llmbackend/app/Http/Controllers/Api/AuthController.php

<?php

declare(strict_types=1);

namespace App\Http\Controllers\Api;

use App\Http\Controllers\Controller;
use App\Rules\ThrottleAuthToken;
use App\Services\Auth\TokenService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use Illuminate\Validation\ValidationException;

class AuthController extends Controller
{
    public function __construct(
        private readonly TokenService $tokenService
    ) {}

    /**
     * Get access token using auth token
     *
     * @param Request $request
     * @return JsonResponse
     *
     * Request body:
     * {
     *     "auth_token": "string"
     * }
     *
     * Success response:
     * {
     *     "access_token": "string",
     *     "expires_in": 3600
     * }
     *
     * Error response:
     * {
     *     "error": "error_code",
     *     "message": "错误描述"
     * }
     */
    public function getAccessToken(Request $request): JsonResponse
    {
        try {
            $validated = $request->validate([
                'auth_token' => [
                    'required',
                    'string',
                    'size:64',
                    new ThrottleAuthToken,
                ],
            ]);

            $authToken = $this->tokenService->validateAuthToken($validated['auth_token']);

            if (!$authToken) {
                return response()->json([
                    'error' => 'invalid_auth_token',
                    'message' => '认证令牌无效。',
                ], 401);
            }

            $result = $this->tokenService->generateAccessToken($authToken);

            return response()->json($result);

        } catch (ValidationException $e) {
            return response()->json([
                'error' => 'invalid_request',
                'message' => '请求参数缺失或格式错误。',
                'details' => $e->errors(),
            ], 400);
        } catch (\Exception $e) {
            Log::error('Error generating access token', [
                'error' => $e->getMessage(),
                'trace' => $e->getTraceAsString(),
            ]);

            return response()->json([
                'error' => 'server_error',
                'message' => '服务器内部错误。',
            ], 500);
        }
    }
}