diff --git a/backend/app/Http/Controllers/Api/FathersController.php b/backend/app/Http/Controllers/Api/FathersController.php index 77f363ad..2a26f7f4 100644 --- a/backend/app/Http/Controllers/Api/FathersController.php +++ b/backend/app/Http/Controllers/Api/FathersController.php @@ -13,7 +13,37 @@ use App\Models\FatherRelation; use App\Models\EmailActivations; class FathersController extends Controller { - public function login () {} + protected $guard = 'fathers'; + + public function login (Request $r) { + $validate = Validator::make($r->all(), [ + 'email' => 'required|max:255|email', + 'password' => 'required|min:8|max:72', + ]); + + if ($validate->fails()) { + // バリデーションエラー + return ['status_code' => 422, 'error_messages' => $validate->errors()]; + } + + // 存在しない場合 + if (null === ($father = Father::select('id', 'email', 'password')->where('email', $r->email)->first())) { + return ['status_code' => 400, 'error_message' => ['このアカウントが存在しません。']]; + } + + // パスワードが異なる場合 + if (!Hash::check($r->password, $father->password)) { + return ['status_code' => 400, 'error_message' => ['ログインに失敗しました。10回連続で失敗すると、一定期間ログインできなくなります。']]; + } + + // セッションを想像する + if (Auth::guard($this->guard)->attempt($r->all())) { + Session::put('father_email', $father->email); + Session::save(); + } + + return ['status_code' => 200]; + } public function requestPassword () {} diff --git a/backend/app/Http/Middleware/Authenticate.php b/backend/app/Http/Middleware/Authenticate.php index 81fad3d6..37834c86 100644 --- a/backend/app/Http/Middleware/Authenticate.php +++ b/backend/app/Http/Middleware/Authenticate.php @@ -20,11 +20,23 @@ class Authenticate extends Middleware } public function handle ($request, Closure $next, ...$guard) { - if (!session()->has('admin_email') && $request->path() != 'admin/login') { - return redirect('/admin/login'); + $part = explode('/', $request->path()); + if ($part[0] == 'admin') { + if (!session()->has('admin_email') && $request->path() != 'admin/login') { + return redirect('/admin/login'); + } + else if (session()->has('admin_email') && $request->path() == 'admin/login') { + return redirect('/admin/meeting'); + } } - else if (session()->has('admin_email') && $request->path() == 'admin/login') { - return redirect('/admin/meeting'); + + if ($part[0] == 'p-account') { + if (!session()->has('father_email') && $request->path() != 'p-account/login') { + return redirect('/p-account/login'); + } + else if (session()->has('father_email') && $request->path() == 'p-account/login') { + return redirect('/p-account/meeting'); + } } return $next($request); diff --git a/backend/app/Models/Father.php b/backend/app/Models/Father.php index 322bd04f..e8fe2fbc 100644 --- a/backend/app/Models/Father.php +++ b/backend/app/Models/Father.php @@ -8,5 +8,6 @@ use Illuminate\Foundation\Auth\User as Authenticatable; class Father extends Authenticatable { use HasFactory; + protected $fillable = ['email', 'password']; protected $hidden = ['password']; } diff --git a/backend/routes/api.php b/backend/routes/api.php index fbb3db89..17316279 100644 --- a/backend/routes/api.php +++ b/backend/routes/api.php @@ -65,105 +65,103 @@ Route::group(['prefix' => 'admin'], function () { Route::delete('/delete/{meeting_id}', '\App\Http\Controllers\Api\MeetingApprovalsController@delete'); }); }); - }); +}); - // ContactsController - //// 不明 - Route::post('/contacts/register', '\App\Http\Controllers\Api\ContactsController@register'); +// ContactsController +Route::post('/contacts/register', '\App\Http\Controllers\Api\ContactsController@register'); - Route::group(['prefix' => 'fathers'], function () { - // FathersController - Route::post('/registerMain', '\App\Http\Controllers\Api\FathersController@registerMain')->name('fatherregistermain'); - Route::post('/requestPassword', '\App\Http\Controllers\Api\FathersController@requestPassword')->name('fatherrequestpassword'); - // Route::post('/login', '\App\Http\Controllers\Api\FathersController@login')->name('fatherlogin'); +Route::group(['prefix' => 'fathers'], function () { + // FathersController + Route::post('/registerMain', '\App\Http\Controllers\Api\FathersController@registerMain')->name('fatherregistermain'); + Route::post('/requestPassword', '\App\Http\Controllers\Api\FathersController@requestPassword')->name('fatherrequestpassword'); + Route::post('/login', '\App\Http\Controllers\Api\FathersController@login')->name('fatherlogin'); - Route::group(['middleware' => 'auth:fathers'], function () { - Route::put('/updateImage/{father_id}', '\App\Http\Controllers\Api\FathersController@updateImage'); - Route::put('/updateProfile/{father_id}', '\App\Http\Controllers\Api\FathersController@updateProfile'); - Route::put('/updatePassword/{father_id}', '\App\Http\Controllers\Api\FathersController@updatePassword'); - Route::delete('/withdrawal', '\App\Http\Controllers\Api\FathersController@withdrawal'); + Route::group(['middleware' => 'auth:fathers'], function () { + Route::put('/updateImage/{father_id}', '\App\Http\Controllers\Api\FathersController@updateImage'); + Route::put('/updateProfile/{father_id}', '\App\Http\Controllers\Api\FathersController@updateProfile'); + Route::put('/updatePassword/{father_id}', '\App\Http\Controllers\Api\FathersController@updatePassword'); + Route::delete('/withdrawal', '\App\Http\Controllers\Api\FathersController@withdrawal'); - // ChildrenController - Route::group(['prefix' => 'children'], function () { - Route::get('/listOfFather', '\App\Http\Controllers\Api\ChildrenController@listOfFather'); - Route::get('/listOfMeeting', '\App\Http\Controllers\Api\ChildrenController@listOfMeeting'); - Route::post('/listOfMeetingNotifyUnapprovel', '\App\Http\Controllers\Api\ChildrenController@listOfMeetingNotifyUnapprovel'); - Route::post('/listOfMeetingNotifyApprovel', '\App\Http\Controllers\Api\ChildrenController@listOfMeetingNotifyApprovel'); - Route::get('/detail/{child_id}', '\App\Http\Controllers\Api\ChildrenController@detail'); + // ChildrenController + Route::group(['prefix' => 'children'], function () { + Route::get('/listOfFather', '\App\Http\Controllers\Api\ChildrenController@listOfFather'); + Route::get('/listOfMeeting', '\App\Http\Controllers\Api\ChildrenController@listOfMeeting'); + Route::post('/listOfMeetingNotifyUnapprovel', '\App\Http\Controllers\Api\ChildrenController@listOfMeetingNotifyUnapprovel'); + Route::post('/listOfMeetingNotifyApprovel', '\App\Http\Controllers\Api\ChildrenController@listOfMeetingNotifyApprovel'); + Route::get('/detail/{child_id}', '\App\Http\Controllers\Api\ChildrenController@detail'); + }); + + // MeetingsController + Route::group(['prefix' => 'meetings'], function () { + Route::post('/register', '\App\Http\Controllers\Api\MeetingsController@register'); + Route::post('/registerFavorite', '\App\Http\Controllers\Api\MeetingsController@registerFavorite'); + Route::get('/listOfCompleteOfFather', '\App\Http\Controllers\Api\MeetingsController@listOfCompleteOfFather'); + Route::get('/listOfIncompleteOfFather', '\App\Http\Controllers\Api\MeetingsController@listOfIncompleteOfFather'); + Route::get('/listOfFavoriteOfFather', '\App\Http\Controllers\Api\MeetingsController@listOfFavoriteOfFather'); + Route::get('/listOfNonFavoriteOfFather', '\App\Http\Controllers\Api\MeetingsController@listOfNonFavoriteOfFather'); + Route::get('/searchOfCompleteOfFather', '\App\Http\Controllers\Api\MeetingsController@searchOfCompleteOfFather'); + Route::get('/searchOfIncompleteOfFather', '\App\Http\Controllers\Api\MeetingsController@searchOfIncompleteOfFather'); + Route::get('/detail/{meeting_id}', '\App\Http\Controllers\Api\MeetingsController@detail'); + Route::put('/update/{meeting_id}', '\App\Http\Controllers\Api\MeetingsController@update'); + Route::delete('/delete/{meeting_id}', '\App\Http\Controllers\Api\MeetingsController@delete'); + + // MeetingImagesController + Route::group(['prefix' => 'images'], function () { + Route::post('/register', '\App\Http\Controllers\Api\MeetingImagesController@register'); + Route::delete('/delete/{meeting_id}', '\App\Http\Controllers\Api\MeetingImagesController@delete'); }); - // MeetingsController - Route::group(['prefix' => 'meetings'], function () { - Route::post('/register', '\App\Http\Controllers\Api\MeetingsController@register'); - Route::post('/registerFavorite', '\App\Http\Controllers\Api\MeetingsController@registerFavorite'); - Route::get('/listOfCompleteOfFather', '\App\Http\Controllers\Api\MeetingsController@listOfCompleteOfFather'); - Route::get('/listOfIncompleteOfFather', '\App\Http\Controllers\Api\MeetingsController@listOfIncompleteOfFather'); - Route::get('/listOfFavoriteOfFather', '\App\Http\Controllers\Api\MeetingsController@listOfFavoriteOfFather'); - Route::get('/listOfNonFavoriteOfFather', '\App\Http\Controllers\Api\MeetingsController@listOfNonFavoriteOfFather'); - Route::get('/searchOfCompleteOfFather', '\App\Http\Controllers\Api\MeetingsController@searchOfCompleteOfFather'); - Route::get('/searchOfIncompleteOfFather', '\App\Http\Controllers\Api\MeetingsController@searchOfIncompleteOfFather'); - Route::get('/detail/{meeting_id}', '\App\Http\Controllers\Api\MeetingsController@detail'); - Route::put('/update/{meeting_id}', '\App\Http\Controllers\Api\MeetingsController@update'); - Route::delete('/delete/{meeting_id}', '\App\Http\Controllers\Api\MeetingsController@delete'); - - // MeetingImagesController - Route::group(['prefix' => 'images'], function () { - Route::post('/register', '\App\Http\Controllers\Api\MeetingImagesController@register'); - Route::delete('/delete/{meeting_id}', '\App\Http\Controllers\Api\MeetingImagesController@delete'); - }); - - // MeetingApprovalsController - Route::group(['prefix' => 'approvals'], function () { - // Route::post('/register/{meeting_id}', '\App\Http\Controllers\Api\MeetingApprovalsController@register'); - // Route::delete('/delete/{meeting_id}', '\App\Http\Controllers\Api\MeetingApprovalsController@delete'); - Route::post('/listChildrenOfMeeting', '\App\Http\Controllers\Api\MeetingApprovalsController@listChildrenOfMeeting'); - Route::get('/listChildrenOfApprovel', '\App\Http\Controllers\Api\MeetingApprovalsController@listChildrenOfApprovel'); - Route::get('/listChildrenOfUnapprovel', '\App\Http\Controllers\Api\MeetingApprovalsController@listChildrenOfUnapprovel'); - }); - }); - - // FatherRelationsController - Route::group(['prefix' => 'relations'], function () { - Route::post('/register', '\App\Http\Controllers\Api\FatherRelationsController@register'); - Route::put('/updateHireDate/{child_id}', '\App\Http\Controllers\Api\FatherRelationsController@updateHireDate'); - Route::delete('/deleteRelationChild/{child_id}', '\App\Http\Controllers\Api\FatherRelationsController@deleteRelationChild'); + // MeetingApprovalsController + Route::group(['prefix' => 'approvals'], function () { + // Route::post('/register/{meeting_id}', '\App\Http\Controllers\Api\MeetingApprovalsController@register'); + // Route::delete('/delete/{meeting_id}', '\App\Http\Controllers\Api\MeetingApprovalsController@delete'); + Route::post('/listChildrenOfMeeting', '\App\Http\Controllers\Api\MeetingApprovalsController@listChildrenOfMeeting'); + Route::get('/listChildrenOfApprovel', '\App\Http\Controllers\Api\MeetingApprovalsController@listChildrenOfApprovel'); + Route::get('/listChildrenOfUnapprovel', '\App\Http\Controllers\Api\MeetingApprovalsController@listChildrenOfUnapprovel'); }); }); + + // FatherRelationsController + Route::group(['prefix' => 'relations'], function () { + Route::post('/register', '\App\Http\Controllers\Api\FatherRelationsController@register'); + Route::put('/updateHireDate/{child_id}', '\App\Http\Controllers\Api\FatherRelationsController@updateHireDate'); + Route::delete('/deleteRelationChild/{child_id}', '\App\Http\Controllers\Api\FatherRelationsController@deleteRelationChild'); + }); }); +}); - // ChildrenController - Route::group(['prefix' => 'children'], function () { - Route::post('/registerTemporary', '\App\Http\Controllers\Api\ChildrenController@registerTemporary')->name('childrenregistertemporary'); - Route::post('/registerMain', '\App\Http\Controllers\Api\ChildrenController@registerMain')->name('childrenregistermain'); - // Route::post('/requestPassword', '\App\Http\Controllers\Api\ChildrenController@requestPassword')->name('childrenrequestpassword'); - // Route::post('/login', '\App\Http\Controllers\Api\ChildrenController@login')->name('childrenlogin'); +// ChildrenController +Route::group(['prefix' => 'children'], function () { + Route::post('/registerTemporary', '\App\Http\Controllers\Api\ChildrenController@registerTemporary')->name('childrenregistertemporary'); + Route::post('/registerMain', '\App\Http\Controllers\Api\ChildrenController@registerMain')->name('childrenregistermain'); + // Route::post('/requestPassword', '\App\Http\Controllers\Api\ChildrenController@requestPassword')->name('childrenrequestpassword'); + // Route::post('/login', '\App\Http\Controllers\Api\ChildrenController@login')->name('childrenlogin'); - Route::group(['middleware' => 'auth:children'], function () { - Route::get('/detail/{child_id}', '\App\Http\Controllers\Api\ChildrenController@detail'); - Route::put('/updateImage/{child_id}', '\App\Http\Controllers\Api\ChildrenController@updateImage'); - Route::put('/updateProfile/{child_id}', '\App\Http\Controllers\Api\ChildrenController@updateProfile'); - Route::put('/updatePassword/{child_id}', '\App\Http\Controllers\Api\ChildrenController@updatePassword'); - Route::delete('/withdrawal', '\App\Http\Controllers\Api\ChildrenController@withdrawal'); + Route::group(['middleware' => 'auth:children'], function () { + Route::get('/detail/{child_id}', '\App\Http\Controllers\Api\ChildrenController@detail'); + Route::put('/updateImage/{child_id}', '\App\Http\Controllers\Api\ChildrenController@updateImage'); + Route::put('/updateProfile/{child_id}', '\App\Http\Controllers\Api\ChildrenController@updateProfile'); + Route::put('/updatePassword/{child_id}', '\App\Http\Controllers\Api\ChildrenController@updatePassword'); + Route::delete('/withdrawal', '\App\Http\Controllers\Api\ChildrenController@withdrawal'); - // FathersController - Route::group(['prefix' => 'fathers'], function () { - Route::get('/listOfChild', '\App\Http\Controllers\Api\FathersController@listOfChild'); - Route::get('/detail/{father_id}', '\App\Http\Controllers\Api\FathersController@detail'); - }); + // FathersController + Route::group(['prefix' => 'fathers'], function () { + Route::get('/listOfChild', '\App\Http\Controllers\Api\FathersController@listOfChild'); + Route::get('/detail/{father_id}', '\App\Http\Controllers\Api\FathersController@detail'); + }); - // MeetingsController - Route::group(['prefix' => 'meetings'], function () { - Route::get('/listOfApprovalOfChild', '\App\Http\Controllers\Api\MeetingsController@listOfApprovalOfChild'); - Route::get('/listOfNonApprovalOfChild', '\App\Http\Controllers\Api\MeetingsController@listOfNonApprovalOfChild'); - Route::get('/searchOfApprovalOfChild', '\App\Http\Controllers\Api\MeetingsController@searchOfApprovalOfChild'); - Route::get('/searchOfNonApprovalOfChild', '\App\Http\Controllers\Api\MeetingsController@searchOfNonApprovalOfChild'); - Route::get('/detail/{meeting_id}', '\App\Http\Controllers\Api\MeetingsController@detail'); + // MeetingsController + Route::group(['prefix' => 'meetings'], function () { + Route::get('/listOfApprovalOfChild', '\App\Http\Controllers\Api\MeetingsController@listOfApprovalOfChild'); + Route::get('/listOfNonApprovalOfChild', '\App\Http\Controllers\Api\MeetingsController@listOfNonApprovalOfChild'); + Route::get('/searchOfApprovalOfChild', '\App\Http\Controllers\Api\MeetingsController@searchOfApprovalOfChild'); + Route::get('/searchOfNonApprovalOfChild', '\App\Http\Controllers\Api\MeetingsController@searchOfNonApprovalOfChild'); + Route::get('/detail/{meeting_id}', '\App\Http\Controllers\Api\MeetingsController@detail'); - // MeetingApprovalsController - Route::group(['prefix' => 'approvals'], function () { - Route::post('/registerApproval', '\App\Http\Controllers\Api\MeetingApprovalsController@registerApproval'); - }); + // MeetingApprovalsController + Route::group(['prefix' => 'approvals'], function () { + Route::post('/registerApproval', '\App\Http\Controllers\Api\MeetingApprovalsController@registerApproval'); }); }); }); diff --git a/backend/routes/web.php b/backend/routes/web.php index bf8dff40..285f24f1 100644 --- a/backend/routes/web.php +++ b/backend/routes/web.php @@ -17,25 +17,42 @@ Route::get('/', function () { return view('welcome'); }); -Route::get('/p-account/meeting', function () {return view('p_account.index');}); -Route::get('/p-account/meeting/detail/{meeting_id}', function () {return view('p_account.index');}); -Route::get('/p-account/meeting/new', function () {return view('p_account.index');}); -Route::get('/p-account/meeting/edit/{child_id}', function () {return view('p_account.index');}); -Route::get('/p-account/favorite', function () {return view('p_account.index');}); -Route::get('/p-account/search', function () {return view('p_account.index');}); -Route::get('/p-account/child', function () {return view('p_account.index');}); -Route::get('/p-account/child/add', function () {return view('p_account.index');}); -Route::get('/p-account/child/edit/hire-date/{child_id}', function () {return view('p_account.index');}); -Route::get('/p-account/child/detail/{child_id}', function () {return view('p_account.index');}); -Route::get('/p-account/profile', function () {return view('p_account.index');}); -Route::get('/p-account/profile/edit/{father_id}', function () {return view('p_account.index');}); -Route::get('/p-account/profile/edit/password/{father_id}', function () {return view('p_account.index');}); -Route::get('/p-account/profile/withdrawal', function () {return view('p_account.index');}); -Route::get('/p-account/profile/withdrawal/complete', function () {return view('p_account.index');}); -Route::get('/p-account', function () {return view('p_account.index');}); +Route::group(['prefix' => 'p-account'], function () { + Route::get('/', function () {return view('p_account.index');}); -Route::get('/contact-us', function () { return view('pages.contact.index'); }); -Route::get('/contact-us/complete/', function () { return view('pages.contact.index'); }); + Route::group(['middleware' => 'auth:fathers'], function () { + Route::group(['prefix' => 'meeting'], function () { + Route::get('/', function () {return view('p_account.index');}); + Route::get('/detail/{meeting_id}', function () {return view('p_account.index');}); + Route::get('/new', function () {return view('p_account.index');}); + Route::get('/edit/{child_id}', function () {return view('p_account.index');}); + }); + Route::get('/favorite', function () {return view('p_account.index');}); + Route::get('/search', function () {return view('p_account.index');}); + Route::group(['prefix' => 'child'], function () { + Route::get('/', function () {return view('p_account.index');}); + Route::get('/add', function () {return view('p_account.index');}); + Route::get('/edit/hire-date/{child_id}', function () {return view('p_account.index');}); + Route::get('/detail/{child_id}', function () {return view('p_account.index');}); + }); + Route::group(['prefix' => 'profile'], function () { + Route::get('/', function () {return view('p_account.index');}); + Route::group(['prefix' => 'edit'], function () { + Route::get('/password/{father_id}', function () {return view('p_account.index');}); + Route::get('/{father_id}', function () {return view('p_account.index');}); + }); + Route::group(['prefix' => 'withdrawal'], function () { + Route::get('/', function () {return view('p_account.index');}); + Route::get('/complete', function () {return view('p_account.index');}); + }); + }); + }); +}); + +Route::group(['prefix' => 'contact-us'], function () { + Route::get('/', function () { return view('pages.contact.index'); }); + Route::get('/complete', function () { return view('pages.contact.index'); }); +}); Route::get('/unknown-error ', function () { return view('pages.contact.index'); }); //--------------------------------Child Account--------------------------------------// Route::get('/register-temporary/c-account', function () { return view('c_account.auth'); });