Initial commit

2026-03-10 00:55:37 +03:00
parent fc0f28d830
commit 93a655235a
155 changed files with 24768 additions and 0 deletions
--- a/app/Http/Controllers/Admin/AdminAuthController.php
+++ b/app/Http/Controllers/Admin/AdminAuthController.php
@@ -0,0 +1,66 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Concerns\ManagesCaptcha;
+use App\Http\Controllers\Controller;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class AdminAuthController extends Controller
+{
+    use ManagesCaptcha;
+
+    private const LOGIN_CAPTCHA_CONTEXT = 'admin_login';
+
+    public function showLoginForm(Request $request)
+    {
+        return view('admin.auth.login', [
+            'captchaQuestion' => $this->buildCaptchaQuestion($request, self::LOGIN_CAPTCHA_CONTEXT),
+        ]);
+    }
+
+    public function login(Request $request)
+    {
+        $validated = $request->validate([
+            'email' => ['required', 'email'],
+            'password' => ['required', 'string'],
+            'captcha' => ['required', 'string', 'max:10'],
+        ]);
+
+        if (!$this->captchaIsValid($request, self::LOGIN_CAPTCHA_CONTEXT)) {
+            return back()->withErrors(['captcha' => 'Неверный ответ на капчу.'])->withInput();
+        }
+
+        $credentials = [
+            'email' => $validated['email'],
+            'password' => $validated['password'],
+        ];
+
+        if (!Auth::attempt($credentials, $request->boolean('remember'))) {
+            return back()->withErrors(['email' => 'Неверный email или пароль.'])->withInput();
+        }
+
+        $request->session()->regenerate();
+        $this->clearCaptcha($request, self::LOGIN_CAPTCHA_CONTEXT);
+
+        if (!$request->user()->is_admin) {
+            Auth::logout();
+            $request->session()->invalidate();
+            $request->session()->regenerateToken();
+
+            return back()->withErrors(['email' => 'Доступ разрешен только администраторам.']);
+        }
+
+        return redirect()->route('admin.dashboard');
+    }
+
+    public function logout(Request $request)
+    {
+        Auth::logout();
+        $request->session()->invalidate();
+        $request->session()->regenerateToken();
+
+        return redirect()->route('admin.login');
+    }
+}