= fb7b1e3721 Feat: Configure Laravel Passport for API authentication
- Added `PassportServiceProvider` to configure token expiration intervals.
- Updated `User` model with `HasApiTokens` trait and `OAuthenticatable` interface for Passport support.
- Registered `PassportServiceProvider` in `bootstrap/providers.php`.
2026-06-18 10:33:58 +00:00

92 lines
2.5 KiB
PHP

<?php
declare(strict_types=1);
namespace App\Models;
// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Admin9\OidcServer\Concerns\HasOidcClaims;
use Admin9\OidcServer\Contracts\OidcUserInterface;
use Carbon\CarbonImmutable;
use Database\Factories\UserFactory;
use DateTime;
use Illuminate\Database\Eloquent\Attributes\{Fillable, Hidden};
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Relations\{BelongsToMany, HasMany};
use Illuminate\Database\Eloquent\SoftDeletes;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Illuminate\Support\Str;
use Laravel\Fortify\TwoFactorAuthenticatable;
use Laravel\Passport\Contracts\OAuthenticatable;
use Laravel\Passport\HasApiTokens;
use Spatie\Permission\Models\Permission;
use Spatie\Permission\Traits\HasRoles;
/**
* @property DateTime|CarbonImmutable|null $keka_ms_token_expires_at
*/
#[Fillable(['name', 'email', 'password', 'immutable_id'])]
#[Hidden(['password', 'two_factor_secret', 'two_factor_recovery_codes', 'remember_token'])]
final class User extends Authenticatable implements OAuthenticatable, OidcUserInterface
{
/** @use HasFactory<UserFactory> */
use HasApiTokens, HasFactory, HasOidcClaims, SoftDeletes;
use HasRoles;
use Notifiable;
use TwoFactorAuthenticatable;
public function restrictedPermissions(): BelongsToMany
{
return $this->belongsToMany(
Permission::class,
'restricted_user_permissions',
'user_id',
'permission_id'
)->withPivot('role_id')->withTimestamps();
}
/**
* Get the user's initials
*/
public function initials(): string
{
return Str::of($this->name)
->explode(' ')
->take(2)
->map(fn ($word) => Str::substr($word, 0, 1))
->implode('');
}
/**
* Get the OAuth token for a specific provider.
*/
public function oauthToken(string $provider): ?OauthToken
{
return $this->oauthTokens()->forProvider($provider)->first();
}
/**
* @return HasMany<OauthToken, $this>
*/
public function oauthTokens(): HasMany
{
return $this->hasMany(OauthToken::class);
}
/**
* Get the attributes that should be cast.
*
* @return array<string, string>
*/
protected function casts(): array
{
return [
'email_verified_at' => 'datetime',
'password' => 'hashed',
'keka_ms_token_expires_at' => 'datetime',
];
}
}