Add PdfController with getPdf method for PDF retrieval and authorization handling

app/Http/Controllers/PdfController.php

@@ -0,0 +1,94 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Response;
+use Illuminate\Support\Facades\Storage;
+
+class PdfController extends Controller
+{
+    /**
+     * Display a listing of the resource.
+     */
+    public function index()
+    {
+        //
+    }
+
+    /**
+     * Store a newly created resource in storage.
+     */
+    public function getPdf(Request $request)
+    {
+         // Validate input
+        // $request->validate([
+        //     'filename' => 'required|string',
+        // ]);
+        $expectedUser = env('API_AUTH_USER');
+        $expectedPw   = env('API_AUTH_PW');
+        $header_auth  = $request->header('Authorization');
+        $expectedToken = $expectedUser . ':' . $expectedPw;
+
+        if ("Bearer " . $expectedToken != $header_auth)
+        {
+            return response()->json([
+                'status_code' => 'ERROR',
+                'status_description' => 'Invalid authorization token!'
+            ], 403);
+        }
+
+        $filename  = $request->header('process-order');
+
+        if (!$filename)
+        {
+            return response()->json(['error' => 'Missing file-name header'], 400);
+        }
+
+        $filename = basename($filename);
+
+        // Ensure the file has .pdf extension
+        if (!str_ends_with(strtolower($filename), '.pdf')) {
+            $filename .= '.pdf';
+        }
+
+        $filePath = "uploads/temp/" . $filename;
+
+        if (!Storage::disk('local')->exists($filePath)) {
+            return response()->json(['error' => 'File not found'], 404);
+        }
+
+        $file = Storage::disk('local')->get($filePath);
+        $mimeType = Storage::disk('local')->mimeType($filePath);
+
+        return Response::make($file, 200, [
+            'Content-Type' => $mimeType,
+            'Content-Disposition' => 'inline; filename="' . $filename . '"',
+        ]);
+
+    }
+
+    /**
+     * Display the specified resource.
+     */
+    public function show(string $id)
+    {
+        //
+    }
+
+    /**
+     * Update the specified resource in storage.
+     */
+    public function update(Request $request, string $id)
+    {
+        //
+    }
+
+    /**
+     * Remove the specified resource from storage.
+     */
+    public function destroy(string $id)
+    {
+        //
+    }
+}