From 923f5c5c7f6bbac6bc57af375739837e30da20ec Mon Sep 17 00:00:00 2001
From: timotiabbauftech <timotiabbauftech@gmail.com>
Date: Wed, 3 Sep 2025 14:55:50 +0700
Subject: [PATCH] [feat AuthController, update UserController, User.php,
 EditAkun, Web.php

---
 app/Http/Controllers/AuthController.php | 45 ++++++++++++++++
 app/Http/Controllers/UserController.php | 24 +++++----
 app/Models/User.php                     |  8 ++-
 composer.lock                           |  4 +-
 resources/js/components/EditAkun.vue    |  2 +-
 routes/web.php                          | 70 +++++++++++++------------
 6 files changed, 106 insertions(+), 47 deletions(-)
 create mode 100644 app/Http/Controllers/AuthController.php

diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php
new file mode 100644
index 0000000..83baaa6
--- /dev/null
+++ b/app/Http/Controllers/AuthController.php
@@ -0,0 +1,45 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use App\Models\User;
+
+class AuthController extends Controller
+{
+
+    public function login(Request $request)
+    {
+        $request->validate([
+            'nama' => 'required|string',
+            'password' => 'required|int',
+        ]);
+
+        // Cek kredensial
+        if (!Auth::attempt($request->only('nama', 'password'))) {
+            return response()->json([
+                'message' => 'Login gagal, periksa kembali nama atau password.'
+            ], 401);
+        }
+
+        $user = User::where('nama', $request->nama)->first();
+
+        $token = $user->createToken('auth_token')->plainTextToken;
+
+        return response()->json([
+            'message' => 'Login berhasil',
+            'user' => $user,
+            'token' => $token,
+        ]);
+    }
+
+    public function logout(Request $request)
+    {
+        $request->user()->currentAccessToken()->delete();
+
+        return response()->json([
+            'message' => 'Logout berhasil'
+        ]);
+    }
+}
diff --git a/app/Http/Controllers/UserController.php b/app/Http/Controllers/UserController.php
index b82ec46..ed1d8b5 100644
--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@@ -41,22 +41,26 @@ class UserController extends Controller
         $user = User::findOrFail($id);
 
         $request->validate([
-            'nama'    => 'required|nama|unique:users,nama,' . $id,
-            'password' => 'required|min:6',
+            'nama'    => 'required|string|unique:users,nama,' . $id,
+            'password' => 'nullable|min:6',
             'role'     => 'required|in:owner,kasir',
         ]);
 
-        $user->update([
-            'nama'    => $request->nama,
-            'password'    => $request->password,
-            'role'    => $request->role,
-        ]);
+        $data = [
+            'nama' => $request->nama,
+            'role' => $request->role,
+        ];
 
-        return response()->json([
-            'message' => 'User berhasil diupdate'
-        ],200);
+        if ($request->filled('password')) {
+            $data['password'] = $request->password; 
+        }
+
+        $user->update($data);
+
+        return response()->json(['message' => 'User berhasil diupdate', 'user' => $user], 200);
     }
 
+
     public function destroy($id)
     {
         $user = User::findOrFail($id);
diff --git a/app/Models/User.php b/app/Models/User.php
index 69cb688..01777c8 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -6,11 +6,12 @@ namespace App\Models;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Foundation\Auth\User as Authenticatable;
 use Illuminate\Notifications\Notifiable;
+use Laravel\Sanctum\HasApiTokens;
 
 class User extends Authenticatable
 {
     /** @use HasFactory<\Database\Factories\UserFactory> */
-    use HasFactory, Notifiable;
+    use  HasApiTokens, HasFactory, Notifiable;
 
     /**
      * The attributes that are mass assignable.
@@ -45,4 +46,9 @@ class User extends Authenticatable
             'password' => 'hashed',
         ];
     }
+
+    public function getAuthIdentifierName()
+    {
+        return 'nama';
+    }
 }
diff --git a/composer.lock b/composer.lock
index 5393e18..e575000 100644
--- a/composer.lock
+++ b/composer.lock
@@ -9377,12 +9377,12 @@
     ],
     "aliases": [],
     "minimum-stability": "stable",
-    "stability-flags": {},
+    "stability-flags": [],
     "prefer-stable": true,
     "prefer-lowest": false,
     "platform": {
         "php": "^8.2"
     },
-    "platform-dev": {},
+    "platform-dev": [],
     "plugin-api-version": "2.6.0"
 }
diff --git a/resources/js/components/EditAkun.vue b/resources/js/components/EditAkun.vue
index 26be105..d716d1b 100644
--- a/resources/js/components/EditAkun.vue
+++ b/resources/js/components/EditAkun.vue
@@ -101,7 +101,7 @@
           const payload = { ...this.form };
           if (!payload.password) delete payload.password;
 
-          await axios.put(`api/user/${this.akun.id}`, payload);
+          await axios.put(`/api/user/${this.akun.id}`, payload);
 
           this.$emit("refresh");
           this.$emit("close");
diff --git a/routes/web.php b/routes/web.php
index 59fe37f..e467c9e 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -1,36 +1,40 @@
-<?php
+    <?php
 
-use App\Http\Controllers\FotoSementaraController;
-use App\Http\Controllers\ItemController;
-use App\Http\Controllers\KategoriController;
-use App\Http\Controllers\NampanController;
-use App\Http\Controllers\ProdukController;
-use App\Http\Controllers\SalesController;
-use App\Http\Controllers\UserController;
-use App\Http\Controllers\TransaksiController;
-use Illuminate\Support\Facades\Route;
+    use App\Http\Controllers\AuthController;
+    use App\Http\Controllers\FotoSementaraController;
+    use App\Http\Controllers\ItemController;
+    use App\Http\Controllers\KategoriController;
+    use App\Http\Controllers\NampanController;
+    use App\Http\Controllers\ProdukController;
+    use App\Http\Controllers\SalesController;
+    use App\Http\Controllers\UserController;
+    use App\Http\Controllers\TransaksiController;
+    use Illuminate\Support\Facades\Route;
 
-// Backend API
-Route::prefix('api')->group(function () {
-    Route::apiResource('nampan', NampanController::class);
-    Route::apiResource('produk', ProdukController::class);
-    Route::apiResource('item', ItemController::class);
-    Route::apiResource('sales', SalesController::class);
-    Route::apiResource('user', UserController::class);
-    Route::apiResource('transaksi', TransaksiController::class);
-    Route::apiResource('kategori', KategoriController::class);
-    
-    Route::get('brankas', [ItemController::class, 'brankasItem']);
-    Route::delete('kosongkan-nampan', [NampanController::class, 'kosongkan']);
-    
-    // Foto Sementara
-    Route::post('foto/upload', [FotoSementaraController::class, 'upload']);
-    Route::delete('foto/hapus/{id}', [FotoSementaraController::class, 'hapus']);
-    Route::get('foto/{user_id}', [FotoSementaraController::class, 'getAll']);
-    Route::delete('foto/reset/{user_id}', [FotoSementaraController::class, 'reset']);
-});
+    Route::prefix('api')->group(function () {
+    // Backend API
+        Route::apiResource('nampan', NampanController::class);
+        Route::apiResource('produk', ProdukController::class);
+        Route::apiResource('item', ItemController::class);
+        Route::apiResource('sales', SalesController::class);
+        Route::apiResource('user', UserController::class);
+        Route::apiResource('transaksi', TransaksiController::class);
+        Route::apiResource('kategori', KategoriController::class);
 
-// Frontend SPA
-Route::get('/{any}', function () {
-    return view('app');
-})->where('any', '^(?!storage|api).*$');
\ No newline at end of file
+        Route::get('brankas', [ItemController::class, 'brankasItem']);
+        Route::delete('kosongkan-nampan', [NampanController::class, 'kosongkan']);
+
+        // Foto Sementara
+        Route::post('foto/upload', [FotoSementaraController::class, 'upload']);
+        Route::delete('foto/hapus/{id}', [FotoSementaraController::class, 'hapus']);
+        Route::get('foto/{user_id}', [FotoSementaraController::class, 'getAll']);
+        Route::delete('foto/reset/{user_id}', [FotoSementaraController::class, 'reset']);
+
+        Route::post('/login',  [AuthController::class, 'login'])->middleware('guest')->name('login');
+        Route::post('/logout',  [AuthController::class, 'logout'])->middleware('auth');
+    });
+
+    // Frontend SPA
+    Route::get('/{any}', function () {
+        return view('app');
+    })->where('any', '^(?!storage|api).*$');
\ No newline at end of file