public function handleLogin(Request $request, UserRepository $users)
{
$this->validate($request, ['identification' => 'required', 'password' => 'required|min:6|max:16']);
$identification = $request->input('identification');
// guess type of identification
$auth_type = validate($identification, 'email') ? "email" : "username";
event(new Events\UserTryToLogin($identification, $auth_type));
// Get user instance from repository.
// If the given identification is not registered yet,
// it will return a null value.
$user = $users->get($identification, $auth_type);
if (session('login_fails', 0) > 3) {
if (strtolower($request->input('captcha')) != strtolower(session('phrase'))) {
return json(trans('auth.validation.captcha'), 1);
}
}
if (!$user) {
return json(trans('auth.validation.user'), 2);
} else {
if ($user->checkPasswd($request->input('password'))) {
Session::forget('login_fails');
Session::put('uid', $user->uid);
Session::put('token', $user->getToken());
// time in minutes
$time = $request->input('keep') == true ? 10080 : 60;
event(new Events\UserLoggedIn($user));
return json(trans('auth.login.success'), 0, ['token' => $user->getToken()])->withCookie('uid', $user->uid, $time)->withCookie('token', $user->getToken(), $time);
} else {
Session::put('login_fails', session('login_fails', 0) + 1);
return json(trans('auth.validation.password'), 1, ['login_fails' => session('login_fails')]);
}
}
}