debian package support

.env.example

@@ -1,3 +1,20 @@
 APP_PORT=8080
 DB_FILE=test.db
-JWT_SECRET=Aer8woa9zeec2gai4ahQuah3Ahbee5eiSefae8pheepahnootuShoo0oKahf
+JWT_SECRET=Aer8woa9zeec2gai4ahQuah3Ahbee5eiSefae8pheepahnootuShoo0oKahf
+
+
+#================= BUILD =================
+BUILD_APP="php-api"
+BUILD_VER="1.0.0"
+BUILD_STAGE="build/php-api"
+BUILD_DESCRIPTION="API PHP php-api (SmartPay)"
+BUILD_LICENSE="Proprietary"
+BUILD_VENDOR="SmartPay"
+BUILD_MAINTAINER="lucas.joaquim@smartpay.com.vc"
+BUILD_DEPENDS="php8.2-cli | php-cli (>= 8.2)"
+BUILD_ARCH="all"
+
+#================= DEPLOY =================
+DEPLOY_HOST="pixplay.com.vc"
+DEPLOY_TOKEN=""
+DEPLOY_FILE="./php-api_1.0.0_all.deb"

.gitignore

@@ -1,4 +1,5 @@
 vendor/
 .env
 *.log
-test.db
+test.db
+build/

README.md

@@ -0,0 +1,16 @@
+```
+fpm -s dir -t deb \
+  -n php-api -v 1.0.0 \
+  -C build/php-api \
+  --prefix / \
+  --description "API PHP php-api (SmartPay)" \
+  --license "Proprietary" \
+  --vendor "SmartPay" \
+  --maintainer "lucas.joaquim@smartpay.com.vc" \
+  --architecture all \
+  --deb-no-default-config-files \
+  --config-files /etc/php-api \
+  --depends "php8.2-cli | php-cli (>= 8.2)" \
+  opt/php-api etc/php-api var/log/php-api
+Created package {:path=>"php-api_1.0.0_all.deb"}
+```

bin/build_stage

@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+[ -f ./.env ] || { echo "Error: .env file not found"; exit 1; }
+source ./.env || { echo "Error: failed to load .env"; exit 1; }
+
+command -v fpm >/dev/null 2>&1 || { echo "Error: fpm not found in PATH"; exit 1; }
+
+rm -rf ./build
+rm -f "${BUILD_APP}_${BUILD_VER}_${BUILD_ARCH}.deb"
+
+rm -rf "$BUILD_STAGE"
+mkdir -p "$BUILD_STAGE"/{opt/$BUILD_APP,usr/bin,var/log/$BUILD_APP}
+
+for item in *; do
+  [ "$item" = "build" ] && continue
+  case "$item" in
+    .*|*.deb) continue ;;
+  esac
+  cp -a "$item" "$BUILD_STAGE/opt/$BUILD_APP/" || { echo "Error: failed to copy '$item' to stage"; exit 1; }
+done
+
+touch "$BUILD_STAGE/var/log/$BUILD_APP/app.log" || { echo "Error: unable to create log in $BUILD_STAGE/var/log/$BUILD_APP"; exit 1; }
+cat > "$BUILD_STAGE/usr/bin/$BUILD_APP" <<EOF
+#!/usr/bin/env bash
+exec php -S 127.0.0.1:8080 -t /opt/$BUILD_APP/public
+EOF
+chmod +x "$BUILD_STAGE/usr/bin/$BUILD_APP" || { echo "Error: unable to mark wrapper as executable"; exit 1; }
+
+echo "[ok] stage ready at: $BUILD_STAGE"
+
+FPM_DEPENDS=()
+if [ -n "${BUILD_DEPENDS:-}" ]; then
+  IFS=',' read -ra __DEPS <<< "$BUILD_DEPENDS"
+  for d in "${__DEPS[@]}"; do
+    d_trim="$(echo "$d" | xargs)"
+    [ -n "$d_trim" ] && FPM_DEPENDS+=(--depends "$d_trim")
+  done
+fi
+
+fpm -s dir -t deb \
+  -n "$BUILD_APP" -v "$BUILD_VER" \
+  -C "$BUILD_STAGE" \
+  --prefix / \
+  --description "$BUILD_DESCRIPTION" \
+  --license "$BUILD_LICENSE" \
+  --vendor "$BUILD_VENDOR" \
+  --maintainer "$BUILD_MAINTAINER" \
+  --architecture "$BUILD_ARCH" \
+  --deb-no-default-config-files \
+  "${FPM_DEPENDS[@]}" \
+  opt/$BUILD_APP var/log/$BUILD_APP usr/bin/$BUILD_APP \
+  || { echo "Error: fpm failed to build the package"; exit 1; }

bin/deploy

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+source .env
+REPO=$1
+
+ENDPOINT="https://$DEPLOY_HOST/api/$REPO/upload/"
+
+
+if [ ! -f "$DEPLOY_FILE" ]; then
+    echo "Error: file $DEPLOY_FILE not found"
+    exit 1
+fi
+
+RESPONSE=$(curl -s -X POST \
+     -H "Authorization: Token $DEPLOY_TOKEN" \
+     -F "package_file=@$DEPLOY_FILE" \
+     -w "%{http_code}" \
+     "$ENDPOINT")
+
+HTTP_CODE="${RESPONSE: -3}"
+
+if [ "$HTTP_CODE" -eq 200 ] || [ "$HTTP_CODE" -eq 201 ]; then
+    echo "Upload done to $REPO."
+else
+    echo "Error: failed to uploado to '$REPO'"
+    echo "$RESPONSE"
+    exit 1
+fi

middlewares/JWTAuthMiddleware.php → middlewares/JwtAuthMiddleware.php

@@ -20,7 +20,6 @@ class JwtAuthMiddleware
 
     public function __invoke(ServerRequestInterface $request, callable $next)
     {
-        // 1. Extrai o token do header Authorization
         $authHeader = $request->getHeaderLine('Authorization');
         if (empty($authHeader) || !preg_match('/Bearer\s+(.*)/', $authHeader, $matches)) {
             return ResponseLib::sendFail("Unauthorized: Missing or invalid Authorization header", [], "E_VALIDATE")->withStatus(401);
@@ -29,10 +28,7 @@ class JwtAuthMiddleware
         $token = $matches[1];
 
         try {
-            // 2. Decodifica e valida o JWT
-            $decoded = JWT::decode($token, new Key($this->jwtSecret, 'HS256'));  // Use HS256 ou algoritmo desejado
-
-            // 3. Extrai claims (assuma que o JWT tem 'sub' como user_id e 'username')
+            $decoded = JWT::decode($token, new Key($this->jwtSecret, 'HS256'));
             $userId = $decoded->sub ?? null;
             $apiUser = $decoded->username ?? null;
 
@@ -40,7 +36,6 @@ class JwtAuthMiddleware
                 return ResponseLib::sendFail("Unauthorized: Invalid JWT claims", [], "E_VALIDATE")->withStatus(401);
             }
 
-            // 4. Verifica se o usuário existe e está ativo no banco (similar ao HMAC)
             $dbFile = $_ENV['DB_FILE'] ?? 'bridge.db';
             $dbPath = __DIR__ . '/../' . $dbFile;
             $pdo = new \PDO("sqlite:" . $dbPath);
@@ -54,7 +49,6 @@ class JwtAuthMiddleware
                 return ResponseLib::sendFail("Unauthorized: Invalid or inactive user", [], "E_VALIDATE")->withStatus(401);
             }
 
-            // 5. Tudo certo, adiciona atributos ao request (compatível com HMAC)
             $request = $request
                 ->withAttribute('api_user', $apiUser)
                 ->withAttribute('api_user_id', $userId);
@@ -62,7 +56,6 @@ class JwtAuthMiddleware
             return $next($request);
 
         } catch (\Exception $e) {
-            // Captura erros de JWT (ex: expirado, inválido)
             return ResponseLib::sendFail("Unauthorized: " . $e->getMessage(), [], "E_VALIDATE")->withStatus(401);
         }
     }