Commit b1a00cdb authored by Mahmoud Aglan's avatar Mahmoud Aglan

fix(auth): return proper redirects for web form submissions instead of raw JSON

All auth controllers were always returning JSON responses via the ApiResponse
trait, even for standard HTML form submissions. Browser forms don't set
Accept: application/json, so they received raw JSON text instead of proper
redirects/error displays. Now all controllers check expectsJson() to serve
both web and API clients correctly.
Co-Authored-By: 's avatarClaude Opus 4.6 <noreply@anthropic.com>
parent ff9581ff
...@@ -6,6 +6,7 @@ use App\Http\Controllers\Controller; ...@@ -6,6 +6,7 @@ use App\Http\Controllers\Controller;
use App\Modules\Auth\Requests\ForgotPasswordRequest; use App\Modules\Auth\Requests\ForgotPasswordRequest;
use App\Modules\Auth\Services\AuthService; use App\Modules\Auth\Services\AuthService;
use Illuminate\Http\JsonResponse; use Illuminate\Http\JsonResponse;
use Illuminate\Http\RedirectResponse;
use Illuminate\Support\Facades\Password; use Illuminate\Support\Facades\Password;
use Illuminate\View\View; use Illuminate\View\View;
...@@ -20,10 +21,14 @@ class ForgotPasswordController extends Controller ...@@ -20,10 +21,14 @@ class ForgotPasswordController extends Controller
return view('auth.forgot-password'); return view('auth.forgot-password');
} }
public function store(ForgotPasswordRequest $request): JsonResponse public function store(ForgotPasswordRequest $request): JsonResponse|RedirectResponse
{ {
$this->authService->sendPasswordResetLink($request->input('email')); $this->authService->sendPasswordResetLink($request->input('email'));
return $this->success(null, __('auth.reset_link_sent')); if ($request->expectsJson()) {
return $this->success(null, __('auth.reset_link_sent'));
}
return back()->with('status', __('auth.reset_link_sent'));
} }
} }
...@@ -39,9 +39,13 @@ class LoginController extends Controller ...@@ -39,9 +39,13 @@ class LoginController extends Controller
default => __('auth.failed'), default => __('auth.failed'),
}; };
return $this->error($message, 422, null, [ if ($request->expectsJson()) {
'email' => [$message], return $this->error($message, 422, null, [
]); 'email' => [$message],
]);
}
return back()->withErrors(['email' => $message])->withInput($request->only('email', 'remember'));
} }
$request->clearRateLimit(); $request->clearRateLimit();
......
...@@ -8,6 +8,7 @@ use App\Modules\Auth\Services\AuthService; ...@@ -8,6 +8,7 @@ use App\Modules\Auth\Services\AuthService;
use App\Shared\Helpers\Countries; use App\Shared\Helpers\Countries;
use Illuminate\Auth\Events\Registered; use Illuminate\Auth\Events\Registered;
use Illuminate\Http\JsonResponse; use Illuminate\Http\JsonResponse;
use Illuminate\Http\RedirectResponse;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
use Illuminate\View\View; use Illuminate\View\View;
...@@ -29,7 +30,7 @@ class RegisterCompanyController extends Controller ...@@ -29,7 +30,7 @@ class RegisterCompanyController extends Controller
]); ]);
} }
public function store(RegisterCompanyRequest $request): JsonResponse public function store(RegisterCompanyRequest $request): JsonResponse|RedirectResponse
{ {
$user = $this->authService->registerCompany($request->validated()); $user = $this->authService->registerCompany($request->validated());
...@@ -41,9 +42,13 @@ class RegisterCompanyController extends Controller ...@@ -41,9 +42,13 @@ class RegisterCompanyController extends Controller
report($e); report($e);
} }
return $this->success( if ($request->expectsJson()) {
['redirect' => '/email/verify'], return $this->success(
__('auth.registration_successful_company') ['redirect' => '/email/verify'],
); __('auth.registration_successful_company')
);
}
return redirect('/email/verify');
} }
} }
...@@ -8,6 +8,7 @@ use App\Modules\Auth\Services\AuthService; ...@@ -8,6 +8,7 @@ use App\Modules\Auth\Services\AuthService;
use App\Shared\Helpers\Countries; use App\Shared\Helpers\Countries;
use Illuminate\Auth\Events\Registered; use Illuminate\Auth\Events\Registered;
use Illuminate\Http\JsonResponse; use Illuminate\Http\JsonResponse;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\Auth;
use Illuminate\View\View; use Illuminate\View\View;
...@@ -25,7 +26,7 @@ class RegisterCreatorController extends Controller ...@@ -25,7 +26,7 @@ class RegisterCreatorController extends Controller
]); ]);
} }
public function store(RegisterCreatorRequest $request): JsonResponse public function store(RegisterCreatorRequest $request): JsonResponse|RedirectResponse
{ {
$user = $this->authService->registerCreator($request->validated()); $user = $this->authService->registerCreator($request->validated());
...@@ -37,10 +38,14 @@ class RegisterCreatorController extends Controller ...@@ -37,10 +38,14 @@ class RegisterCreatorController extends Controller
report($e); report($e);
} }
return $this->success( if ($request->expectsJson()) {
['redirect' => '/email/verify'], return $this->success(
__('auth.registration_successful') ['redirect' => '/email/verify'],
); __('auth.registration_successful')
);
}
return redirect('/email/verify');
} }
public function checkUsername(Request $request): JsonResponse public function checkUsername(Request $request): JsonResponse
......
...@@ -6,6 +6,7 @@ use App\Http\Controllers\Controller; ...@@ -6,6 +6,7 @@ use App\Http\Controllers\Controller;
use App\Modules\Auth\Requests\ResetPasswordRequest; use App\Modules\Auth\Requests\ResetPasswordRequest;
use App\Modules\Auth\Services\AuthService; use App\Modules\Auth\Services\AuthService;
use Illuminate\Http\JsonResponse; use Illuminate\Http\JsonResponse;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Facades\Password; use Illuminate\Support\Facades\Password;
use Illuminate\View\View; use Illuminate\View\View;
...@@ -24,17 +25,25 @@ class ResetPasswordController extends Controller ...@@ -24,17 +25,25 @@ class ResetPasswordController extends Controller
]); ]);
} }
public function store(ResetPasswordRequest $request): JsonResponse public function store(ResetPasswordRequest $request): JsonResponse|RedirectResponse
{ {
$status = $this->authService->resetPassword($request->validated()); $status = $this->authService->resetPassword($request->validated());
if ($status === Password::PASSWORD_RESET) { if ($status === Password::PASSWORD_RESET) {
return $this->success( if ($request->expectsJson()) {
['redirect' => '/login'], return $this->success(
__('auth.password_reset_successful') ['redirect' => '/login'],
); __('auth.password_reset_successful')
);
}
return redirect('/login')->with('status', __('auth.password_reset_successful'));
}
if ($request->expectsJson()) {
return $this->error(__('auth.password_reset_failed'), 422);
} }
return $this->error(__('auth.password_reset_failed'), 422); return back()->withErrors(['email' => __('auth.password_reset_failed')]);
} }
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment