From 0710c3a7a184405abe27e4a9795d195074824ba5 Mon Sep 17 00:00:00 2001
From: dhanabalan <dhana@example.com>
Date: Fri, 26 Sep 2025 10:35:22 +0530
Subject: [PATCH] Add authorization check to readFiles method in
 SapFileController

---
 app/Http/Controllers/SapFileController.php | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/app/Http/Controllers/SapFileController.php b/app/Http/Controllers/SapFileController.php
index 8beb7ab..4fdc481 100644
--- a/app/Http/Controllers/SapFileController.php
+++ b/app/Http/Controllers/SapFileController.php
@@ -27,8 +27,20 @@ class SapFileController extends Controller
 
     }
 
-    public function readFiles()
+    public function readFiles(Request $request)
     {
+        $expectedUser = env('API_AUTH_USER');
+        $expectedPw   = env('API_AUTH_PW');
+        $header_auth  = $request->header('Authorization');
+        $expectedToken = $expectedUser . ':' . $expectedPw;
+
+        if ("Bearer " . $expectedToken != $header_auth)
+        {
+            return response()->json([
+                'status_code' => 'ERROR',
+                'status_description' => 'Invalid authorization token!'
+            ], 403);
+        }
 
         $path = "/LaserPRD";