Add password while subscribe to insurance

.gitignore

@@ -7,3 +7,4 @@ Homestead.yaml
 /resources/views/vendor
 /storage/api-docs
 /public/swagger-ui-assets
+composer.lock

app/Http/Controllers/InsuranceController.php

@@ -174,7 +174,7 @@ class InsuranceController extends Controller
      *     @OA\MediaType(
      *                mediaType="application/json",
      *        @OA\Schema(ref="#/components/schemas/subscribe_incurance"),
-     *        example = {"network_id":250,"user_id":20,"month_price_id":3,"bonus_amount":20000,"beneficiaries":{{"lastname":"Djery","firstname":"DI","gender":"M","birthdate":"2001-10-05",
+     *        example = {"network_id":250,"user_id":20,"password" : "1234", "month_price_id":3,"bonus_amount":20000,"beneficiaries":{{"lastname":"Djery","firstname":"DI","gender":"M","birthdate":"2001-10-05",
      *     "affiliation":"CHILD","birthdate_proof":"CERTIFIED_COPY","birthdate_proof_doc":"birth.jpg","justice_doc":"just.png","marriage_certificate_doc":"mariage.png",
      *     "id_document_type":"CNI","id_document_front":"cni_front.jpg","id_document_back":"cni_front.jpg"}}}
      *      )
@@ -206,6 +206,11 @@ class InsuranceController extends Controller
          *                        example=300,
          *                        description="ID l'utilisateur identifié"
          *                    ),
+         *               @OA\Property(property="password",
+         *                        type="integer",
+         *                        example=300,
+         *                        description="Mot de passe de l'utilisateur identifié"
+         *                    ),
          *                  @OA\Property(property="month_price_id",
          *                        type="integer",
          *                        example=2,
@@ -295,6 +300,7 @@ class InsuranceController extends Controller
         $this->validate($request, [
             'network_id' => 'required|integer|exists:networks,id',
             'user_id' => 'required|integer|exists:users,id',
+            'password' => 'required|string',
             'month_price_id' => 'required|integer|exists:nh_months_prices_grid,id',
             'bonus_amount' => 'required|numeric|min:0',
             'beneficiaries' => 'required|array',
@@ -315,6 +321,9 @@ class InsuranceController extends Controller
         if (!isset($identification))
             return $this->errorResponse(trans('errors.user_identification_required'));
 
+        if (!$this->checkPassword($request->password, $identification->user->encrypted_password, $identification->user->salt))
+            return $this->errorResponse(trans('messages.incorrect_user_password'));
+
         $networkConfig = NhNetworksConfig::where('network_id', $request->input('network_id'))->first();
         if (!isset($networkConfig) || $networkConfig->configWallet->type != 'ilink_sante')
             return $this->errorResponse(trans('errors.nano_health_not_activated'));

app/Traits/Helper.php

@@ -43,4 +43,10 @@ trait Helper
         }
         return $randomString;
     }
+
+    public function checkPassword($password, $encrypted_password, $salt)
+    {
+        $encrypted_password_to_check = base64_encode(sha1($password . $salt, true) . $salt);
+        return $encrypted_password_to_check == $encrypted_password;
+    }
 }

public/swagger-ui-assets/index.html

@@ -1,57 +0,0 @@
-<!-- HTML for static distribution bundle build -->
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <title>Swagger UI</title>
-    <link href="./swagger-ui.css" rel="stylesheet" type="text/css"/>
-    <link href="./favicon-32x32.png" rel="icon" sizes="32x32" type="image/png"/>
-    <link href="./favicon-16x16.png" rel="icon" sizes="16x16" type="image/png"/>
-    <style>
-        html {
-            box-sizing: border-box;
-            overflow: -moz-scrollbars-vertical;
-            overflow-y: scroll;
-        }
-
-        *,
-        *:before,
-        *:after {
-            box-sizing: inherit;
-        }
-
-        body {
-            margin: 0;
-            background: #fafafa;
-        }
-    </style>
-</head>
-
-<body>
-<div id="swagger-ui"></div>
-
-<script charset="UTF-8" src="./swagger-ui-bundle.js"></script>
-<script charset="UTF-8" src="./swagger-ui-standalone-preset.js"></script>
-<script>
-    window.onload = function () {
-        // Begin Swagger UI call region
-        const ui = SwaggerUIBundle({
-            url: "https://petstore.swagger.io/v2/swagger.json",
-            dom_id: '#swagger-ui',
-            deepLinking: true,
-            presets: [
-                SwaggerUIBundle.presets.apis,
-                SwaggerUIStandalonePreset
-            ],
-            plugins: [
-                SwaggerUIBundle.plugins.DownloadUrl
-            ],
-            layout: "StandaloneLayout"
-        });
-        // End Swagger UI call region
-
-        window.ui = ui;
-    };
-</script>
-</body>
-</html>

public/swagger-ui-assets/oauth2-redirect.html

@@ -1,78 +0,0 @@
-<!doctype html>
-<html lang="en-US">
-<head>
-    <title>Swagger UI: OAuth2 Redirect</title>
-</head>
-<body>
-<script>
-    'use strict';
-
-    function run() {
-        var oauth2 = window.opener.swaggerUIRedirectOauth2;
-        var sentState = oauth2.state;
-        var redirectUrl = oauth2.redirectUrl;
-        var isValid, qp, arr;
-
-        if (/code|token|error/.test(window.location.hash)) {
-            qp = window.location.hash.substring(1);
-        } else {
-            qp = location.search.substring(1);
-        }
-
-        arr = qp.split("&");
-        arr.forEach(function (v, i, _arr) {
-            _arr[i] = '"' + v.replace('=', '":"') + '"';
-        });
-        qp = qp ? JSON.parse('{' + arr.join() + '}',
-            function (key, value) {
-                return key === "" ? value : decodeURIComponent(value);
-            }
-        ) : {};
-
-        isValid = qp.state === sentState;
-
-        if ((
-            oauth2.auth.schema.get("flow") === "accessCode" ||
-            oauth2.auth.schema.get("flow") === "authorizationCode" ||
-            oauth2.auth.schema.get("flow") === "authorization_code"
-        ) && !oauth2.auth.code) {
-            if (!isValid) {
-                oauth2.errCb({
-                    authId: oauth2.auth.name,
-                    source: "auth",
-                    level: "warning",
-                    message: "Authorization may be unsafe, passed state was changed in server Passed state wasn't returned from auth server"
-                });
-            }
-
-            if (qp.code) {
-                delete oauth2.state;
-                oauth2.auth.code = qp.code;
-                oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
-            } else {
-                let oauthErrorMsg;
-                if (qp.error) {
-                    oauthErrorMsg = "[" + qp.error + "]: " +
-                        (qp.error_description ? qp.error_description + ". " : "no accessCode received from the server. ") +
-                        (qp.error_uri ? "More info: " + qp.error_uri : "");
-                }
-
-                oauth2.errCb({
-                    authId: oauth2.auth.name,
-                    source: "auth",
-                    level: "error",
-                    message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server"
-                });
-            }
-        } else {
-            oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});
-        }
-        window.close();
-    }
-
-    window.addEventListener('DOMContentLoaded', function () {
-        run();
-    });
-</script>
-</body>
-</html>