Merge pull request #58 from NIAEFEUP/28-create-quest-grant-endpoint-w…

…ith-tokens 28 create quest grant endpoint with tokens
NIAEFEUP · Nov 11, 2024 · d581973 · d581973
2 parents 91a78b6 + 588d9ea
commit d581973
Show file tree

Hide file tree

Showing 7 changed files with 508 additions and 3 deletions.
diff --git a/app/Http/Controllers/QuestApiController.php b/app/Http/Controllers/QuestApiController.php
@@ -0,0 +1,75 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\Quest;
+use App\Models\Participant;
+use App\Models\User;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Validator;
+
+
+class QuestApiController extends Controller
+{
+    /**
+     * Assign a quest to a participant.
+     */
+    public function give(Request $request, Quest $quest): JsonResponse
+    {
+        $validator = Validator::make($request->all(), [
+            'quest_code' => 'required|exists:participants,quest_code',
+        ]);
+
+        if ($validator->fails()) {
+            return response()->json([
+                'status' => 'error',
+                'message' => 'Invalid input',
+                'errors' => $validator->errors(),
+            ], 400);
+        }
+        $editionId = $request->input('edition')->id;
+        if ($editionId === null) {
+            return response()->json([
+                'status' => 'error',
+                'message' => 'Edition not found!',
+            ], 404);
+        }
+        $participant = Participant::firstWhere('quest_code', $request->get('quest_code'));
+
+        if ($participant=== null) {
+            return response()->json([
+                'status' => 'error',
+                'message' => 'Participant not found!',
+            ], 404);
+        };
+
+        $enrollment = $participant->enrollments()->where('edition_id', $editionId)->first();
+        if ($enrollment === null) {
+            return response()->json([
+                'status' => 'error',
+                'message' => 'Participant not enrolled in this edition!',
+            ], 412);
+        }
+
+        try {
+            $enrollment->quests()->attach($quest);
+        } catch (\Exception $e) {
+            Log::error("Failed to attach quest (ID: {$quest->id}) to enrollment (ID: {$enrollment->id})", [
+                'error' => $e->getMessage(),
+                'trace' => $e->getTraceAsString(),
+            ]);
+            return response()->json([
+                'status' => 'error',
+                'message' => 'Failed to assign quest',
+            ], 500);
+        }
+
+
+        return response()->json([
+            'status' => 'success',
+            'message' => 'Quest assigned successfully!',
+        ], 200);
+    }
+}
diff --git a/app/Http/Controllers/QuestController.php b/app/Http/Controllers/QuestController.php
@@ -15,7 +15,6 @@ public function give(Request $request, Quest $quest)
         $request->validate([
             'quest_code' => 'required|exists:participants,quest_code',
         ]);
-
         $edition = $request->input('edition');
         $participant = Participant::firstWhere('quest_code', $request->get('quest_code'));
         $enrollment = $participant->enrollments()->where('edition_id', $edition?->id)->first();
@@ -50,4 +49,5 @@ public function give(Request $request, Quest $quest)
 
         return redirect()->back()->banner('Tarefa atribuída com sucesso!');
     }
+
 }
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
@@ -47,6 +47,7 @@ class Kernel extends HttpKernel
             // \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
             \Illuminate\Routing\Middleware\ThrottleRequests::class.':api',
             \Illuminate\Routing\Middleware\SubstituteBindings::class,
+            \App\Http\Middleware\AuthTokenMiddleware::class,
         ],
     ];
 
@@ -68,5 +69,6 @@ class Kernel extends HttpKernel
         'signed' => \App\Http\Middleware\ValidateSignature::class,
         'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
         'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
+        'auth.token' => \App\Http\Middleware\AuthTokenMiddleware::class,
     ];
 }
diff --git a/app/Http/Middleware/AuthTokenMiddleware.php b/app/Http/Middleware/AuthTokenMiddleware.php
@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+
+class AuthTokenMiddleware
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        $token = $request->bearerToken();
+        $authToken = env('AUTH_TOKEN_CTF');
+
+        if ($token !== $authToken) {
+            return response()->json(['message' => 'Unauthorized'], 401);
+        }
+
+
+        return $next($request);
+    }
+}
diff --git a/composer.json b/composer.json
@@ -9,6 +9,7 @@
     "license": "MIT",
     "require": {
         "php": "^8.1",
+        "doctrine/dbal": "^3.5.1",
         "fedeisas/laravel-mail-css-inliner": "^5.2",
         "guzzlehttp/guzzle": "^7.2",
         "http-interop/http-factory-guzzle": "^1.2",