Merge pull request #55 from P3D-Legacy/api

WIP API User

app/Http/Controllers/API/UserController.php

@@ -0,0 +1,81 @@
+<?php
+
+namespace App\Http\Controllers\API;
+
+use App\Models\User;
+use Illuminate\Http\Request;
+use App\Http\Controllers\Controller;
+use App\Http\Resources\UserResource;
+
+class UserController extends Controller
+{
+    public function __construct()
+    {
+        $this->middleware(['permission:api']);
+    }
+    /**
+     * Display a listing of the resource.
+     *
+     * @return \Illuminate\Http\Response
+     */
+    public function index()
+    {
+        //
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Illuminate\Http\Response
+     */
+    public function store(Request $request)
+    {
+        //
+    }
+
+    /**
+     * Display the specified resource.
+     *
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function show(Request $request, $id)
+    {
+        $user = User::with(['roles.permissions'])->findOrFail($id);
+        if (!$request->user()->tokenCan('read')) {
+            return response()->json([
+                'error' => 'Token does not have access!',
+            ]);
+        }
+        if ($request->user()->id !== $user->id) {
+            return response()->json([
+                'error' => 'You are not allowed to view this user!',
+            ]);
+        }
+        return new UserResource($user);
+    }
+
+    /**
+     * Update the specified resource in storage.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function update(Request $request, $id)
+    {
+        //
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     *
+     * @param  int  $id
+     * @return \Illuminate\Http\Response
+     */
+    public function destroy($id)
+    {
+        //
+    }
+}

app/Http/Resources/UserResource.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Http\Resources;
+
+use Illuminate\Http\Resources\Json\JsonResource;
+
+class UserResource extends JsonResource
+{
+    /**
+     * Transform the resource into an array.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return array|\Illuminate\Contracts\Support\Arrayable|\JsonSerializable
+     */
+    public function toArray($request)
+    {
+        return parent::toArray($request);
+    }
+}

app/Providers/RouteServiceProvider.php

@@ -39,7 +39,7 @@ public function boot()
 
         $this->routes(function () {
             Route::prefix('api')
-                ->middleware('api')
+                ->middleware(['api', 'auth:sanctum'])
                 ->namespace($this->namespace)
                 ->group(base_path('routes/api.php'));
 

composer.json

@@ -39,7 +39,8 @@
         "spatie/laravel-activitylog": "^3.16",
         "spatie/laravel-cookie-consent": "^2.12",
         "spatie/laravel-permission": "^4.2",
-        "spatie/laravel-tags": "^3.1"
+        "spatie/laravel-tags": "^3.1",
+        "wulfheart/pretty_routes": "^0.3.0"
     },
     "require-dev": {
         "barryvdh/laravel-debugbar": "^3.5",

routes/api.php

@@ -1,6 +1,6 @@
 <?php
 
-use Illuminate\Http\Request;
+use App\Http\Controllers\API\UserController;
 use Illuminate\Support\Facades\Route;
 
 /*
@@ -14,6 +14,4 @@
 |
 */
 
-Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
-    return $request->user();
-});
+Route::apiResource('user', UserController::class);