fotospiel-app/app/Http/Controllers/PayPalWebhookController.php

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use App\Models\EventPurchase;
use App\Models\Tenant;

class PayPalWebhookController extends Controller
{
    public function handle(Request $request)
    {
        $input = $request->all();
        $ipnMessage = $input['ipn_track_id'] ?? null;
        $payerEmail = $input['payer_email'] ?? null;
        $paymentStatus = $input['payment_status'] ?? null;
        $mcGross = $input['mc_gross'] ?? 0;
        $custom = $input['custom'] ?? null;

        if ($paymentStatus === 'Completed' && $mcGross > 0) {
            // Verify IPN with PayPal (simplified; use SDK for full verification)
            // $verified = $this->verifyIPN($input);

            // Parse custom for user_id or tenant_id
            $data = json_decode($custom, true);
            $userId = $data['user_id'] ?? null;
            $tenantId = $data['tenant_id'] ?? null;
            $packageId = $data['package_id'] ?? null;

            if ($userId && !$tenantId) {
                $tenant = \App\Models\Tenant::where('user_id', $userId)->first();
                if ($tenant) {
                    $tenantId = $tenant->id;
                } else {
                    Log::error('Tenant not found for user_id in PayPal IPN: ' . $userId);
                    return response('OK', 200);
                }
            }

            if (!$tenantId || !$packageId) {
                Log::error('Missing tenant or package in PayPal IPN custom data');
                return response('OK', 200);
            }

            // Create PackagePurchase
            \App\Models\PackagePurchase::create([
                'tenant_id' => $tenantId,
                'package_id' => $packageId,
                'provider_id' => $ipnMessage,
                'price' => $mcGross,
                'type' => $data['type'] ?? 'reseller_subscription',
                'purchased_at' => now(),
                'refunded' => false,
            ]);

            // Update TenantPackage if subscription
            if ($data['type'] ?? '' === 'reseller_subscription') {
                \App\Models\TenantPackage::updateOrCreate(
                    [
                        'tenant_id' => $tenantId,
                        'package_id' => $packageId,
                    ],
                    [
                        'active' => true,
                        'purchased_at' => now(),
                        'expires_at' => now()->addYear(),
                    ]
                );
            }

            Log::info('PayPal IPN processed for tenant ' . $tenantId . ', package ' . $packageId, $input);
        }

        return response('OK', 200);
    }

    private function verifyIPN($input)
    {
        // Use PayPal SDK to verify
        // Return true/false
        return true; // Placeholder
    }
}