BetiX/app/Http/Controllers/Settings/KycController.php

<?php

namespace App\Http\Controllers\Settings;

use App\Http\Controllers\Concerns\ProxiesBackend;
use App\Http\Controllers\Controller;
use App\Services\BackendHttpClient;
use Illuminate\Http\Request;
use Illuminate\Validation\Rule;
use Inertia\Inertia;
use Inertia\Response;

class KycController extends Controller
{
    use ProxiesBackend;

    public function __construct(private readonly BackendHttpClient $client)
    {
    }

    /**
    * Show KYC center page with user's documents (from upstream)
    */
    public function index(Request $request): Response
    {
        $docs = [];
        try {
            $res = $this->client->get($request, '/kyc/documents', [], retry: true);
            if ($res->successful()) {
                $j = $res->json() ?: [];
                $docs = $j['data'] ?? $j['documents'] ?? $j;
            }
        } catch (\Throwable $e) {
            // ignore; page can still render and show empty state
        }

        return Inertia::render('settings/Kyc', [
            'documents' => $docs,
            'accepted' => [
                'identity' => ['passport','driver_license','id_card','other'],
                'address' => ['bank_statement','utility_bill','other'],
                'payment' => ['online_banking','other'],
            ],
            'maxUploadMb' => 15,
        ]);
    }

    /**
     * Upload a new KYC document via upstream (multipart)
     */
    public function store(Request $request)
    {
        $validated = $request->validate([
            'category' => ['required', Rule::in(['identity','address','payment'])],
            'type' => ['required', Rule::in(['passport','driver_license','id_card','bank_statement','utility_bill','online_banking','other'])],
            'file' => ['required','file','max:15360', 'mimetypes:image/jpeg,image/png,image/webp,application/pdf'],
        ]);

        try {
            $res = $this->client->postMultipart($request, '/kyc/documents', [
                'category' => $validated['category'],
                'type' => $validated['type'],
            ], $request->file('file'), 'file');

            if ($res->successful()) {
                return back()->with('status', 'Document uploaded');
            }
            if ($res->clientError()) {
                $msg = data_get($res->json(), 'message', 'Invalid request');
                return back()->withErrors(['kyc' => $msg]);
            }
            if ($res->serverError()) {
                return back()->withErrors(['kyc' => 'Service temporarily unavailable']);
            }
            return back()->withErrors(['kyc' => 'API server not reachable']);
        } catch (\Throwable $e) {
            return back()->withErrors(['kyc' => 'API server not reachable']);
        }
    }

    /**
     * Delete a KYC document via upstream
     */
    public function destroy(Request $request, int $docId)
    {
        try {
            $res = $this->client->delete($request, "/kyc/documents/{$docId}");
            if ($res->successful()) {
                return back()->with('status', 'Document deleted');
            }
            if ($res->clientError()) {
                $msg = data_get($res->json(), 'message', 'Invalid request');
                return back()->withErrors(['kyc' => $msg]);
            }
            if ($res->serverError()) {
                return back()->withErrors(['kyc' => 'Service temporarily unavailable']);
            }
            return back()->withErrors(['kyc' => 'API server not reachable']);
        } catch (\Throwable $e) {
            return back()->withErrors(['kyc' => 'API server not reachable']);
        }
    }

    /**
     * Download a document via upstream: prefer redirect to signed URL if provided
     */
    public function download(Request $request, int $docId)
    {
        try {
            $res = $this->client->get($request, "/kyc/documents/{$docId}/download", [], retry: false);
            if ($res->successful()) {
                $j = $res->json();
                $url = $j['url'] ?? null;
                if ($url) {
                    return redirect()->away($url);
                }
                // If upstream responds with binary directly, just passthrough headers/body
                $content = $res->body();
                $headers = [
                    'Content-Type' => $res->header('Content-Type', 'application/octet-stream'),
                ];
                return response($content, 200, $headers);
            }
            if ($res->clientError()) {
                $msg = data_get($res->json(), 'message', 'Invalid request');
                return back()->withErrors(['kyc' => $msg]);
            }
            if ($res->serverError()) {
                return back()->withErrors(['kyc' => 'Service temporarily unavailable']);
            }
            return back()->withErrors(['kyc' => 'API server not reachable']);
        } catch (\Throwable $e) {
            return back()->withErrors(['kyc' => 'API server not reachable']);
        }
    }
}