From 39fae18ef60b40833eb01fe795874f09e29b2216 Mon Sep 17 00:00:00 2001 From: mohanmd Date: Sat, 20 Jun 2026 22:21:47 +0530 Subject: [PATCH 01/23] admin login validation added --- .../Controllers/Admin/AdminAuthController.php | 56 +++++--- resources/js/Pages/Admin/Auth/Login.jsx | 2 +- tests/Feature/AdminLoginTest.php | 124 ++++++++++++++++++ 3 files changed, 164 insertions(+), 18 deletions(-) create mode 100644 tests/Feature/AdminLoginTest.php diff --git a/app/Http/Controllers/Admin/AdminAuthController.php b/app/Http/Controllers/Admin/AdminAuthController.php index 001dc73..9bab742 100644 --- a/app/Http/Controllers/Admin/AdminAuthController.php +++ b/app/Http/Controllers/Admin/AdminAuthController.php @@ -21,32 +21,54 @@ public function showLogin() */ public function login(Request $request) { - $credentials = $request->validate([ + $validator = \Illuminate\Support\Facades\Validator::make($request->all(), [ 'email' => ['required', 'email'], 'password' => ['required'], + ], [ + 'email.required' => 'Please enter your email address.', + 'email.email' => 'Please enter a valid email address.', + 'password.required' => 'Please enter your password.', ]); + if ($validator->fails()) { + return back()->withErrors($validator)->withInput($request->only('email')); + } + + $credentials = $validator->validated(); + // Database-backed authentication check $user = \App\Models\User::where('email', $credentials['email'])->first(); - if ($user && \Illuminate\Support\Facades\Hash::check($credentials['password'], $user->password) && $user->role === 'admin') { - $request->session()->regenerate(); - - auth()->login($user); - - session(['user' => (object)[ - 'id' => $user->id, - 'name' => $user->name, - 'email' => $user->email, - 'role' => $user->role, - ]]); - - return redirect()->intended('/admin/dashboard'); + if (!$user) { + return back()->withErrors([ + 'email' => 'This email is not registered.', + ])->withInput($request->only('email')); } - return back()->withErrors([ - 'email' => 'The provided credentials do not match our records. (Use admin@example.com / password)', - ]); + if ($user->role !== 'admin') { + return back()->withErrors([ + 'email' => 'This email is not registered as an admin.', + ])->withInput($request->only('email')); + } + + if (!\Illuminate\Support\Facades\Hash::check($credentials['password'], $user->password)) { + return back()->withErrors([ + 'password' => 'The password you entered is incorrect.', + ])->withInput($request->only('email')); + } + + $request->session()->regenerate(); + + auth()->login($user); + + session(['user' => (object)[ + 'id' => $user->id, + 'name' => $user->name, + 'email' => $user->email, + 'role' => $user->role, + ]]); + + return redirect()->intended('/admin/dashboard'); } /** diff --git a/resources/js/Pages/Admin/Auth/Login.jsx b/resources/js/Pages/Admin/Auth/Login.jsx index 4a370bd..e3fb573 100644 --- a/resources/js/Pages/Admin/Auth/Login.jsx +++ b/resources/js/Pages/Admin/Auth/Login.jsx @@ -54,7 +54,7 @@ export default function Login() {
{/* Form */} -
+
- - + {filteredPlans.length === 0 ? ( + + + No plans found - ))} + ) : ( + filteredPlans.map((plan) => ( + + +
+
+ {plan.id === 'basic' ? : + plan.id === 'premium' ? : + } +
+ {plan.name} +
+
+ {plan.price} + {plan.duration} + +
+ {plan.features.map((f, i) => ( + + {f} + + ))} +
+
+ + + {plan.status} + + + +
+ + +
+
+
+ )) + )} - {/* Plan Modal (Placeholder UI) */} + {/* Plan Modal */} @@ -163,44 +232,70 @@ export default function SubscriptionsIndex({ plans: initialPlans }) { -
-
-
- - + +
+
+
+ + setName(e.target.value)} + className="w-full px-4 py-2.5 bg-slate-50 border border-slate-100 rounded-xl text-sm font-bold focus:ring-4 focus:ring-teal-500/10 outline-none" + placeholder="e.g. Pro Search" + /> +
+
+ + setPrice(e.target.value)} + className="w-full px-4 py-2.5 bg-slate-50 border border-slate-100 rounded-xl text-sm font-bold focus:ring-4 focus:ring-teal-500/10 outline-none" + placeholder="299" + /> +
- - + + +
+
+ +