fix menu tax in data and fix session when multiple user login

2025-08-07 00:51:46 +07:00
parent 0abf278aa3
commit af05a39a82
13 changed files with 1209 additions and 36 deletions
--- a/app/Http/Controllers/Api/UsersController.php
+++ b/app/Http/Controllers/Api/UsersController.php
@@ -36,7 +36,9 @@ class UsersController extends Controller
        return UserResource::collection($query->paginate(config('app.paginate_per_page', 50)));
    }
    public function logout(Request $request){
-        $request->user()->tokens()->delete();
+        \Laravel\Sanctum\PersonalAccessToken::where('tokenable_id', $request->user()->id)
+            ->where('tokenable_type', get_class($request->user()))
+            ->delete();
        return response()->json(['message' => 'logged out successfully']);
    }
    public function store(UsersRequest $request){
--- a/app/Http/Controllers/Auth/AuthenticatedSessionController.php
+++ b/app/Http/Controllers/Auth/AuthenticatedSessionController.php
@@ -37,7 +37,9 @@ class AuthenticatedSessionController extends Controller
        $user = Auth::user();

        // Hapus token lama jika ada
-        $user->tokens()->delete();
+        \Laravel\Sanctum\PersonalAccessToken::where('tokenable_id', $user->id)
+            ->where('tokenable_type', get_class($user))
+            ->delete();

        // Buat token untuk API dengan scope dan expiration
        $tokenName = config('app.name', 'Laravel') . '-' . $user->id . '-' . time();
@@ -47,6 +49,10 @@ class AuthenticatedSessionController extends Controller
        
        // Simpan token di session untuk digunakan di frontend
        session(['api_token' => $token]);
+        
+        // Simpan timestamp login untuk validasi multi-user
+        session(['login_timestamp' => now()->timestamp]);
+        session(['user_id' => $user->id]);

        return redirect()->intended(RouteServiceProvider::HOME);
    }
@@ -66,7 +72,9 @@ class AuthenticatedSessionController extends Controller
        }

        // Delete existing tokens
-        $user->tokens()->delete();
+        \Laravel\Sanctum\PersonalAccessToken::where('tokenable_id', $user->id)
+            ->where('tokenable_type', get_class($user))
+            ->delete();

        // Generate new token
        $tokenName = config('app.name', 'Laravel') . '-' . $user->id . '-' . time();
@@ -107,7 +115,9 @@ class AuthenticatedSessionController extends Controller
    public function destroy(Request $request)
    {
        if($request->user()){
-            $request->user()->tokens()->delete();
+            \Laravel\Sanctum\PersonalAccessToken::where('tokenable_id', $request->user()->id)
+                ->where('tokenable_type', get_class($request->user()))
+                ->delete();
        }

        Auth::guard('web')->logout();