Initial commit - WASL Digital Wallet

2026-06-20 21:55:06 +03:00
commit 7306c47368
61 changed files with 4157 additions and 0 deletions
--- a/Backend/app/Http/Middleware/IdempotencyMiddleware.php
+++ b/Backend/app/Http/Middleware/IdempotencyMiddleware.php
@@ -0,0 +1,79 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Redis;
+use Symfony\Component\HttpFoundation\Response;
+
+class IdempotencyMiddleware
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response)  $next
+     * @return mixed
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        // Only run for mutations (POST, PUT, PATCH, DELETE)
+        if (!in_array($request->method(), ['POST', 'PUT', 'PATCH', 'DELETE'])) {
+            return $next($request);
+        }
+
+        $idempotencyKey = $request->header('Idempotency-Key') ?? $request->header('X-Idempotency-Key');
+
+        if (!$idempotencyKey) {
+            return $next($request);
+        }
+
+        // Clean key
+        $key = 'idempotency:' . hash('sha256', $idempotencyKey);
+        $lockKey = $key . ':lock';
+        $ttl = config('wasl.security.idempotency.ttl_seconds', 86400); // 24 hours default
+
+        // Acquire lock using Redis SETNX (Swoole safe)
+        $lockAcquired = Redis::set($lockKey, 'locked', 'EX', 10, 'NX');
+
+        if (!$lockAcquired) {
+            return response()->json([
+                'error' => 'Conflict',
+                'message' => 'A request with this Idempotency-Key is already in progress.',
+            ], Response::HTTP_CONFLICT);
+        }
+
+        try {
+            // Check if we have a cached response
+            $cached = Redis::get($key);
+            if ($cached) {
+                $data = json_decode($cached, true);
+                
+                // Release lock
+                Redis::del($lockKey);
+
+                return response($data['content'], $data['status'], $data['headers']);
+            }
+
+            // Execute request
+            $response = $next($request);
+
+            // Only cache successful or non-server-error responses (2xx and 4xx, exclude 5xx)
+            if ($response->getStatusCode() < 500) {
+                $cacheData = json_encode([
+                    'status' => $response->getStatusCode(),
+                    'headers' => collect($response->headers->all())->map(fn($val) => $val[0])->toArray(),
+                    'content' => $response->getContent(),
+                ]);
+                Redis::set($key, $cacheData, 'EX', $ttl);
+            }
+
+            return $response;
+
+        } finally {
+            // Always release lock
+            Redis::del($lockKey);
+        }
+    }
+}