validate([ 'email' => 'required|email', 'password' => 'required', ]); $user = User::where('email', $request->email)->first(); if (! $user || ! Hash::check($request->password, $user->password)) { return response()->json([ 'status' => 'error', 'message' => 'Invalid credentials' ], 401); } // Create Token (Device name is optional) $token = $user->createToken($request->device_name ?? 'api-client')->plainTextToken; return response()->json([ 'status' => 'success', 'message' => 'Login successful', 'data' => [ 'user' => $user, 'access_token' => $token, 'token_type' => 'Bearer', ] ]); } /** * Get User Profile * * Returns the authenticated user's information. */ public function me(Request $request) { return response()->json([ 'status' => 'success', 'data' => [ 'user' => $request->user() ] ]); } /** * Logout * * Revokes the user's current access token. */ public function logout(Request $request) { $request->user()->currentAccessToken()->delete(); return response()->json([ 'status' => 'success', 'message' => 'Token revoked' ]); } }