Merge pull request #947 from NFDI4Chem/development

Development

.env.ci.test

@@ -82,9 +82,3 @@ TWITTER_CLIENT_SECRET=
 TWITTER_REDIRECT_URL=http://localhost:80/auth/login/twitter/callback
 
 TELESCOPE_ENABLED=false
-
-#Bioschema Properties.
-NMRXIV_PROVIDER=NFDI4Chem
-NMRXIV_PROVIDER_URL=https://www.nfdi4chem.de/
-MEASUREMENT_TECHNIQUE=http://purl.obolibrary.org/obo/CHMO_0000613
-

.env.example

@@ -92,15 +92,9 @@ ORCID_ENVIRONMENT=sandbox
 
 TELESCOPE_ENABLED=false
 
-#Bioschema Properties.
-NMRXIV_PROVIDER=NFDI4Chem
-NMRXIV_PROVIDER_URL=https://www.nfdi4chem.de/
-MEASUREMENT_TECHNIQUE=http://purl.obolibrary.org/obo/CHMO_0000613
-
 #DATACITE Properties
 DOI_HOST=datacite
 DATACITE_USERNAME=
 DATACITE_SECRET=
 DATACITE_PREFIX=
-DATACITE_ENDPOINT=
-
+DATACITE_ENDPOINT=

app/Actions/Project/DeleteProject.php

@@ -37,6 +37,7 @@ public function delete($project)
             if ($draft) {
                 $draft->update(['is_deleted' => true]);
             }
+            $project->name = $project->name.'- deleted';
             $project->deleted_on = Carbon::now();
             $project->is_deleted = true;
             $project->sendNotification('deletion', $this->prepareSendList($project));

app/Actions/Project/RestoreProject.php

@@ -26,6 +26,9 @@ public function restore($project)
             foreach ($project->studies as $study) {
                 $study->datasets()->update(['is_deleted' => false]);
             }
+            $draft = $project->draft;
+            $draft->is_deleted = false;
+            $draft->save();
             $project->is_deleted = false;
             $project->save();
         }

app/Actions/Project/UpdateProject.php

@@ -25,7 +25,6 @@ public function update(Project $project, array $input)
         Validator::make($input, [
             'name' => ['required', 'string', 'max:255',  Rule::unique('projects')
                 ->where('owner_id', $project->owner_id)->ignore($project->id), ],
-            'description' => ['required', 'string', 'min:20'],
             'license' => ['required_if:is_public,"true"'],
         ], $errorMessages)->validate();
 

app/Events/ProjectInvite.php

@@ -3,6 +3,7 @@
 namespace App\Events;
 
 use Illuminate\Broadcasting\PrivateChannel;
+use Illuminate\Contracts\Broadcasting\ShouldBroadcastNow;
 use Illuminate\Foundation\Events\Dispatchable;
 
 class ProjectInvite implements ShouldBroadcastNow

app/Events/StudyInvite.php

@@ -3,6 +3,7 @@
 namespace App\Events;
 
 use Illuminate\Broadcasting\PrivateChannel;
+use Illuminate\Contracts\Broadcasting\ShouldBroadcastNow;
 use Illuminate\Foundation\Events\Dispatchable;
 
 class StudyInvite implements ShouldBroadcastNow

app/Http/Controllers/API/Auth/LoginController.php

@@ -10,8 +10,39 @@
 
 class LoginController extends Controller
 {
+    /**
+     * @OA\Post(
+     * path="/api/auth/login",
+     * summary="Sign in",
+     * description="Login by email and password",
+     * operationId="authLogin",
+     * tags={"auth"},
+     *
+     * @OA\RequestBody(
+     *    required=true,
+     *    description="Pass user credentials",
+     *
+     *    @OA\JsonContent(
+     *       required={"email","password"},
+     *
+     *       @OA\Property(property="email", type="string", format="email", example="[email protected]"),
+     *       @OA\Property(property="password", type="string", format="password", example="secret1234"),
+     *    ),
+     * ),
+     *
+     * @OA\Response(
+     *    response=200,
+     *    description="Successful Operation",
+     *  ),
+     * @OA\Response(
+     *    response=401,
+     *    description="Wrong Credentials Response",
+     *  ),
+     *  )
+     */
     public function login(Request $request): JsonResponse
     {
+
         if (! Auth::attempt($request->only('email', 'password'))) {
             return response()->json([
                 'message' => 'Invalid login details',
@@ -20,6 +51,12 @@ public function login(Request $request): JsonResponse
 
         $user = User::where('email', $request['email'])->firstOrFail();
 
+        if (! $user->hasVerifiedEmail()) {
+            return response()->json([
+                'message' => 'Account is not yet verified. Please verify your email address by clicking on the link we just emailed to you.',
+            ], 403);
+        }
+
         $token = $user->createToken('auth_token')->plainTextToken;
 
         return response()->json([
@@ -28,6 +65,19 @@ public function login(Request $request): JsonResponse
         ]);
     }
 
+    /**
+     *  @OA\Get(
+     *      path="/api/auth/logout",
+     *      summary="Sign out",
+     *      tags={"auth"},
+     *      security={{"sanctum":{}}},
+     *
+     *      @OA\Response(
+     *          response=200,
+     *          description="successful operation"
+     *      ),
+     *  )
+     */
     public function logout(Request $request): JsonResponse
     {
         $request->user()->currentAccessToken()->delete();

app/Http/Controllers/API/Auth/RegisterController.php

@@ -3,36 +3,117 @@
 namespace App\Http\Controllers\API\Auth;
 
 use App\Http\Controllers\Controller;
+use App\Models\Team;
 use App\Models\User;
-use Illuminate\Http\JsonResponse;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Validator;
 
 class RegisterController extends Controller
 {
-    public function register(Request $request): JsonResponse
+    /**
+     * Register
+     *
+     * @OA\Post (
+     *     path="/api/auth/register",
+     *     tags={"auth"},
+     *
+     *     @OA\RequestBody(
+     *
+     *         @OA\MediaType(
+     *             mediaType="application/json",
+     *
+     *             @OA\Schema(
+     *       required={"first_name","last_name","email","password","username"},
+     *
+     *       @OA\Property(property="first_name", type="string", format="first_name", example="Nisha"),
+     *       @OA\Property(property="last_name", type="string", format="last_name", example="Sharma"),
+     *       @OA\Property(property="email", type="string", format="email", example="[email protected]"),
+     *       @OA\Property(property="username", type="string", format="username", example="nis123"),
+     *       @OA\Property(property="orcid_id", type="string", format="orcid_id", example="0009-0006-4755-1039"),
+     *       @OA\Property(property="password", type="string", format="password", example="secret1234"),
+
+     *             )
+     *         )
+     *      ),
+     *
+     *      @OA\Response(
+     *          response=201,
+     *          description="Success",
+     *
+     *          @OA\JsonContent(
+     *
+     *                      @OA\Property(property="success", type="boolean", example=true),
+     *                      @OA\Property(property="message", type="string", example="User creation successful. Kindly confirm your email address by clicking the link sent to your inbox"),
+     *                      @OA\Property(property="access_token", type="string", example="randomtokenasfhajskfhajf398rureuuhfdshk"),
+     *                      @OA\Property(property="token_type", type="string", example="bearer"),
+     *                  )
+     *      ),
+     *
+     * @OA\Response(
+     *    response=422,
+     *    description="Unprocessable Content"
+     * )
+     * )
+     */
+    public function register(Request $request)
     {
-        $validatedData = $request->validate([
-            'name' => 'required|string|max:255',
-            'email' => 'required|string|email|max:255|unique:users',
-            'password' => 'required|string|min:8',
-            'orcid_id' => string,
-            'affiliation' => string,
-        ]);
-
-        $user = User::create([
-            'name' => $validatedData['name'],
-            'email' => $validatedData['email'],
-            'orcid_id' => $validatedData['orcid_id'],
-            'affiliation' => $validatedData['affiliation'],
-            'password' => Hash::make($validatedData['password']),
-        ]);
+        $validateUser = Validator::make($request->all(),
+            [
+                'first_name' => 'required|string|max:255',
+                'last_name' => 'required|string|max:255',
+                'email' => 'required|string|email|max:255|unique:users',
+                'password' => 'required|string|min:8',
+                'username' => 'required|string',
+            ]);
+
+        if ($validateUser->fails()) {
+            return response()->json([
+                'status' => false,
+                'message' => 'validation error',
+                'errors' => $validateUser->errors(),
+            ], 401);
+        }
+
+        $user = DB::transaction(function () use ($request) {
+            return tap(User::create([
+                'name' => $request['first_name'].' '.$request['last_name'],
+                'first_name' => $request['first_name'],
+                'last_name' => $request['last_name'],
+                'email' => $request['email'],
+                'username' => $request['username'],
+                'orcid_id' => $request['orcid_id'],
+                'affiliation' => $request['affiliation'],
+                'password' => Hash::make($request['password']),
+            ]), function (User $user) {
+                $this->createTeam($user);
+                $user->sendEmailVerificationNotification();
+            });
+        });
 
         $token = $user->createToken('auth_token')->plainTextToken;
 
         return response()->json([
+            'success' => true,
+            'message' => 'User creation successful. Kindly confirm your email address by clicking the link sent to your inbox.',
             'access_token' => $token,
             'token_type' => 'Bearer',
-        ]);
+        ],
+            201);
+    }
+
+    /**
+     * Create a personal team for the user.
+     *
+     * @return void
+     */
+    protected function createTeam(User $user)
+    {
+        $user->ownedTeams()->save(Team::forceCreate([
+            'user_id' => $user->id,
+            'name' => explode(' ', $user->first_name.' '.$user->last_name, 2)[0]."'s Team",
+            'personal_team' => true,
+        ]));
     }
 }

app/Http/Controllers/API/Auth/UserController.php

@@ -7,6 +7,19 @@
 
 class UserController extends Controller
 {
+    /**
+     *  @OA\Get(
+     *      path="/api/auth/user/info",
+     *      summary="User info",
+     *      tags={"auth"},
+     *      security={{"sanctum":{}}},
+     *
+     *      @OA\Response(
+     *          response=200,
+     *          description="successful operation"
+     *      ),
+     *  )
+     */
     public function info(Request $request)
     {
         return $request->user();

app/Http/Controllers/API/Auth/VerificationController.php

@@ -0,0 +1,65 @@
+<?php
+
+namespace App\Http\Controllers\API\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use Auth;
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Auth\Events\Verified;
+use Illuminate\Http\Request;
+
+class VerificationController extends Controller
+{
+    public function verify($user_id, Request $request)
+    {
+        if (! $request->hasValidSignature()) {
+            return response()->json(['msg' => 'Invalid/Expired url provided.'], 401);
+        }
+
+        $user = User::findOrFail($user_id);
+
+        if (! hash_equals((string) $request->route('hash'), sha1($user->getEmailForVerification()))) {
+            throw new AuthorizationException;
+        }
+
+        if ($request->user() && $request->user()->getKey() != $user_id) {
+            Auth::logout();
+            throw new AuthorizationException;
+        }
+
+        if (! $user->hasVerifiedEmail()) {
+            if ($user->markEmailAsVerified()) {
+                event(new Verified($user));
+            }
+        }
+
+        return redirect()->route('welcome')->with('success', 'Email verification Successful');
+    }
+
+    /**
+     *  @OA\Get(
+     *      path="/api/auth/email/resend",
+     *      summary="Resend verification email",
+     *      tags={"auth"},
+     *      security={{"sanctum":{}}},
+     *
+     *      @OA\Response(
+     *          response=200,
+     *          description="successful operation"
+     *      ),
+     *  )
+     */
+    public function resend()
+    {
+        if (auth()->user()) {
+            // if (auth()->user()->hasVerifiedEmail()) {
+            //     return response()->json(['msg' => 'Email already verified.'], 400);
+            // }
+
+            auth()->user()->sendEmailVerificationNotification();
+
+            return response()->json(['msg' => 'Email verification link sent on your email id']);
+        }
+    }
+}