added api for tracking

app/Http/Controllers/ApiController.php

@@ -0,0 +1,57 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Requests;
+use App\Http\Controllers\Controller;
+
+use Illuminate\Http\Request;
+use App\Models\ApiModel;
+use Carbon\Carbon;
+use Illuminate\Support\Facades\Input;
+
+class ApiController extends Controller
+{
+
+	public function login(Request $request)
+	{
+		$ApiModel 		= new ApiModel;
+		$post 			=	$request->all();
+		$response 	 = $ApiModel->loginProductionUser($post['username'], $post['password']);
+		if (!$response) {
+			return response()->json(['status' => false, 'message' => "Invalid user"], 401);
+		}
+
+		return response()->json(['status' => true, 'data' => $response[0]], 200);
+	}
+
+	public function insert(Request $request)
+	{
+		$ApiModel 		= new ApiModel;
+		$post 			=	$request->json()->all();
+		
+		$data = array(
+			"StepId" => $post['StepId'],
+			"ScannedBy" => $post['ScannedBy'],
+			"InvoiceNumber" => $post['invoice'],
+			"Timezone" => $post['timezone'],
+			"TimezoneOffset" => date('H:i:s',strtotime($post['timezoneOffset'])),
+			"DeviceId" =>$post['deviceId'],
+			"created_at" => date('Y-m-d H:i:s', strtotime($post['datetime']))
+		);
+		$response 	 = $ApiModel->insertTracking($data);
+		if (!$response) {
+			return response()->json(['status' => false, 'message' => "Something went wrong."], 401);
+		}
+
+		return response()->json(['status' => true, 'message' => 'Successfully updated.'], 201);
+	}
+
+	public function getTrackingStatus()
+	{
+		$ApiModel 		= new ApiModel;
+		$invoice = Input::get('invoice');
+		$response 	 = $ApiModel->getTrackingStatus($invoice);
+		return response()->json(['status' => true, 'data' => $response], 200);
+	}
+}

app/Http/Controllers/MainController.php

@@ -7,7 +7,7 @@ use Illuminate\Http\Request;
 use App\Models\MainModel;
 // use Illuminate\Support\Facades\Request;
 use Analytics;
-use Session;
+use Illuminate\Support\Facades\Session;
 
 class MainController extends Controller {
 

app/Http/Controllers/paypal/PaypalController.php

@@ -8,6 +8,7 @@ use Illuminate\Http\Request;
 use Netshell\Paypal\Facades\Paypal;
 use App\Models\teamstore\TeamStoreModel;
 use App\Models\user\UserModel;
+use App\Models\ApiModel;
 use App\Models\paypal\PayPalModel;
 // use Auth;
 use Illuminate\Support\Facades\Auth;
@@ -19,7 +20,6 @@ use Illuminate\Support\Facades\Redirect;
 use Illuminate\Support\Facades\Mail;
 
 
-
 class PaypalController extends Controller
 {
 
@@ -74,8 +74,6 @@ class PaypalController extends Controller
 		$payer = PayPal::Payer();
 		$payer->setPaymentMethod('paypal');
 
-
-
 		$m		 		= new TeamStoreModel;
 		$paypal_model	= new PayPalModel;
 		$last_id 		= $paypal_model->getLastIdPaymentDetails();
@@ -382,6 +380,17 @@ class PaypalController extends Controller
 		});
 		// end email sending
 
+
+		$insertTracking = array(
+			"StepId" => 1,
+			"ScannedBy" => 1,
+			"InvoiceNumber" => $invoice_number,
+			"created_at" => date('Y-m-d H:i:s')
+		);
+
+		$ApiModel 		= new ApiModel;
+		$ApiModel->insertTracking($insertTracking);
+
 		$request->session()->forget('cartkey'); // clear session for cartkey
 
 		// redirect to thank you page.

app/Http/Kernel.php

@@ -30,6 +30,8 @@ class Kernel extends HttpKernel {
 		'teamstoresession' => 'App\Http\Middleware\CheckTeamStorePassword',
 		'admin' => '\App\Http\Middleware\IsAdmin',
 		'normaluser' => '\App\Http\Middleware\IsUser',
+		'isAuthorized' => '\App\Http\Middleware\isAuthorized',
+		'cors' => 'App\Http\Middleware\Cors',
 	];
 
 }

app/Http/Middleware/Cors.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+
+class Cors
+{
+
+	/**
+	 * Handle an incoming request.
+	 *
+	 * @param  \Illuminate\Http\Request  $request
+	 * @param  \Closure  $next
+	 * @return mixed
+	 */
+	public function handle($request, Closure $next)
+	{
+		header("Access-Control-Allow-Origin: *");
+		header('Access-Control-Allow-Methods: GET, POST, OPTIONS');
+		header("Access-Control-Allow-Headers: *");
+		// header('Access-Control-Allow-Credentials: true');
+
+		if (!$request->isMethod('options')) {
+			return $next($request);
+		}
+	}
+}

app/Http/Middleware/VerifyCsrfToken.php

@@ -13,9 +13,23 @@ class VerifyCsrfToken extends BaseVerifier {
 	 * @return mixed
 	 */
 
+	protected $except = [
+		"api/*",
+	];
+
+	// public function handle($request, Closure $next)
+	// {
+	// 	return parent::handle($request, $next);
+	// }
+
 	public function handle($request, Closure $next)
 	{
-		return parent::handle($request, $next);
+			foreach($this->except as $route) {
+					if ($request->is($route)) {
+							return $next($request);
+					}
+			}
+			return parent::handle($request, $next);
 	}
 
 }

app/Http/Middleware/isAuthorized.php

@@ -0,0 +1,23 @@
+<?php namespace App\Http\Middleware;
+
+use Closure;
+
+class isAuthorized {
+
+	/**
+	 * Handle an incoming request.
+	 *
+	 * @param  \Illuminate\Http\Request  $request
+	 * @param  \Closure  $next
+	 * @return mixed
+	 */
+	public function handle($request, Closure $next)
+	{
+		if(isset(getallheaders()['token']) && getallheaders()['token']=="1HHIaIsT4pvO2S39vMzlVfGWi3AhAz6F5xGBNKil") {
+			return $next($request);
+		}else{
+				return response()->json(['status' => false,'error' => "Invalid request"], 503);
+		}
+	}
+
+}

app/Http/routes.php

@@ -184,4 +184,10 @@ Route::get('cliparts/index', 'cliparts\ClipartsController@index');
 
 // Route::get('analytics', function (){
 // 	$analyticsData = LaravelAnalytics::getVisitorsAndPageViews(7);
-// });
+// });
+
+Route::group(array('middleware' => ['isAuthorized', 'cors'], 'prefix' => 'api'), function (){
+	Route::post('login', 'ApiController@login');
+	Route::post('insert', 'ApiController@insert');
+	Route::get('tracking', 'ApiController@getTrackingStatus');
+});