From ee9c0f3a044abd948a356591d605889cadab1a82 Mon Sep 17 00:00:00 2001 From: Hamza-Ayed Date: Sat, 25 Apr 2026 13:32:35 +0300 Subject: [PATCH] Applied manual JWT check and restored all driver fields2 --- app/Http/Controllers/AuthController.php | 11 +- app/Http/Controllers/InviteController.php | 5 +- .../Controllers/NotificationController.php | 8 +- app/Http/Controllers/ProfileController.php | 16 +- app/Http/Controllers/PromoController.php | 2 +- app/Http/Controllers/RatingController.php | 2 +- app/Http/Controllers/RideController.php | 12 +- app/Http/Controllers/TrackingController.php | 8 +- app/Http/Controllers/WalletController.php | 193 ------------------ app/Models/PassengerWallet.php | 23 --- routes/api.php | 13 +- 11 files changed, 36 insertions(+), 257 deletions(-) delete mode 100644 app/Http/Controllers/WalletController.php delete mode 100644 app/Models/PassengerWallet.php diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php index f49d28b..d1f2ac5 100644 --- a/app/Http/Controllers/AuthController.php +++ b/app/Http/Controllers/AuthController.php @@ -438,8 +438,8 @@ class AuthController extends Controller $driver['year'] = $driver['year'] ?? ''; return response()->json([ - 'status' => 'success', - 'data' => [$driver] + 'status' => 'Success', + 'message' => [$driver] ]); } @@ -472,7 +472,7 @@ class AuthController extends Controller ->first(); if (!$row) { - return response()->json(['status' => 'Failure', 'data' => 'User does not exist.']); + return response()->json(['status' => 'Failure', 'message' => 'User does not exist.']); } $driver = (array) $row; @@ -499,7 +499,7 @@ class AuthController extends Controller return response()->json([ 'status' => 'success', 'count' => 1, - 'data' => [$driver] + 'message' => [$driver] ]); } @@ -597,7 +597,8 @@ class AuthController extends Controller 'jwt' => $jwt, 'expires_in' => 14400, 'api_key' => $driver->api_key, - 'api_secret' => $driver->api_secret + 'api_secret' => $driver->api_secret, + 'message' => [$driver] // Add driver data in message for unified access ]); } diff --git a/app/Http/Controllers/InviteController.php b/app/Http/Controllers/InviteController.php index f1a4e89..3682f79 100644 --- a/app/Http/Controllers/InviteController.php +++ b/app/Http/Controllers/InviteController.php @@ -20,10 +20,11 @@ class InviteController extends Controller /** POST /v2/invites/driver */ public function inviteDriver(Request $request): JsonResponse { - if (!$request->has(['driverId', 'inviterDriverPhone'])) { + if (!$request->filled('driverId') || !$request->filled('inviterDriverPhone')) { + \Log::warning('Invite driver parameters missing: ' . json_encode($request->all())); return response()->json([ 'status' => 'failure', - 'message' => 'Missing required parameters' + 'message' => 'Missing required parameters: driverId or inviterDriverPhone' ]); } diff --git a/app/Http/Controllers/NotificationController.php b/app/Http/Controllers/NotificationController.php index 831a7e3..d4a7614 100644 --- a/app/Http/Controllers/NotificationController.php +++ b/app/Http/Controllers/NotificationController.php @@ -40,7 +40,7 @@ class NotificationController extends Controller ->get(); } - return response()->json(['status' => 'success', 'data' => $notifications, 'message' => $notifications]); + return response()->json(['status' => 'success', 'message' => $notifications]); } /** PUT /v2/notifications/{id}/read */ @@ -109,7 +109,7 @@ class NotificationController extends Controller } if ($userType === 'driver') { - DB::connection('primary')->table('captainToken') + DB::connection('primary')->table('driverToken') ->updateOrInsert( ['captain_id' => $userId], [ @@ -144,7 +144,7 @@ class NotificationController extends Controller } if ($userType === 'driver') { - $data = DB::connection('primary')->table('captainToken') + $data = DB::connection('primary')->table('driverToken') ->where('captain_id', $userId) ->first(); } else { @@ -159,7 +159,7 @@ class NotificationController extends Controller return response()->json([ 'status' => 'success', - 'data' => [ + 'message' => [ 'token' => $data->token, 'fingerPrint' => $data->fingerPrint ?? null, ] diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php index 5f7efea..ced0603 100644 --- a/app/Http/Controllers/ProfileController.php +++ b/app/Http/Controllers/ProfileController.php @@ -46,17 +46,15 @@ class ProfileController extends Controller $data = $this->enc->decryptFields($data, Passenger::ENCRYPTED_FIELDS); unset($data['password'], $data['api_secret']); - // Attach wallet balance - $wallet = DB::connection('primary')->table('passengerWallet') - ->where('passenger_id', $id)->first(); - $data['wallet_balance'] = $wallet->balance ?? '0.00'; + // Note: Wallet balance is managed by the dedicated payment server. + // Flutter fetches it directly via the wallet JWT token. // Attach rating $rating = DB::connection('primary')->table('ratingPassenger') ->where('passenger_id', $id)->avg('rating'); $data['rating'] = round($rating ?? 5.0, 2); - return response()->json(['status' => 'success', 'data' => $data]); + return response()->json(['status' => 'success', 'message' => $data]); } /** @@ -89,16 +87,14 @@ class ProfileController extends Controller // Rating $data['rating'] = $driver->getAverageRating(); - // Wallet Balance - $wallet = DB::connection('primary')->table('captain_wallet') - ->where('captain_id', $id)->first(); - $data['wallet_balance'] = $wallet->balance ?? '0.00'; + // Note: Wallet balance is managed by the dedicated payment server. + // Flutter fetches it directly via the wallet JWT token. // Ride count $data['ride_count'] = DB::connection('ride')->table('ride') ->where('driver_id', $id)->where('status', 'finish')->count(); - return response()->json(['status' => 'success', 'data' => $data]); + return response()->json(['status' => 'success', 'message' => $data]); } /** diff --git a/app/Http/Controllers/PromoController.php b/app/Http/Controllers/PromoController.php index caaf82d..b9ccbea 100644 --- a/app/Http/Controllers/PromoController.php +++ b/app/Http/Controllers/PromoController.php @@ -34,7 +34,7 @@ class PromoController extends Controller }) ->get(); - return response()->json(['status' => 'success', 'data' => $promos, 'message' => $promos]); + return response()->json(['status' => 'success', 'message' => $promos]); } /** GET /v2/promos/check?code=XXX */ diff --git a/app/Http/Controllers/RatingController.php b/app/Http/Controllers/RatingController.php index 73dbb59..095ca85 100644 --- a/app/Http/Controllers/RatingController.php +++ b/app/Http/Controllers/RatingController.php @@ -123,7 +123,7 @@ class RatingController extends Controller return response()->json([ 'status' => 'success', - 'data' => [ + 'message' => [ 'average' => round($avg ?? 5.0, 2), 'count' => $ratings->count(), 'ratings' => $ratings, diff --git a/app/Http/Controllers/RideController.php b/app/Http/Controllers/RideController.php index 39bac7c..441579b 100644 --- a/app/Http/Controllers/RideController.php +++ b/app/Http/Controllers/RideController.php @@ -164,7 +164,7 @@ class RideController extends Controller return response()->json([ 'status' => 'success', - 'data' => $insertedId, + 'message' => $insertedId, ], 200); } catch (\Exception $e) { @@ -181,6 +181,7 @@ class RideController extends Controller public function accept(Request $request, int $rideId): JsonResponse { $driverId = $request->attributes->get('_jwt_user_id'); + $userType = $request->attributes->get('_jwt_user_type'); $status = $request->input('status', 'Apply'); // Allow dynamic status but default to Apply DB::connection('ride')->beginTransaction(); @@ -291,8 +292,7 @@ class RideController extends Controller return response()->json([ 'status' => 'success', - 'message' => 'Ride Accepted', - 'data' => $driverInfo + 'message' => $driverInfo ]); } catch (\Exception $e) { @@ -576,7 +576,7 @@ class RideController extends Controller if (!$ride) { return response()->json(['status' => 'failure', 'message' => 'Ride not found or access denied'], 404); } - return response()->json(['status' => 'success', 'data' => $ride]); + return response()->json(['status' => 'success', 'message' => $ride]); } public function active(Request $request): JsonResponse @@ -595,7 +595,7 @@ class RideController extends Controller return response()->json([ 'status' => 'success', - 'data' => $ride, + 'message' => $ride, ]); } @@ -625,6 +625,6 @@ class RideController extends Controller return $ride; }); - return response()->json(['status' => 'success', 'data' => $rides, 'message' => $rides]); + return response()->json(['status' => 'success', 'message' => $rides]); } } diff --git a/app/Http/Controllers/TrackingController.php b/app/Http/Controllers/TrackingController.php index 7c8b8ca..5abf33e 100644 --- a/app/Http/Controllers/TrackingController.php +++ b/app/Http/Controllers/TrackingController.php @@ -46,7 +46,7 @@ class TrackingController extends Controller return response()->json([ 'status' => 'success', - 'data' => [ + 'message' => [ 'latitude' => $location->latitude, 'longitude' => $location->longitude, 'heading' => $location->heading, @@ -88,7 +88,7 @@ class TrackingController extends Controller return response()->json([ 'status' => 'success', - 'data' => [ + 'message' => [ 'latitude' => $location->latitude ?? null, 'longitude' => $location->longitude ?? null, 'heading' => $location->heading ?? null, @@ -172,7 +172,7 @@ class TrackingController extends Controller return response()->json([ 'status' => 'success', - 'data' => $finalData + 'message' => $finalData ]); } @@ -222,7 +222,7 @@ class TrackingController extends Controller return response()->json([ 'status' => 'success', - 'data' => [ + 'message' => [ 'total_rides' => $totalRides, 'today_rides' => $todayRides, 'today_earnings' => round($todayEarnings, 2), diff --git a/app/Http/Controllers/WalletController.php b/app/Http/Controllers/WalletController.php deleted file mode 100644 index ad44b93..0000000 --- a/app/Http/Controllers/WalletController.php +++ /dev/null @@ -1,193 +0,0 @@ -attributes->get('_jwt_user_id'); - $wallet = DB::connection('primary')->table('passengerWallet') - ->where('passenger_id', $id)->first(); - - return response()->json([ - 'status' => 'success', - 'data' => $wallet ?? ['passenger_id' => $id, 'balance' => '0.00'], - ]); - } - - /** GET /v2/wallet/passenger/balance */ - public function balance(Request $request): JsonResponse - { - $id = $request->attributes->get('_jwt_user_id'); - $userType = $request->attributes->get('_jwt_user_type'); - - if ($userType === 'driver') { - $bal = DB::connection('primary')->table('captain_wallet') - ->where('captain_id', $id)->value('balance') ?? '0.00'; - } else { - $bal = DB::connection('primary')->table('passengerWallet') - ->where('passenger_id', $id)->value('balance') ?? '0.00'; - } - - return response()->json(['status' => 'success', 'data' => ['balance' => $bal]]); - } - - /** GET /v2/wallet/driver/balance (Explicit) */ - public function driverBalance(Request $request): JsonResponse - { - $id = $request->attributes->get('_jwt_user_id'); - $bal = DB::connection('primary')->table('captain_wallet') - ->where('captain_id', $id)->value('balance') ?? '0.00'; - - return response()->json(['status' => 'success', 'data' => ['balance' => $bal]]); - } - - /** POST /v2/wallet/passenger */ - public function addFunds(Request $request): JsonResponse - { - $request->validate([ - 'amount' => 'required|numeric|min:0.01', - 'payment_method' => 'required|string', - ]); - - $id = $request->attributes->get('_jwt_user_id'); - $userType = $request->attributes->get('_jwt_user_type'); - - if ($userType !== 'passenger') { - return response()->json(['status' => 'failure', 'message' => 'Only passengers can add funds manually'], 403); - } - - DB::connection('primary')->beginTransaction(); - try { - $wallet = DB::connection('primary')->table('passengerWallet') - ->where('passenger_id', $id)->lockForUpdate()->first(); - - if ($wallet) { - DB::connection('primary')->table('passengerWallet') - ->where('passenger_id', $id) - ->increment('balance', $request->input('amount')); - } else { - DB::connection('primary')->table('passengerWallet')->insert([ - 'passenger_id' => $id, - 'balance' => $request->input('amount'), - ]); - } - - // Record transaction - DB::connection('primary')->table('passengerWalletTransactions')->insert([ - 'passenger_id' => $id, - 'amount' => $request->input('amount'), - 'type' => 'credit', - 'payment_method' => $request->input('payment_method'), - 'created_at' => now(), - ]); - - DB::connection('primary')->commit(); - - $newBalance = DB::connection('primary')->table('passengerWallet') - ->where('passenger_id', $id)->value('balance'); - - return response()->json([ - 'status' => 'success', - 'data' => ['balance' => $newBalance], - ]); - } catch (\Exception $e) { - DB::connection('primary')->rollBack(); - return response()->json(['status' => 'failure', 'message' => 'Transaction failed'], 500); - } - } - - /** PUT /v2/wallet/passenger — ADMIN ONLY */ - public function update(Request $request): JsonResponse - { - // Only admins can directly set balance - $userType = $request->attributes->get('_jwt_user_type'); - if ($userType !== 'admin') { - return response()->json(['status' => 'failure', 'message' => 'Unauthorized'], 403); - } - - $request->validate([ - 'balance' => 'required|numeric|min:0', - 'user_id' => 'required|string', - 'type' => 'required|in:passenger,driver', - ]); - - $table = $request->input('type') === 'driver' ? 'captain_wallet' : 'passengerWallet'; - $key = $request->input('type') === 'driver' ? 'captain_id' : 'passenger_id'; - - DB::connection('primary')->table($table) - ->where($key, $request->input('user_id')) - ->update(['balance' => $request->input('balance')]); - - return response()->json(['status' => 'success']); - } - - - /** GET /v2/wallet/transactions */ - public function transactions(Request $request): JsonResponse - { - $id = $request->attributes->get('_jwt_user_id'); - $userType = $request->attributes->get('_jwt_user_type'); - $page = (int) $request->input('page', 1); - $limit = min((int) $request->input('limit', 20), 50); - - if ($userType === 'driver') { - $transactions = DB::connection('primary')->table('payments') - ->where('driverID', $id) - ->orderBy('created_at', 'desc') - ->skip(($page - 1) * $limit) - ->take($limit) - ->get(); - } else { - $transactions = DB::connection('primary')->table('payments') - ->where('passengerID', $id) - ->orderBy('created_at', 'desc') - ->skip(($page - 1) * $limit) - ->take($limit) - ->get(); - } - - return response()->json(['status' => 'success', 'data' => $transactions]); - } - - /** POST /v2/wallet/passenger/token */ - public function addToken(Request $request): JsonResponse - { - $request->validate([ - 'token' => 'required|string', - 'amount' => 'required|numeric|min:0.01', - ]); - - $id = $request->attributes->get('_jwt_user_id'); - - DB::connection('primary')->table('payment_tokens_passenger')->insert([ - 'token' => $request->input('token'), - 'passengerId' => $id, - 'dateCreated' => now(), - 'amount' => $request->input('amount'), - 'isUsed' => 0, - ]); - - return response()->json(['status' => 'success'], 201); - } -} diff --git a/app/Models/PassengerWallet.php b/app/Models/PassengerWallet.php deleted file mode 100644 index 4f00671..0000000 --- a/app/Models/PassengerWallet.php +++ /dev/null @@ -1,23 +0,0 @@ - 'decimal:2']; -} diff --git a/routes/api.php b/routes/api.php index 671d7d8..8a45f1b 100644 --- a/routes/api.php +++ b/routes/api.php @@ -19,7 +19,6 @@ use App\Http\Controllers\AuthController; use App\Http\Controllers\RideController; use App\Http\Controllers\TrackingController; use App\Http\Controllers\ProfileController; -use App\Http\Controllers\WalletController; use App\Http\Controllers\RatingController; use App\Http\Controllers\PromoController; use App\Http\Controllers\OtpController; @@ -114,12 +113,9 @@ Route::prefix('v2')->middleware(['hmac.auth', 'jwt.auth'])->group(function () { Route::match(['post', 'put'], '/profile/driver/email', [ProfileController::class, 'updateDriverEmail']); // ── Wallet ── - Route::get('/wallet/passenger', [WalletController::class, 'index']); - Route::get('/wallet/passenger/balance', [WalletController::class, 'balance']); - Route::post('/wallet/passenger', [WalletController::class, 'addFunds']); - Route::put('/wallet/passenger', [WalletController::class, 'update']); - Route::get('/wallet/passenger/transactions', [WalletController::class, 'transactions']); - Route::post('/wallet/passenger/token', [WalletController::class, 'addToken']); + // All wallet operations (balance, funds, transactions) are handled by the + // dedicated payment server. V2 only generates 60-second JWT tokens for it + // via POST /v2/auth/passenger/wallet-login and /v2/auth/driver/wallet-login. // ── Ratings ── Route::post('/ratings/driver', [RatingController::class, 'rateDriver']); @@ -156,7 +152,8 @@ Route::prefix('v2')->middleware(['hmac.auth', 'jwt.auth'])->group(function () { Route::post('/notifications/update', [NotificationController::class, 'updateNotification']); Route::get('/notifications/token', [NotificationController::class, 'getToken']); Route::post('/notifications/token', [NotificationController::class, 'updateToken']); - Route::put('/notifications/{id}/read', [NotificationController::class, 'markRead']); + Route::match(['put', 'post'], '/notifications/driver/read', [NotificationController::class, 'updateNotification']); + Route::match(['put', 'post'], '/notifications/{id}/read', [NotificationController::class, 'markRead']); // ── Misc ── Route::get('/misc/test', [MiscController::class, 'test']);