Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
0.00% covered (danger)
0.00%
0 / 33
0.00% covered (danger)
0.00%
0 / 3
 CRAP
0.00% covered (danger)
0.00%
0 / 1
IngestionController
0.00% covered (danger)
0.00%
0 / 33
0.00% covered (danger)
0.00%
0 / 3
 72
0.00% covered (danger)
0.00%
0 / 1
 __construct
0.00% covered (danger)
0.00%
0 / 1
0.00% covered (danger)
0.00%
0 / 1
 2
 create
0.00% covered (danger)
0.00%
0 / 28
0.00% covered (danger)
0.00%
0 / 1
 30
 isAuthorized
0.00% covered (danger)
0.00%
0 / 4
0.00% covered (danger)
0.00%
0 / 1
 6
1<?php
2
3namespace App\Modules\ContactModule\Controllers;
4
5use App\Controllers\BaseController;
6use App\Modules\ContactModule\Services\ContactIngestionService;
7
8class IngestionController extends BaseController
9{
10    protected ContactIngestionService $service;
11
12    public function __construct()
13    {
14        $this->service = new ContactIngestionService();
15    }
16
17    /**
18     * Endpoint public d'ingestion
19     */
20    public function create()
21    {
22        // 1. Sécurisation API KEY (simple mais efficace)
23        if (!$this->isAuthorized()) {
24            return $this->response
25                ->setStatusCode(403)
26                ->setJSON([
27                    'status' => 'error',
28                    'message' => 'Unauthorized'
29                ]);
30        }
31
32        // 2. Récupération payload (JSON uniquement recommandé)
33        $payload = $this->request->getJSON(true);
34
35        if (!$payload || !is_array($payload)) {
36            return $this->response
37                ->setStatusCode(400)
38                ->setJSON([
39                    'status' => 'error',
40                    'message' => 'Invalid payload'
41                ]);
42        }
43
44        try {
45            // 3. Traitement via service métier
46            $result = $this->service->handle($payload);
47
48            return $this->response->setJSON([
49                'status' => 'success',
50                'data'   => $result
51            ]);
52
53        } catch (\Throwable $e) {
54
55            return $this->response
56                ->setStatusCode(500)
57                ->setJSON([
58                    'status' => 'error',
59                    'message' => 'Server error',
60                    'debug'   => $e->getMessage() // à désactiver en prod
61                ]);
62        }
63    }
64
65    /**
66     * Auth simple par API KEY
67     * (version minimale, remplaçable par HMAC/JWT)
68     */
69    private function isAuthorized(): bool
70    {
71        $apiKey = $this->request->getHeaderLine('X-API-KEY');
72
73        if (empty($apiKey)) {
74            return false;
75        }
76
77        // clé statique (à remplacer par DB / tenant system)
78        return $apiKey === env('APP_API_KEY');
79    }
80}