Aplmpliedl manual JWT check and restored all driver fields68j2

2026-04-25 16:58:16 +03:00
parent f535f7db1d
commit 671b90a954
3 changed files with 79 additions and 6 deletions
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@@ -602,6 +602,77 @@ class AuthController extends Controller
            'message' => [$driver] // Add driver data in message for unified access
        ]);
    }
+    public function getWalletToken(Request $request): JsonResponse
+    {
+        $request->validate([
+            'id' => 'required|string',
+            'password' => 'required|string',
+            'aud' => 'required|string',
+            'fingerPrint' => 'required|string'
+        ]);
+
+        $id = $request->input('id');
+        $password = $request->input('password');
+        $audience = $request->input('aud');
+        $fingerPrint = $request->input('fingerPrint');
+
+        // Check if audience is allowed
+        $allowedAudiences = [config('intaleq.allowed_wallet_1'), config('intaleq.allowed_wallet_2')];
+        if (!in_array($audience, $allowedAudiences)) {
+            return $this->failure('Invalid audience');
+        }
+
+        // Verify password (matches passnpassenger)
+        $passwordNewPassenger = config('intaleq.password_new_passenger');
+        if (!password_verify($password, $passwordNewPassenger)) {
+            return $this->failure('Invalid credentials', 401);
+        }
+
+        // Check fingerprint
+        $storedToken = DB::connection('primary')->table('driverToken')
+            ->where('captain_id', $id)
+            ->first();
+
+        if (!$storedToken) {
+            return $this->failure('No token record found for this driver.', 403);
+        }
+
+        // Fingerprint verification
+        $fpVerified = false;
+        $fpPepper = config('intaleq.fp_pepper', '');
+        $storedFp = $storedToken->fingerPrint ?? '';
+
+        if (!empty($fpPepper)) {
+            $expectedHash = hash('sha256', $fingerPrint . $fpPepper);
+            $fpVerified = hash_equals($storedFp, $expectedHash);
+            if (!$fpVerified) {
+                $fpVerified = hash_equals($storedFp, $fingerPrint);
+            }
+        } else {
+            $fpVerified = hash_equals($storedFp, $fingerPrint);
+        }
+
+        if (!$fpVerified) {
+            \Log::warning('Wallet FP mismatch', ['driver_id' => $id, 'provided' => $fingerPrint, 'stored' => $storedFp]);
+            return $this->failure('Device fingerprint verification failed', 403);
+        }
+
+        // Generate Wallet JWT
+        $secretKeyPay = trim(config('intaleq.secret_key_pay', ''));
+        if (empty($secretKeyPay) && file_exists('/home/intaleq-api/.secret_key_pay')) {
+            $secretKeyPay = trim(file_get_contents('/home/intaleq-api/.secret_key_pay'));
+        }
+
+        $jwt = $this->createWalletJwt($id, $fingerPrint, $audience, 300, $secretKeyPay);
+        $hmac = hash_hmac('sha256', $id, config('intaleq.secret_key_hmac', ''));
+
+        return response()->json([
+            'status' => 'success',
+            'jwt' => $jwt,
+            'hmac' => $hmac,
+            'expires_in' => 300,
+        ]);
+    }

    // ══════════════════════════════════════════════
    // WALLET LOGIN