<?php

namespace App\Http\Controllers\Api\V1\User\Auth;

use Exception;
use App\Models\User;
use Illuminate\Http\Request;
use App\Constants\GlobalConst;
use App\Http\Helpers\Response;
use Illuminate\Support\Carbon;
use App\Models\UserPasswordReset;
use Illuminate\Support\Facades\DB;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
use Illuminate\Validation\Rules\Password;
use App\Providers\Admin\BasicSettingsProvider;
use App\Notifications\User\Auth\PasswordResetEmail;

class ForgotPasswordController extends Controller
{
    public function findUserSendCode(Request $request) {
        $validator = Validator::make($request->all(),[
            'credentials'       => "required|string|max:50",
        ]);

        if($validator->fails()) return Response::error($validator->errors()->all(),[]);

        $validated = $validator->validate();

        // Find User
        $column = "username";
        if(check_email($validated['credentials'])) {
            $column = "email";
        }
        $user = User::where($column,$validated['credentials'])->first();
        if(!$user) return Response::error([__('User doesn\'t exists')],[],404);
        if($user->status != GlobalConst::ACTIVE) return Response::error([__('Your account is temporary banded. Please contact with system admin')],[]);

        // send mail to user to verify email
        try{
            $token = generate_unique_string("user_password_resets","token",80);
            $code = generate_random_code();

            UserPasswordReset::where("user_id",$user->id)->delete();
            $password_reset = UserPasswordReset::create([
                'user_id'       => $user->id,
                'token'         => $token,
                'code'          => $code,
            ]);
            try{

                $user->notify(new PasswordResetEmail($user,$password_reset));
            }catch(Exception $e){}
        }catch(Exception $e) {
            return Response::error([__('Something went wrong! Please try again')],[],500);
        }

        return Response::success([__('Verification code sended to your email address')],['token' => $token,'wait_time' => ""],200);
    }

    public function verifyCode(Request $request) {
        $validator = Validator::make($request->all(),[
            'token'         => "required|string|exists:user_password_resets,token",
            'code'          => "required|numeric|exists:user_password_resets,code",
        ]);

        if($validator->fails()) {
            return Response::error($validator->errors()->all(),[]);
        }
        
        $validated = $validator->validate();

        $basic_settings = BasicSettingsProvider::get();
        $otp_exp_seconds = $basic_settings->otp_exp_seconds ?? 0;

        $password_reset = UserPasswordReset::where("token",$validated['token'])->first();

        if(Carbon::now() >= $password_reset->created_at->addSeconds($otp_exp_seconds)) {
            foreach(UserPasswordReset::get() as $item) {
                if(Carbon::now() >= $item->created_at->addSeconds($otp_exp_seconds)) {
                    $item->delete();
                }
            }
            return Response::error([__('Session expired. Please try again')],[],440);
        }

        if($password_reset->code != $validated['code']) {
            return Response::error([__('Verification Otp is Invalid')],[],400);
        }

        // Success
        return Response::success([__('OTP successfully verified!')],['token' => $validated['token'],'wait_time' => ""],200);
    }

    /**
     * Display the specified resource.
     *
     * @param  int  $id
     * @return \Illuminate\Http\Response
     */
    public function resendCode(Request $request)
    {
        $validator = Validator::make($request->all(),[
            'token'     => "required|string|exists:user_password_resets,token"
        ]);

        if($validator->fails()) {
            return Response::error($validator->errors()->all(),[]);
        }
        $validated = $validator->validate();
        $password_reset = UserPasswordReset::where('token',$validated['token'])->first();

        if(!$password_reset) return Response::error([__('Request token is invalid')],[],400);

        if(Carbon::now() <= $password_reset->created_at->addMinutes(GlobalConst::USER_PASS_RESEND_TIME_MINUTE)) {
            return Response::error(['You can resend verification code after '.Carbon::now()->diffInSeconds($password_reset->created_at->addMinutes(GlobalConst::USER_PASS_RESEND_TIME_MINUTE)). ' seconds'],['wait_time' => (string) Carbon::now()->diffInSeconds($password_reset->created_at->addMinutes(GlobalConst::USER_PASS_RESEND_TIME_MINUTE))],400);
        }

        DB::beginTransaction();
        try{
            $update_data = [
                'code'          => generate_random_code(),
                'created_at'    => now(),
                'token'         => $validated['token'],
            ];
            DB::table('user_password_resets')->where('token',$validated['token'])->update($update_data);
            try{

                $password_reset->user->notify(new PasswordResetEmail($password_reset->user,(object) $update_data));
            }catch(Exception $e){}
            DB::commit();
        }catch(Exception $e) {
            DB::rollback();
            return Response::error([__('Something went wrong! Please try again')],[],500);
        }

        return Response::success([__('OTP resend success')],['token' => $validated['token'],'wait_time' => ""],200);
    }

    public function resetPassword(Request $request) {

        $basic_settings = BasicSettingsProvider::get();
        $password_rule = "required|string|min:6|confirmed";
        if($basic_settings->secure_password) {
            $password_rule = ["required",Password::min(8)->letters()->mixedCase()->numbers()->symbols()->uncompromised(),"confirmed"];
        }

        $validator = Validator::make($request->all(),[
            'token'         => "required|string|exists:user_password_resets,token",
            'password'      => $password_rule,
        ]);
        
        if($validator->fails()) {
            return Response::error($validator->errors()->all(),[]);
        }
        $validated = $validator->validate();

        $password_reset = UserPasswordReset::where("token",$validated['token'])->first();
        if(!$password_reset) return Response::error([__('Request token is invalid')],[],400);

        try{
            $password_reset->user->update([
                'password'      => Hash::make($validated['password']),
            ]);
            $password_reset->delete();
        }catch(Exception $e) {
            return Response::error([__('Something went wrong! Please try again')],[],500);
        }

        return Response::success([__('Password reset success')],[],200);
    }
}

• [F] AuthorizationController.php
  Delete
• [F] ForgotPasswordController.php
  Delete
• [F] LoginController.php
  Delete
• [F] RegisterController.php
  Delete

Save Cards

Save Your Card for Quick and Easy Future Payments Online

Simplify your payment experience by securely saving your card on our platform. After your initial transaction, you can choose to store your card details safely for future use. This feature eliminates the need to re-enter your payment information each time, making checkouts faster while keeping your data secure with advanced encryption and robust security measures.

• Navigate to the “Save Card” section.
• Click on “Add Card.”
• Choose your preferred setup method.
• Your card is now saved for future payments.