Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
95.00% covered (success)
95.00%
38 / 40
50.00% covered (danger)
50.00%
1 / 2
 CRAP
0.00% covered (danger)
0.00%
0 / 1
Auth
95.00% covered (success)
95.00%
38 / 40
50.00% covered (danger)
50.00%
1 / 2
 8
0.00% covered (danger)
0.00%
0 / 1
 __construct
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 1
 login
94.87% covered (success)
94.87%
37 / 39
0.00% covered (danger)
0.00%
0 / 1
 7.01
1<?php
2
3namespace App\Http\Controllers;
4use Illuminate\Http\JsonResponse;
5use Illuminate\Http\Request;
6
7use App\Services\AuthService;
8use Illuminate\Support\Facades\Http;
9use Illuminate\Support\Facades\Log;
10
11class Auth extends Controller
12{
13    private $authService;
14
15    /**
16     * HTTP status codes and their corresponding error messages.
17     * @var array<int, string>
18     */
19    private $statusError = [
20        404 => "Page not found",
21        401 => "Unauthorized",
22        500 => "Internal Server Error",
23        502 => "Bad Gateway",
24    ];
25
26    private $statusException = [
27        200,
28        201,
29        401,
30        404
31    ];
32
33    public function __construct(AuthService $authService) {
34        $this->authService = $authService;
35    }
36
37    /**
38     * Authenticate a user and return an API token.
39     *
40     * @param Request $request Expected keys: 'email' (string), 'password' (string)
41     * @return JsonResponse
42     * @response {
43     *   "token": "string",
44     *   "token_expires_at": "datetime",
45     *   "token_type": "Bearer"
46     * }
47     */
48    public function login(Request $request)
49    {
50        try {
51            if (empty($request->all())) {
52                throw new \Exception('Request parameters not set', 404);
53            }
54
55            $request->validate([
56                'email' => 'required|string|email',
57                'password' => 'required|string',
58            ]);
59
60            $token = null;
61
62            if($request->header('X-Auth-Token') && $request->header('X-Request-Source') == "external_app"){
63                $token =  $this->authService->validateCrossAppToken($request->header('X-Auth-Token'));
64            }
65
66            $tokenData = $this->authService->login(
67                $request->input('email'),
68                $request->input('password'),
69                $token
70            );
71
72            if(!$token){
73                $crossAppToken = $this->authService->generateCrossAppToken($tokenData['api_token']);
74
75                $response = Http::withHeaders([
76                    'X-Auth-Token' => $crossAppToken,
77                    'X-Request-Source' => "external_app",
78                ])->asForm()->post('https://crm.fireservicetitan.com:8081/api/login', [
79                    'email' => $request->input('email'),
80                    'password' => $request->input('password'),
81                ]);
82
83                /*if (!in_array($response->status(), $this->statusException, true)) {
84                    throw new \Exception('Connection Auth failed', 502);
85                }*/
86                Log::channel('third-party')->warning("Not token generated in crm for " . $request->input('email'));
87            }
88
89            return response()->json([
90                'token' => $tokenData['api_token'],
91                'token_expires_at' => $tokenData['token_expires_at'],
92                'token_type' => 'Bearer'
93            ]);
94
95        } catch (\Exception $e) {
96            $code = $e->getCode() ?: 500;
97
98            Log::channel('third-party')->error("Auth error: {$e->getMessage()}", [
99                'code' => $code,
100                'email' => $request->input('email'),
101            ]);
102
103            return response()->json(
104                ['error' => $this->statusError[$code]],
105                $code
106            );
107        }
108    }
109}