Merge pull request #292 from nakazawakan/newbackend

BE側でlogin時にexpireタイムを送ることができますか？
2022-01-29 09:11:21 +09:00 · 2022-01-29 09:11:21 +09:00 · b1fc0580bf
--- a/backend/app/Http/Controllers/Api/AuthenticationTrait.php
+++ b/backend/app/Http/Controllers/Api/AuthenticationTrait.php
@ -127,7 +127,7 @@ trait AuthenticationTrait {
        // セッションを想像する
        $login_user_datum = $this->makeSession($this->getGuard(), $get->toArray());

-        return ['status_code' => 200, 'params' => ['id' => $login_user_datum['id']]];
+        return ['status_code' => 200, 'params' => ['id' => $login_user_datum['id'], 'expire' => env('SESSION_LIFETIME')]];
    }

    public function logout () {
--- a/backend/app/Http/Controllers/Api/ChildrenController.php
+++ b/backend/app/Http/Controllers/Api/ChildrenController.php
@ -96,7 +96,13 @@ class ChildrenController extends Controller {

    public function checkRegisterMain (Request $r) {
        // トークンの確認
-        if (null === ($get = TelActivation::select('tel')->where('token', $r->token)->first())) {
+        if (null === ($get = TelActivation::select('tel', 'ttl')->where('token', $r->token)->first())) {
+            return ['status_code' => 400, 'error_messages' => ['不正な登録トークン。']];
+        }
+
+        // トークンの有効期限が切れた場合
+        if (time() > strtotime($get->ttl)) {
+            TelActivation::where('token', $r->token)->delete();
            return ['status_code' => 400, 'error_messages' => ['不正な登録トークン。']];
        }

@ -119,7 +125,9 @@ class ChildrenController extends Controller {

        // 親子関係の上限の場合
        if (!is_null($get->father_id) && null !== ($rel = FatherRelation::where('father_id', $get->father_id)->first())) {
-            if (Father::select('relation_limit')->where('id', $get->father_id)->first()->relation_limit >= FatherRelation::where('father_id', $get->father_id)->count()) {
+            $fa = Father::select('relation_limit')->where('id', $get->father_id)->first();
+            $fr = FatherRelation::where('father_id', $get->father_id)->count();
+            if (null !== $fa && $fr >= $fa->relation_limit) {
                return ['status_code' => 400, 'error_messages' => ['仮登録の有効期限が切れました。改めて親にお問い合わせいただき、再登録の手続きを行ってください。']];
            }
        }
--- a/backend/app/Http/Controllers/Api/FathersController.php
+++ b/backend/app/Http/Controllers/Api/FathersController.php
@ -142,7 +142,13 @@ class FathersController extends Controller {

    public function checkRegisterMain (Request $r) {
        // トークンの確認
-        if (null === ($get = EmailActivation::where('token', $r->token)->first())) {
+        if (null === ($get = EmailActivation::select('ttl')where('token', $r->token)->first())) {
+            return ['status_code' => 400, 'error_messages' => ['不正な登録トークン。']];
+        }
+
+        // トークンの有効期限が切れた場合
+        if (time() > strtotime($get->ttl)) {
+            EmailActivation::where('token', $r->token)->delete();
            return ['status_code' => 400, 'error_messages' => ['不正な登録トークン。']];
        }