From d7854a9905b4be0eacfee8c77b183ef9228bc1d2 Mon Sep 17 00:00:00 2001
From: "allen.yan" <hungyi0816@gmail.com>
Date: Tue, 2 Sep 2025 11:10:44 +0800
Subject: [PATCH] =?UTF-8?q?202509021110=20=E4=BD=BF=E7=94=A8=E5=BE=8C?=
 =?UTF-8?q?=E5=8F=B0=E9=A9=97=E8=A8=BC=E5=B8=B3=E8=99=9F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/Http/Middleware/ApiTokenMiddleware.php    | 36 +++++++++++++++++
 bootstrap/app.php                             |  1 +
 config/services.php                           |  4 ++
 .../views/livewire/pages/auth/login.blade.php | 39 ++++++++++++++++++-
 routes/api.php                                |  4 +-
 5 files changed, 81 insertions(+), 3 deletions(-)
 create mode 100644 app/Http/Middleware/ApiTokenMiddleware.php

diff --git a/app/Http/Middleware/ApiTokenMiddleware.php b/app/Http/Middleware/ApiTokenMiddleware.php
new file mode 100644
index 0000000..2bb5bb4
--- /dev/null
+++ b/app/Http/Middleware/ApiTokenMiddleware.php
@@ -0,0 +1,36 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Http;
+use App\Models\User; // 如果你的 Token 存在 user table
+
+class ApiTokenMiddleware
+{
+    public function handle(Request $request, Closure $next)
+    {
+        $token = $request->bearerToken();
+        if (!$token) {
+            return response()->json(['error' => 'Missing token'], 401);
+        }
+        $response = Http::withToken($token)
+            ->withOptions(['verify' => false])
+            ->post('https://ktv.test/api/token/validate');
+            
+        if ($response->failed() || !$response->json('valid')) {
+            return response()->json(['error' => 'Invalid token'], 401);
+        }
+
+
+        $user = User::where('api_plain_token', $token)->first();
+        if (!$user) {
+            return response()->json(['message' => 'Invalid token'], 401);
+        }
+
+        $request->setUserResolver(fn() => $user);
+
+        return $next($request);
+    }
+}
\ No newline at end of file
diff --git a/bootstrap/app.php b/bootstrap/app.php
index 3c1ee1e..38010d6 100644
--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@@ -13,6 +13,7 @@ return Application::configure(basePath: dirname(__DIR__))
     )
     ->withMiddleware(function (Middleware $middleware) {
         $middleware->alias([
+            'api_token' => \App\Http\Middleware\ApiTokenMiddleware::class,
             'role' => \Spatie\Permission\Middleware\RoleMiddleware::class,
             'permission' => \Spatie\Permission\Middleware\PermissionMiddleware::class,
             'role_or_permission' => \Spatie\Permission\Middleware\RoleOrPermissionMiddleware::class
diff --git a/config/services.php b/config/services.php
index ef409b3..ea56f2d 100644
--- a/config/services.php
+++ b/config/services.php
@@ -35,4 +35,8 @@ return [
         ],
     ],
 
+    'backend' => [
+        'url' => env('BACKEND_URL'),
+    ],
+
 ];
diff --git a/resources/views/livewire/pages/auth/login.blade.php b/resources/views/livewire/pages/auth/login.blade.php
index 109c7c6..bafe775 100644
--- a/resources/views/livewire/pages/auth/login.blade.php
+++ b/resources/views/livewire/pages/auth/login.blade.php
@@ -1,6 +1,7 @@
 <?php
 
 use App\Livewire\Forms\LoginForm;
+use Illuminate\Support\Facades\Http;
 use Illuminate\Support\Facades\Session;
 use Livewire\Attributes\Layout;
 use Livewire\Volt\Component;
@@ -16,7 +17,43 @@ new #[Layout('layouts.guest')] class extends Component
     {
         $this->validate();
 
-        $this->form->authenticate();
+        //$this->form->authenticate();
+        // 呼叫遠端 API 驗證帳號密碼
+        $response = Http::withOptions(['verify' => false])
+        ->post(config('services.backend.url').'/api/login', [
+            'email'    => $this->form->email,
+            'password' => $this->form->password,
+        ]);
+        if ($response->failed()) {
+            throw \Illuminate\Validation\ValidationException::withMessages([
+                'email' => '登入失敗，請檢查帳號或密碼。',
+            ]);
+        }
+
+        $data = $response->json("data");
+
+        // 假設遠端回傳 token + user profile
+        $token = $data['token'];
+        $userData = $data['user'];
+
+        // 在本地建立/更新使用者
+        $user = \App\Models\User::updateOrCreate(
+            [ 'id' => $userData['id']],
+            [
+                'name' => $userData['name'],
+                'email' => $userData['email'],
+                'phone' => $userData['phone'],
+                'birthday' => $userData['birthday'],
+                'gender' => $userData['gender'],
+                'status' => $userData['status'],
+                'email_verified_at' => $userData['email_verified_at'],
+                'created_at' => $userData['created_at'],
+                'updated_at' => $userData['updated_at'],
+                'api_token' => $token,
+            ]
+        );
+
+        Auth::login($user, remember: true);
 
         Session::regenerate();
 
diff --git a/routes/api.php b/routes/api.php
index a5e8d6a..ca31faa 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -1,7 +1,6 @@
 <?php
 
 use Illuminate\Support\Facades\Route;
-use App\Http\Controllers\ArtistController;
 use App\Http\Controllers\AuthController;
 use App\Http\Controllers\RoomControlController;
 use App\Http\Controllers\Api\RoomSongController;
@@ -9,7 +8,8 @@ use App\Http\Controllers\SqliteUploadController;
 
 Route::post('/room/receiveRegister', [RoomControlController::class, 'receiveRegister']);
 
-Route::middleware('auth:sanctum')->group(function () {
+//Route::middleware('auth:sanctum')->group(function () {
+Route::middleware('api_token')->group(function () {
     Route::get('/profile', [AuthController::class, 'profile']);
     Route::post('/room/sendSwitch', [RoomControlController::class, 'sendSwitch']);
     Route::post('/room/heartbeat', [RoomControlController::class, 'HeartBeat']);