File: /var/www/html/owlcrm/app/Http/Controllers/Auth/AuthenticatedSessionController.php
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Http\Requests\Auth\LoginRequest;
use App\Http\Requests\Auth\AdminLoginRequest;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Cookie;
use Illuminate\View\View;
class AuthenticatedSessionController extends Controller
{
/**
* Display the login view.
*/
public function create(): View
{
return view('auth.login');
}
/**
* Handle an incoming authentication request.
*/
public function store(LoginRequest $request): RedirectResponse
{
// Get the subscription plan ID from session (this will be null before login)
$subscriptionPlanId = session('subscriptionKey');
// Authenticate the user
$request->authenticate();
// Regenerate the session to prevent session fixation attacks
$request->session()->regenerate();
// Re-store the subscription plan ID in the session after login
if ($subscriptionPlanId) {
return redirect()->route('buy.subscription.plan', ['id' => $subscriptionPlanId]);
}
// Redirect the user to the intended route or dashboard
return redirect()->intended(route('dashboard', absolute: false));
}
/**
* Destroy an authenticated session.
*/
public function destroy(Request $request): RedirectResponse
{
Auth::guard('web')->logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return redirect('/');
}
/**
* Display the admin login view.
*/
public function adminCreate(): View
{
return view('auth.admin-login');
}
/**
* Handle an incoming authentication request.
*/
public function adminStore(AdminLoginRequest $request): RedirectResponse
{
$request->authenticate();
$request->session()->regenerate();
return redirect()->intended(route('admin.dashboard', absolute: false));
}
/**
* Destroy an authenticated session.
*/
public function adminDestroy(Request $request): RedirectResponse
{
Auth::guard('admin')->logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return redirect('/admin/login');
}
}