'required|min_length[2]|max_length[50]|alpha_space', 'last_name' => 'required|min_length[2]|max_length[50]|alpha_space', 'email' => 'required|valid_email|is_unique[users.email]', 'phone' => 'required|regex_match[/^[6-9]\d{9}$/]', 'password' => 'required|min_length[8]|regex_match[/^(?=.*[A-Z])(?=.*[a-z])(?=.*\d)(?=.*[^A-Za-z\d]).+$/]', ]; if (! $this->validate($rules)) { return redirect()->back()->withInput(); } $userModel = new UserModel(); $firstName = trim((string) $this->request->getPost('first_name')); $lastName = trim((string) $this->request->getPost('last_name')); $data = [ 'first_name' => $firstName, 'last_name' => $lastName, 'email' => $this->request->getPost('email'), 'password' => password_hash((string) $this->request->getPost('password'), PASSWORD_DEFAULT), 'role' => 'patient', 'status' => 'active', ]; if (! $userModel->skipValidation(true)->insert($data)) { return redirect()->back()->withInput()->with('error', 'Registration failed. Please try again.'); } $user_id = $userModel->getInsertID(); $patientModel = new PatientModel(); $patientModel->insert([ 'user_id' => $user_id, 'phone' => '+91' . $this->request->getPost('phone'), ]); return redirect()->to(site_url('/'))->with('success', 'Account created. You can log in now.'); } public function loginProcess() { $rules = [ 'email' => 'required|valid_email', 'password' => 'required', ]; if (! $this->validate($rules)) { return redirect()->back()->withInput(); } $userModel = new UserModel(); $email = $this->request->getPost('email'); $password = $this->request->getPost('password'); $user = $userModel->where('email', $email)->first(); if ($user && password_verify((string) $password, $user['password'])) { $loginToken = bin2hex(random_bytes(32)); if (! $userModel->update($user['id'], ['session_token' => $loginToken])) { return redirect()->back()->withInput()->with('error', 'Could not start session. Please try again.'); } session()->regenerate(); session()->set([ 'id' => $user['id'], 'role' => $user['role'], 'login_token' => $loginToken, ]); if ($user['role'] === 'admin') { return redirect()->to(site_url('admin/dashboard')); } if ($user['role'] === 'doctor') { return redirect()->to(site_url('doctor/dashboard')); } return redirect()->to(site_url('patient/dashboard')); } return redirect()->back()->withInput()->with('error', 'Invalid email or password.'); } public function logout() { $userId = (int) session()->get('id'); $token = (string) session()->get('login_token'); if ($userId > 0 && $token !== '') { $db = \Config\Database::connect(); $db->table('users') ->where('id', $userId) ->where('session_token', $token) ->update(['session_token' => null]); } session()->destroy(); return redirect()->to(site_url('/')); } public function forgotPassword() { return view('auth/forgot_password'); } public function processForgotPassword() { $rules = [ 'email' => 'required|valid_email', ]; if (! $this->validate($rules)) { return redirect()->back()->withInput(); } $userModel = new UserModel(); $email = $this->request->getPost('email'); $user = $userModel->where('email', $email)->first(); if (! $user) { return redirect()->back()->with('error', 'Email not found.'); } $resetToken = bin2hex(random_bytes(32)); $tokenExpires = date('Y-m-d H:i:s', strtotime('+30 minutes')); $userModel->update($user['id'], [ 'reset_token' => $resetToken, 'reset_token_expires' => $tokenExpires, ]); $resetLink = site_url("reset-password/$resetToken"); return redirect()->back()->with('success', "Reset link: $resetLink"); } public function resetPassword($token) { $userModel = new UserModel(); $user = $userModel->where('reset_token', $token)->first(); if (! $user || strtotime($user['reset_token_expires']) < time()) { return redirect()->to(site_url('/'))->with('error', 'Invalid or expired reset link.'); } return view('auth/reset_password', ['token' => $token]); } public function processResetPassword() { $rules = [ 'token' => 'required', 'password' => 'required|min_length[8]|regex_match[/^(?=.*[A-Z])(?=.*[a-z])(?=.*\d)(?=.*[^A-Za-z\d]).+$/]', ]; if (! $this->validate($rules)) { return redirect()->back()->withInput(); } $userModel = new UserModel(); $token = $this->request->getPost('token'); $newPassword = $this->request->getPost('password'); $user = $userModel->where('reset_token', $token)->first(); if (! $user || strtotime($user['reset_token_expires']) < time()) { return redirect()->to(site_url('/'))->with('error', 'Invalid or expired reset link.'); } $userModel->update($user['id'], [ 'password' => password_hash($newPassword, PASSWORD_DEFAULT), 'reset_token' => null, 'reset_token_expires' => null, ]); return redirect()->to(site_url('/'))->with('success', 'Password reset successful. You can now login.'); } }