138 lines
4.8 KiB
PHP
138 lines
4.8 KiB
PHP
<?php
|
|
/**
|
|
* Nabeh Integration — Resolve Phone → User ID
|
|
*
|
|
* Called by the payment server (server-to-server) to resolve
|
|
* a phone number to a driverID or passengerID.
|
|
*
|
|
* Why: The wallet's invoice tables (invoices_shamcash, cliq_invoices, etc.)
|
|
* store driverID/passengerID, NOT phone numbers. Only the Siro main DB
|
|
* has the phone→userID mapping (with encryption).
|
|
*
|
|
* This endpoint bridges that gap:
|
|
* Payment Server (phone) → Siro Backend (resolve_user.php) → driverID
|
|
* Payment Server (driverID) → Wallet DB → pending invoices → AI verify
|
|
*
|
|
* Auth: X-API-Key header → NABEH_API_KEY
|
|
*/
|
|
|
|
require_once __DIR__ . '/../core/bootstrap.php';
|
|
|
|
header('Access-Control-Allow-Origin: *');
|
|
header('Access-Control-Allow-Methods: POST, OPTIONS');
|
|
header('Access-Control-Allow-Headers: Content-Type, X-API-Key');
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
|
|
http_response_code(200);
|
|
exit;
|
|
}
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
http_response_code(405);
|
|
echo json_encode(['status' => 'failure', 'message' => 'Method not allowed']);
|
|
exit;
|
|
}
|
|
|
|
$apiKey = $_SERVER['HTTP_X_API_KEY'] ?? '';
|
|
$expectedKey = getenv('NABEH_API_KEY') ?: '';
|
|
|
|
if (empty($apiKey) || $apiKey !== $expectedKey) {
|
|
http_response_code(401);
|
|
echo json_encode(['status' => 'failure', 'message' => 'Unauthorized']);
|
|
exit;
|
|
}
|
|
|
|
$input = json_decode(file_get_contents('php://input'), true);
|
|
$rawPhone = preg_replace('/\D+/', '', $input['phone'] ?? '');
|
|
|
|
if (empty($rawPhone)) {
|
|
http_response_code(400);
|
|
echo json_encode(['status' => 'failure', 'message' => 'Phone number is required']);
|
|
exit;
|
|
}
|
|
|
|
// تطبيع رقم الهاتف حسب الدولة (بدون +، بدون أصفار زائدة)
|
|
// حتى يتطابق مع التخزين في قاعدة البيانات (مثال: 9639XXXXXXX)
|
|
function normalizePhone($phone) {
|
|
$clean = preg_replace('/\D+/', '', $phone);
|
|
// Syria: 099XXXXXXX → 9639XXXXXXX
|
|
if (strlen($clean) === 10 && strpos($clean, '09') === 0) return '963' . substr($clean, 1);
|
|
if (strlen($clean) === 12 && strpos($clean, '963') === 0) return $clean;
|
|
if (strlen($clean) === 9 && strpos($clean, '9') === 0) return '963' . $clean;
|
|
// Jordan: 079XXXXXXX → 9627XXXXXXX
|
|
if (strlen($clean) === 10 && strpos($clean, '07') === 0) return '962' . substr($clean, 1);
|
|
if (strlen($clean) === 12 && strpos($clean, '962') === 0) return $clean;
|
|
if (strlen($clean) === 9 && strpos($clean, '7') === 0) return '962' . $clean;
|
|
// Egypt: 010XXXXXXXX → 2010XXXXXXXX
|
|
if (strlen($clean) === 11 && strpos($clean, '01') === 0) return '20' . substr($clean, 1);
|
|
if (strlen($clean) === 13 && strpos($clean, '20') === 0) return $clean;
|
|
return $clean;
|
|
}
|
|
$phone = normalizePhone($rawPhone);
|
|
|
|
try {
|
|
$db = Database::get('main');
|
|
global $encryptionHelper;
|
|
|
|
$encryptedPhone = $encryptionHelper->encryptData($phone);
|
|
|
|
// Look for driver first
|
|
$stmt = $db->prepare(
|
|
"SELECT id, phone, first_name, last_name FROM driver WHERE phone = :phone LIMIT 1"
|
|
);
|
|
$stmt->execute([':phone' => $encryptedPhone]);
|
|
$driver = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if ($driver) {
|
|
echo json_encode([
|
|
'status' => 'success',
|
|
'data' => [
|
|
'user_id' => $driver['id'],
|
|
'phone' => $encryptionHelper->decryptData($driver['phone']),
|
|
'name' => trim(
|
|
$encryptionHelper->decryptData($driver['first_name'])
|
|
. ' ' .
|
|
$encryptionHelper->decryptData($driver['last_name'])
|
|
),
|
|
'type' => 'driver',
|
|
],
|
|
], JSON_UNESCAPED_UNICODE);
|
|
exit;
|
|
}
|
|
|
|
// Fallback: look for passenger
|
|
$stmt = $db->prepare(
|
|
"SELECT id, phone, first_name, last_name FROM passengers WHERE phone = :phone LIMIT 1"
|
|
);
|
|
$stmt->execute([':phone' => $encryptedPhone]);
|
|
$passenger = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if ($passenger) {
|
|
echo json_encode([
|
|
'status' => 'success',
|
|
'data' => [
|
|
'user_id' => $passenger['id'],
|
|
'phone' => $encryptionHelper->decryptData($passenger['phone']),
|
|
'name' => trim(
|
|
$encryptionHelper->decryptData($passenger['first_name'])
|
|
. ' ' .
|
|
$encryptionHelper->decryptData($passenger['last_name'])
|
|
),
|
|
'type' => 'passenger',
|
|
],
|
|
], JSON_UNESCAPED_UNICODE);
|
|
exit;
|
|
}
|
|
|
|
echo json_encode([
|
|
'status' => 'success',
|
|
'data' => null,
|
|
'message' => 'User not found',
|
|
]);
|
|
|
|
} catch (\Exception $e) {
|
|
error_log("[ResolveUser Error] " . $e->getMessage());
|
|
http_response_code(500);
|
|
echo json_encode(['status' => 'failure', 'message' => 'Internal server error']);
|
|
}
|