validate([ 'email' => 'required|email', 'password' => 'required', ]); $user = User::where('email', $request->email)->first(); if (! $user || ! Hash::check($request->password, $user->password)) { return response()->json([ 'status' => false, 'message' => 'Invalid email or password', ], 401); } $token = Str::random(60); $user->update(['api_token' => $token]); // Check if profile is complete (all important fields filled) $profileComplete = ( $user->otp_verified_on !== null && $user->first_name !== null && $user->last_name !== null && $user->email !== null ); return response()->json([ 'status' => true, 'message' => 'Login successful', 'token' => $token, 'profile_complete' => $profileComplete, 'user' => $user->toAppArray(), ]); } /** * POST /api/auth/customer/customer-signup * Body: first_name, last_name, email, phone, password */ public function signup(Request $request) { $request->validate([ 'first_name' => 'required|string|max:255', 'last_name' => 'required|string|max:255', 'email' => 'required|email|unique:users,email', 'phone' => 'required|string|unique:users,phone', 'password' => 'required|string|min:8', 'pdo_type' => 'sometimes|numeric', 'distributor' => 'sometimes|numeric', 'sub_distributor_comission' => 'sometimes|string', 'referral_code' => 'sometimes|string|max:10', ]); $otp = random_int(100000, 999999); // Look up referrer by referral code $referrer = null; if ($request->filled('referral_code')) { $referrer = User::where('referral_code', $request->referral_code)->first(); } $user = User::create([ 'first_name' => $request->first_name, 'last_name' => $request->last_name, 'email' => $request->email, 'phone' => $request->phone, 'password' => Hash::make($request->password), 'app_password' => $request->app_password ?? Str::random(16), 'photo' => $request->photo, 'photo_url' => $request->photo_url, 'pdo_type' => $request->pdo_type ?? 0, 'role' => $request->role ?? 0, 'status' => $request->status ?? 1, 'distributor' => $request->distributor ?? 0, 'is_parentId' => $request->is_parentId ?? 0, 'distributor_type' => $request->distributor_type ?? 0, 'sub_distributor_comission' => $request->sub_distributor_comission, 'otp' => $otp, 'otp_verified_on' => null, 'email_verified_at' => null, 'referred_by' => $referrer?->id, ]); // Create petals record — referee gets bonus if referred $refereePetals = $referrer ? User::REFERRAL_REWARD_REFEREE : 0; UserPetal::create([ 'user_id' => $user->id, 'available_petals' => $refereePetals, 'used_petals' => 0, ]); // Award petals to both parties if referral is valid if ($referrer) { // Award referee if ($refereePetals > 0) { PetalTransaction::create([ 'user_id' => $user->id, 'transaction_type' => 'earned', 'amount' => 0, 'points' => $refereePetals, 'description' => 'Welcome bonus — referred by ' . $referrer->first_name, ]); } // Award referrer $referrerPetals = User::REFERRAL_REWARD_REFERRER; $referrer->userPetal()->increment('available_petals', $referrerPetals); PetalTransaction::create([ 'user_id' => $referrer->id, 'transaction_type' => 'earned', 'amount' => 0, 'points' => $referrerPetals, 'description' => 'Referral bonus — ' . $request->first_name . ' joined', ]); } $response = [ 'status' => true, 'message' => "OTP sent to {$request->phone}", 'url_code' => Str::random(10), 'user' => $user->toAppArray(), 'referral_bonus' => $referrer ? User::REFERRAL_REWARD_REFEREE : 0, ]; // Include OTP in response only during development (no SMS service yet) if (config('app.debug')) { $response['otp'] = $otp; } return response()->json($response); } /** * POST /api/resend-otp * Body: phone */ public function resendOtp(Request $request) { $request->validate(['phone' => 'required|string']); $user = User::where('phone', $request->phone)->first(); if (! $user) { return response()->json([ 'status' => false, 'message' => 'User not found', ], 404); } $otp = random_int(100000, 999999); $user->update([ 'otp' => $otp, 'otp_expires_at' => now()->addMinutes(10), ]); // TODO: Send OTP via SMS $response = [ 'status' => true, 'message' => "OTP resent to {$request->phone}", ]; if (config('app.debug')) { $response['otp'] = $otp; } return response()->json($response); } /** * POST /api/wifilogin/customer/verify-otp * Body: otp, phone */ public function verifyOtp(Request $request) { $request->validate([ 'otp' => 'required|string', 'phone' => 'required|string', ]); $user = User::where('phone', $request->phone)->first(); if (! $user) { return response()->json([ 'status' => false, 'message' => 'User not found', ], 404); } if ((string) $user->otp !== (string) $request->otp || ($user->otp_expires_at && now()->isAfter($user->otp_expires_at))) { return response()->json([ 'status' => false, 'message' => $user->otp_expires_at && now()->isAfter($user->otp_expires_at) ? 'OTP has expired. Please request a new one.' : 'Invalid OTP', ], 400); } $user->update([ 'otp' => null, 'otp_expires_at' => null, 'otp_verified_on' => now(), ]); $token = Str::random(60); $user->update(['api_token' => $token]); return response()->json([ 'status' => true, 'message' => 'OTP verified successfully', 'token' => $token, 'profile_complete' => true, 'user' => $user->toAppArray(), ]); } /** * POST /api/auth/forgot_password * Body: email */ public function forgotPassword(Request $request) { $request->validate(['email' => 'required|email']); $user = User::where('email', $request->email)->first(); if (! $user) { return response()->json([ 'status' => false, 'message' => 'No account found with this email', ], 404); } $otp = random_int(100000, 999999); $user->update([ 'otp' => $otp, 'otp_expires_at' => now()->addMinutes(10), ]); // TODO: Send OTP via email return response()->json([ 'status' => true, 'message' => 'Password reset OTP sent to your email', ]); } /** * POST /api/auth/customer/change-password * Body: password, password_confirmation */ public function changePassword(Request $request) { $request->validate([ 'password' => 'required|min:8|confirmed', ]); $user = $request->user(); $user->update([ 'password' => Hash::make($request->password), ]); return response()->json([ 'status' => true, 'message' => 'Password changed successfully', 'user' => $user->toAppArray(), ]); } /** * GET /api/referral/stats */ public function referralStats(Request $request) { $user = $request->user(); $referrals = $user->referrals()->select('id', 'first_name', 'last_name', 'created_at')->get(); $totalEarned = $referrals->count() * User::REFERRAL_REWARD_REFERRER; return response()->json([ 'status' => true, 'referral_code' => $user->referral_code, 'total_referrals' => $referrals->count(), 'total_petals_earned' => $totalEarned, 'reward_per_referral' => User::REFERRAL_REWARD_REFERRER, 'referrals' => $referrals->map(fn($r) => [ 'name' => $r->full_name, 'joined_at' => $r->created_at?->toIso8601String(), ]), ]); } /** * POST /api/auth/customer/logout */ public function logout(Request $request) { $request->user()->update(['api_token' => null]); return response()->json([ 'status' => true, 'message' => 'Logged out successfully', 'token' => null, 'user' => $request->user()->toAppArray(), ]); } }