ai-stylegallery/app/Http/Controllers/GalleryAccessController.php

<?php

namespace App\Http\Controllers;

use App\Http\Middleware\EnsureGalleryAccess;
use App\Http\Requests\GalleryAccessRequest;
use App\Models\Gallery;
use App\Settings\GeneralSettings;
use Carbon\Carbon;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Inertia\Inertia;
use Inertia\Response;

class GalleryAccessController extends Controller
{
    public function create(Request $request, GeneralSettings $settings, ?Gallery $gallery = null): Response
    {
        $gallery = $this->resolveGallery($request, $gallery);

        if (! $gallery) {
            abort(404, 'Gallery not found');
        }

        $expiresAt = $gallery->expires_at ?? $settings->gallery_expires_at;

        $expired = $expiresAt !== null
            && Carbon::now()->greaterThanOrEqualTo(Carbon::parse($expiresAt));

        return Inertia::render('GalleryAccess', [
            'gallery' => [
                'id' => $gallery->id,
                'slug' => $gallery->slug,
                'title' => $gallery->title,
            ],
            'requiresPassword' => (bool) ($gallery->require_password ?? $settings->require_gallery_password),
            'expiresAt' => $expiresAt,
            'accessDurationMinutes' => $gallery->access_duration_minutes ?? $settings->gallery_access_duration_minutes,
            'expired' => $expired,
            'flashMessage' => $request->session()->get('gallery_access_message'),
        ]);
    }

    public function store(GalleryAccessRequest $request, GeneralSettings $settings, ?Gallery $gallery = null): RedirectResponse
    {
        $gallery = $this->resolveGallery($request, $gallery);

        if (! $gallery) {
            abort(404, 'Gallery not found');
        }

        if ($this->isExpired($gallery, $settings)) {
            return redirect()
                ->route('gallery.access.show', $gallery)
                ->with('gallery_access_message', __('api.gallery.expired'));
        }

        $requiresPassword = $gallery->require_password ?? $settings->require_gallery_password;
        $passwordHash = $gallery->password_hash ?? $settings->gallery_password_hash;

        if (! $requiresPassword || ! $passwordHash) {
            EnsureGalleryAccess::grantForGallery($request, $gallery, $settings);

            return redirect()->route('gallery.show', $gallery);
        }

        if (! Hash::check($request->input('password'), $passwordHash)) {
            return redirect()
                ->route('gallery.access.show', $gallery)
                ->with('gallery_access_message', __('api.gallery.invalid_password'));
        }

        EnsureGalleryAccess::grantForGallery($request, $gallery, $settings);

        return redirect()->route('gallery.show', $gallery);
    }

    private function resolveGallery(Request $request, ?Gallery $gallery = null): ?Gallery
    {
        if ($gallery instanceof Gallery) {
            return $gallery;
        }

        $slug = $request->route('gallery');

        if (! $slug) {
            return Gallery::first();
        }

        if ($slug instanceof Gallery) {
            return $slug;
        }

        return Gallery::where('slug', $slug)->first();
    }

    private function isExpired(?Gallery $gallery, GeneralSettings $settings): bool
    {
        $expiresAt = $gallery?->expires_at ?? $settings->gallery_expires_at;

        if ($expiresAt) {
            $expiresAt = Carbon::parse($expiresAt);

            return Carbon::now()->greaterThanOrEqualTo($expiresAt);
        }

        return false;
    }
}