From 2ee8605efb10b8088d44908731db9d1ddcfc544e Mon Sep 17 00:00:00 2001
From: Bozhidar <bobicloudvision@gmail.com>
Date: Mon, 13 May 2024 00:58:50 +0300
Subject: [PATCH] add single sign on with WHMCS

---
 .../Controllers/Api/CustomersController.php   | 50 +++++++++++++++++++
 web/app/Models/Customer.php                   |  2 +
 web/routes/api.php                            |  6 ++-
 web/routes/web.php                            |  3 ++
 4 files changed, 60 insertions(+), 1 deletion(-)

diff --git a/web/app/Http/Controllers/Api/CustomersController.php b/web/app/Http/Controllers/Api/CustomersController.php
index 227550e..240d38e 100644
--- a/web/app/Http/Controllers/Api/CustomersController.php
+++ b/web/app/Http/Controllers/Api/CustomersController.php
@@ -6,6 +6,9 @@ use App\Http\Controllers\Api\Request\CustomerCreateRequest;
 use App\Http\Controllers\ApiController;
 use App\Models\Customer;
 use App\Models\HostingSubscription;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Laravel\Sanctum\PersonalAccessToken;
 
 class CustomersController extends ApiController
 {
@@ -130,4 +133,51 @@ class CustomersController extends ApiController
             ],
         ]);
     }
+
+    public function loginWithToken($customerId, Request $request)
+    {
+        $findCustomer = Customer::where('id', $customerId)->first();
+        if (!$findCustomer) {
+            return response()->json([
+                'status' => 'error',
+                'message' => 'Customer not found',
+            ], 404);
+        }
+
+
+        $findToken = $findCustomer->tokens()->where('token', $request->token)->where('name', 'externalLogin')->first();
+        if (!$findToken) {
+            return response()->json([
+                'status' => 'error',
+                'message' => 'Token not found',
+            ], 404);
+        }
+
+        Auth::guard('web_customer')->loginUsingId($findCustomer->id);
+
+        return redirect('/customer');
+    }
+    public function generateLoginToken($customerId, Request $request)
+    {
+        $findCustomer = Customer::where('id', $customerId)->first();
+        if (! $findCustomer) {
+            return response()->json([
+                'status' => 'error',
+                'message' => 'Customer not found',
+            ], 404);
+        }
+
+        $findCustomer->tokens()->delete();
+
+        $token = $findCustomer->createToken('externalLogin',['*'], now()->addMinute());
+
+        return response()->json([
+            'status' => 'ok',
+            'message' => 'Token generated',
+            'data' => [
+                'token' => $token->accessToken->token,
+            ],
+        ]);
+
+    }
 }
diff --git a/web/app/Models/Customer.php b/web/app/Models/Customer.php
index f4ef0d1..3631c0b 100644
--- a/web/app/Models/Customer.php
+++ b/web/app/Models/Customer.php
@@ -5,9 +5,11 @@ namespace App\Models;
 use App\ApiSDK\PhyreApiSDK;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Foundation\Auth\User as Authenticatable;
+use Laravel\Sanctum\HasApiTokens;
 
 class Customer extends Authenticatable
 {
+    use HasApiTokens;
     use HasFactory;
 
     protected $fillable = [
diff --git a/web/routes/api.php b/web/routes/api.php
index 1ae4d89..235afd2 100644
--- a/web/routes/api.php
+++ b/web/routes/api.php
@@ -24,7 +24,11 @@ Route::middleware(\App\Http\Middleware\ApiKeyMiddleware::class)->group(function(
     Route::get('customers/{id}', [\App\Http\Controllers\Api\CustomersController::class, 'show'])->name('api.customers.show');
     Route::put('customers/{id}', [\App\Http\Controllers\Api\CustomersController::class, 'update'])->name('api.customers.update');
     Route::delete('customers/{id}', [\App\Http\Controllers\Api\CustomersController::class, 'destroy'])->name('api.customers.destroy');
-    Route::get('customers/{id}/hosting-subscriptions', [\App\Http\Controllers\Api\CustomersController::class, 'getHostingSubscriptionsByCustomerId'])->name('api.customers.hosting-subscriptions');
+    Route::get('customers/{id}/hosting-subscriptions', [\App\Http\Controllers\Api\CustomersController::class, 'getHostingSubscriptionsByCustomerId'])
+        ->name('api.customers.hosting-subscriptions');
+
+    Route::get('/customers/{id}/generate-login-token', [\App\Http\Controllers\Api\CustomersController::class, 'generateLoginToken'])
+        ->name('api.customers.generate-login-token');
 
     // Hosting subscriptions
     Route::get('hosting-subscriptions', [\App\Http\Controllers\Api\HostingSubscriptionsController::class, 'index'])->name('api.hosting-subscriptions.index');
diff --git a/web/routes/web.php b/web/routes/web.php
index 81ac968..04b4ac7 100644
--- a/web/routes/web.php
+++ b/web/routes/web.php
@@ -31,3 +31,6 @@ Route::get('/installer', \App\Livewire\Installer::class);
 
 Route::get('backup/download', [\App\Http\Controllers\BackupDownloadController::class, 'download'])
     ->name('backup.download');
+
+Route::get('/customers/{id}/login-with-token', [\App\Http\Controllers\Api\CustomersController::class, 'loginWithToken'])
+    ->name('customers.login-with-token');