript"></script>
 </head>
-<body class="hold-transition login-page">
+<body class="hold-transition login-page bg-light">
 
 <style>
     .auth-branding {

routes/web.php

@@ -25,13 +25,20 @@ Route::get('login', 'LoginController@showLoginForm')->name('login');
 Route::post('login', 'LoginController@login');
 Route::post('logout', 'LoginController@logout')->name('logout');
 
+Route::post('/confirm_sms_auth_token', 'HomeController@postConfirmSmsAuthToken')->name('post-confirm_sms_auth_token');
+Route::post('/set_password', 'HomeController@postSetPassword')->name('post-set_password');
+Route::post('/set_security_questions', 'HomeController@postSetSecurityQuestions')->name('post-set_security_questions');
+
 Route::middleware('pro.auth')->group(function () {
 
     //complete authentication
+
     Route::get('/confirm_sms_auth_token', 'HomeController@confirmSmsAuthToken')->name('confirm_sms_auth_token');
+
     Route::get('/set_password', 'HomeController@setPassword')->name('set_password');
+
     Route::get('/set_security_questions', 'HomeController@setSecurityQuestions')->name('set_security_questions');
-    
+
     Route::get('/blank', 'HomeController@blank')->name('blank');
 
     Route::get('/', 'HomeController@dashboard')->name('dashboard');