Spaces:
Running
Running
| namespace App\Http\Controllers; | |
| use Illuminate\Http\Request; | |
| use Illuminate\Support\Facades\Http; | |
| class BffController extends Controller | |
| { | |
| private function dummyAccounts(): array | |
| { | |
| return [ | |
| 'admin@caps04.local' => [ | |
| 'id' => 1, | |
| 'name' => 'Admin Dummy', | |
| 'email' => 'admin@caps04.local', | |
| 'role' => 'admin', | |
| 'password' => 'password', | |
| ], | |
| 'dosen@caps04.local' => [ | |
| 'id' => 2, | |
| 'name' => 'Dosen Dummy', | |
| 'email' => 'dosen@caps04.local', | |
| 'role' => 'dosen', | |
| 'password' => 'password', | |
| ], | |
| 'mahasiswa@caps04.local' => [ | |
| 'id' => 3, | |
| 'name' => 'Mahasiswa Dummy', | |
| 'email' => 'mahasiswa@caps04.local', | |
| 'role' => 'mahasiswa', | |
| 'password' => 'password', | |
| ], | |
| ]; | |
| } | |
| private function encodeDummyToken(array $user): string | |
| { | |
| $payload = [ | |
| 'id' => $user['id'], | |
| 'name' => $user['name'], | |
| 'email' => $user['email'], | |
| 'role' => $user['role'], | |
| ]; | |
| $encoded = base64_encode(json_encode($payload)); | |
| return 'dummy-token.' . rtrim(strtr($encoded, '+/', '-_'), '='); | |
| } | |
| private function decodeDummyToken(?string $token): ?array | |
| { | |
| if (!$token || !str_starts_with($token, 'dummy-token.')) { | |
| return null; | |
| } | |
| $parts = explode('.', $token, 2); | |
| if (count($parts) !== 2) { | |
| return null; | |
| } | |
| $raw = strtr($parts[1], '-_', '+/'); | |
| $padding = strlen($raw) % 4; | |
| if ($padding > 0) { | |
| $raw .= str_repeat('=', 4 - $padding); | |
| } | |
| $decoded = base64_decode($raw, true); | |
| if ($decoded === false) { | |
| return null; | |
| } | |
| $payload = json_decode($decoded, true); | |
| if (!is_array($payload)) { | |
| return null; | |
| } | |
| return $payload; | |
| } | |
| public function login(Request $request) | |
| { | |
| $email = strtolower((string) $request->input('email')); | |
| $password = (string) $request->input('password'); | |
| $accounts = $this->dummyAccounts(); | |
| if (!isset($accounts[$email]) || $accounts[$email]['password'] !== $password) { | |
| return response()->json([ | |
| 'message' => 'Invalid dummy credentials.', | |
| ], 401); | |
| } | |
| $account = $accounts[$email]; | |
| return response()->json([ | |
| 'token' => $this->encodeDummyToken($account), | |
| 'user' => [ | |
| 'id' => $account['id'], | |
| 'name' => $account['name'], | |
| 'email' => $account['email'], | |
| 'role' => $account['role'], | |
| ], | |
| ]); | |
| } | |
| public function me(Request $request) | |
| { | |
| $authorization = $request->header('Authorization'); | |
| $token = null; | |
| if (is_string($authorization) && str_starts_with($authorization, 'Bearer ')) { | |
| $token = substr($authorization, 7); | |
| } | |
| $payload = $this->decodeDummyToken($token); | |
| if ($payload) { | |
| return response()->json([ | |
| 'id' => $payload['id'] ?? 0, | |
| 'name' => $payload['name'] ?? 'Dummy User', | |
| 'email' => $payload['email'] ?? 'dummy@example.com', | |
| 'role' => $payload['role'] ?? 'mahasiswa', | |
| ]); | |
| } | |
| return response()->json([ | |
| 'id' => 1, | |
| 'name' => 'Dummy User', | |
| 'email' => 'dummy@example.com', | |
| 'role' => 'mahasiswa', | |
| ]); | |
| } | |
| public function proxy(Request $request, string $path) | |
| { | |
| $base = rtrim(env('API_URL', ''), '/'); | |
| abort_if($base === '', 500, 'API_URL is not set'); | |
| $url = $base . '/' . ltrim($path, '/'); | |
| $headers = [ | |
| 'Accept' => 'application/json', | |
| ]; | |
| if ($request->hasHeader('Authorization')) { | |
| $headers['Authorization'] = $request->header('Authorization'); | |
| } | |
| $resp = Http::send($request->method(), $url, [ | |
| 'query' => $request->query(), | |
| 'body' => $request->getContent(), | |
| 'headers' => $headers, | |
| ]); | |
| return response($resp->body(), $resp->status())->withHeaders($resp->headers()); | |
| } | |
| } | |