Implementei metodo de consulta de bilhetes na API, e middleware de autenticacao por token

app/Repositories/Bilhetes.php

@@ -6,9 +6,9 @@ use app\core\Repository;
 
 class Bilhetes extends Repository
 {
-    protected static string $table = 'pbx_bilhetes';
+    //protected static string $table = 'pbx_bilhetes';
 
-    public function getBilhetes(array $data): array
+    public static function getBilhetes(array $data): array
     {
         $query = "SELECT
                 a.id_bilhetes AS id, a.calldate AS data_hora,
@@ -43,6 +43,6 @@ class Bilhetes extends Repository
         }
 
         $query .= " ORDER BY data_bilhete";
-        return self::read($query, $data);
+        return self::query($query, $data, 'all');
     }
 }

app/Repositories/Usuario.php

@@ -53,4 +53,16 @@ class Usuario extends Repository
         $data = ["user_id" => $userId];
         return self::query($query, $data, 'one');
     }
+
+    public static function verifyTokenByOrg(string $token, string $orgId)
+    {
+        $query = "SELECT pu.id as user_id, t.id as token_id, pou.id_organizacao, t.token, t.expired_at
+                FROM pbx_usuarios pu
+                INNER JOIN pbx_tokens t ON t.id_usuario = pu.id
+                INNER JOIN pbx_organizacao_usuarios pou ON pou.id_usuario = pu.id
+                WHERE t.token = :token AND id_organizacao = :org_id;";
+        $params = ["token" => $token, "org_id" => $orgId];
+
+        return self::query($query, $params, "one");
+    }
 }

app/controllers/AuthController.php

@@ -84,7 +84,7 @@ class AuthController
             } else {
                 $response->getBody()->write(json_encode([
                     'status' => true,
-                    'data' => ["token" => $tokens['token'], "refresh_token" => $tokens['refresh_token']]
+                    'data' => ["token" => $tokens['token'], "refresh_token" => $tokens['refresh_token'], "expire_date" => $tokens['expired_at']]
                 ]));
                 return $response;
             }
@@ -139,7 +139,7 @@ class AuthController
 
         AuditaFull::create($auditoria);
         $response->getBody()->write(
-            json_encode(['status' => true, 'data' => ["token" => $token, "refresh_token" => $refreshToken]])
+            json_encode(['status' => true, 'data' => ["token" => $token, "refresh_token" => $refreshToken, "expire_date" => $tokens['expired_at']]])
         );
 
         return $response;

app/controllers/CallController.php

@@ -9,12 +9,19 @@ use Valitron\Validator;
 use Exception;
 
 use app\Repositories\Bilhetes;
+use app\shared\Logger;
 use app\traits\Validate;
 
 class CallController
 {
+    private static Logger $logger;
+    const LOG_ACTIVE = true;
+
     static function route()
     {
+        self::$logger = new Logger('api' . date('Ymd'), self::LOG_ACTIVE);
+        self::$logger->debug('CallController->route()', true);
+
         return function (RouteCollectorProxy $group) {
             $group->post('/bilhetes', [self::class, 'listarBilhetes']);
             $group->post('/eventos', [self::class, 'listarEventos']);
@@ -23,17 +30,20 @@ class CallController
 
     function listarBilhetes(Request $request, Response $response, array $args)
     {
+        self::$logger->debug('Org id do token: ' . print_r($request->getAttribute('orgs'), true), true);
         try {
             $validator = new Validator();
             $validator->mapFieldsRules([
                 'id' => ['integer', ['min', 1]],
-                'uniqueid' => ['string'],
-                'src' => ['string'],
-                'dst' => ['string'],
+                'uniqueid' => [],
+                'src' => [],
+                'dst' => [],
                 'i_date' => ['date'],
                 'f_date' => ['date'],
-                'entry' => ['string']
+                'entry' => [],
+                'org_id' => ['integer', 'required']
             ]);
+
             $body = json_decode($request->getBody()->getContents(), true);
             $validator = $validator->withData($body);
             if (!$validator->validate()) {
@@ -41,31 +51,18 @@ class CallController
                     ->write(json_encode($validator->errors()));
                 return $response->withStatus(422);
             }
-            $result = Bilhetes::getBilhetes($body);
-
-            /*$query = "SELECT
-                a.id_bilhetes AS id, a.calldate AS data_hora,
-                a.src AS origem, a.dst AS destino, a.billsec AS tempo_conversacao, 
-                a.duration AS tempo_atendimento, a.accountcode AS id_transfer, 
-                a.uniqueid AS uniqueid, a.userfield AS nome_audio, 
-                a.data_bilhete AS data, a.fora_horario AS fora_horario,
-                a.org_id 
-            FROM pbx_bilhetes a
-            WHERE a.lastapp <> 'Transferred Call' ";
 
+            self::$logger->debug('Passed in bilhetes validation', true);
 
-            foreach ($body as $k => $v) {
-                if ($v) {
-                    $query .= " AND $k = :$k";
-                }
-            }
+            $result = Bilhetes::getBilhetes($body);
+            $response->getBody()->write(json_encode(['status' => true, 'data' => $result]));
 
-            $result = Bilhetes::query($query, $data); */
-            if (!$result) {
+            //this block returns an error message if the result of the query is empty
+            /*if (!$result) {
                 $response->getBody()->write(json_encode(['status' => false, 'data' => ['message' => 'Nenhum resultado encontrado!']]));
             } else {
                 $response->getBody()->write(json_encode(['status' => true, 'data' => $result]));
-            }
+            } */
         } catch (Exception $e) {
             $response->getBody()->write(json_encode(['status' => false, 'data' => ["message" => "Nao foi possivel realizar a consulta! " . $e->getMessage()]]));
             return $response->withStatus(500);
@@ -77,7 +74,7 @@ class CallController
     {
         try {
             $body = json_decode($request->getBody()->getContents(), true);
-            $dados = $this->validateData($request, true);
+            //$dados = $this->validateData($request, true);
             $query = "SELECT 
                     a.id_bilhetes AS id, 
                     a.uniqueid, 

app/core/Repository.php

@@ -21,18 +21,22 @@ abstract class Repository
         self::$logger = new Logger('api' . date('Ymd'), true);
     }
 
+    /**
+     * Binds the values to the query, executed and returns the information selected in @param string $fetch.
+     */
     public static function query(string $query, array $params = [], string $fetch = 'all'): array|int|bool
     {
         try {
             self::setLog();
             self::$logger->debug("Getting connection", true);
             $stmt = Connection::getInstance()->prepare($query);
-            self::$logger->debug("Biding values for $query", true);
+            self::$logger->debug("Biding values for $query\nwith params: " . print_r($params, true), true);
             foreach ($params as $key => $value) {
                 $stmt->bindValue(":$key", $value, (is_int($value) ? PDO::PARAM_INT : PDO::PARAM_STR));
             }
             $stmt->execute();
 
+            //selects the type of return
             switch ($fetch) {
                 case 'all':
                     return $stmt->fetchAll();
@@ -46,6 +50,31 @@ abstract class Repository
         } catch (PDOException $e) {
             self::$logger->error(print_r(['error' => $e->getMessage(), 'query' => $query, 'params' => $params], true));
             return ['status' => false, 'data' => ['message' => 'Nenhum resultado encontrado!']];
+        } catch (Exception $general) {
+            self::$logger->error(print_r(['error' => $general->getMessage(), 'query' => $query, 'params' => $params], true));
+            return ['status' => false, 'data' => ['message' => 'Nenhum resultado encontrado!']];
+        }
+    }
+
+    /** Dinamicaly creates a SELECT query based on passed parameters
+     * 
+     * @param string $table: table name
+     * @param array $columns: list of columns to be returned
+     * @param array $params: list of parameters to be used in 'WHERE' statement
+     * @param string fetch: type of return desired
+     */
+    public static function dinamicSelectQuery(string $table, array $columns, array $params, string $fetch): array|int|bool
+    {
+        self::setLog();
+        $query =    "SELECT " . implode(', ', $columns) . ' FROM ' . $table . " WHERE 1 = 1 ";
+
+        foreach ($params as $key => $value) {
+            if (empty($value)) {
+                continue;
+            }
+            $query .= " AND $key = :$key";
         }
+
+        return self::query($query, $params, $fetch);
     }
 }

app/middleware/AuthMiddleware.php

@@ -6,19 +6,40 @@ use Psr\Http\Message\ServerRequestInterface as Request;
 use Psr\Http\Server\RequestHandlerInterface as RequestHandler;
 use Psr\Http\Message\ResponseInterface;
 use Tuupola\Http\Factory\ResponseFactory;
-use app\traits\AuthToken;
 use Exception;
 
+use app\traits\AuthToken;
+use app\shared\Logger;
+
 class AuthMiddleware
 {
     use AuthToken;
+
+    // does constructor works here?
+    public function __construct()
+    {
+        self::$logger = new Logger('api' . date('Ymd'), self::LOG_ACTIVE);
+        self::$logger->debug('AuthMiddleware instantiated', true);
+    }
+
     public function __invoke(Request $request, RequestHandler $handler): ResponseInterface
     {
         try {
+            self::$logger->debug('Will try to find token', true);
+
             //returns [user_id, token_id, id_organizacao, token, expired_at] if not found --> throws exception
-            $this->findToken($request);
+            $orgToken = $this->findToken($request);
+
+            /*             // creating array of orgs
+            $orgs = [];
+            foreach ($orgToken as $value) {
+                $orgs[] = $value['id_organizacao'];
+            } */
+
+            //$request = $request->withAttribute('orgs', $orgToken['id_organizacao']);
             $response = $handler->handle($request);
         } catch (Exception $e) {
+            self::$logger->error('Exception in AuthMiddleware: ' . $e->getMessage(), true);
             $fac = new ResponseFactory;
             $response = $fac->createResponse(403);
             $message = mb_convert_encoding($e->getMessage(), 'ISO8859-1');

app/traits/AuthToken.php

@@ -3,16 +3,22 @@
 namespace app\traits;
 
 use app\models\Token;
+use app\Repositories\Usuario;
+use app\shared\Logger;
 use Slim\Psr7\Request;
 use Exception;
 use DateTime;
 
 trait AuthToken
 {
+    private static Logger $logger;
+    const LOG_ACTIVE = true;
+
     public function findToken(Request $request)
     {
         $body = json_decode($request->getBody()->getContents(), true);
         $headers = $request->getHeader('Authorization');
+        self::$logger->debug('body in AuthToken: ' . print_r($body, true) . "\nAuthorization: " . print_r($headers, true), true);
         $bearerToken = str_replace('Bearer ', '', $headers[0]);
 
         if (empty($bearerToken)) {
@@ -23,24 +29,32 @@ trait AuthToken
             throw new Exception('Informe o org_id.');
         }
 
-        $tokenEmpresa = Token::query(
+        $tokenEmpresas = Usuario::verifyTokenByOrg($bearerToken, $body['org_id']);
+        self::$logger->debug('tokenEmpresas in AuthToken: ' . print_r($tokenEmpresas, true), true);
+
+
+        //arrumar essa parte
+        /*         $tokenEmpresas = Token::query(
             "SELECT pu.id as user_id, t.id as token_id, pou.id_organizacao, t.token, t.expired_at
                 FROM pbx_usuarios pu
                 INNER JOIN pbx_tokens t ON t.id_usuario = pu.id
                 INNER JOIN pbx_organizacao_usuarios pou ON pou.id_usuario = pu.id
                 WHERE t.token = :token AND id_organizacao = :org_id;",
             ["token" => $bearerToken, 'org_id' => $body['org_id']]
-        );
+        ); */
 
-        if (empty($tokenEmpresa)) {
+        if (empty($tokenEmpresas)) {
             throw new Exception('Requisicao nao autorizada, por favor verifique o token e a permissao de acesso!');
         }
 
-        $expiredDate = new DateTime($tokenEmpresa[0]->expired_at);
+        $expiredDate = new DateTime($tokenEmpresas['expired_at']);
+
         $now = new DateTime();
         if ($expiredDate < $now) {
             throw new Exception('Token expirado, realize uma nova autenticacao.');
         }
-        return $tokenEmpresa;
+
+        self::$logger->debug("Auth success to user " . $tokenEmpresas['user_id'], true);
+        return $tokenEmpresas;
     }
 }