Add getGRPdf method to PdfController for retrieving GR PDFs with authorization

app/Http/Controllers/PdfController.php

@@ -68,6 +68,55 @@ class PdfController extends Controller
 
     }
 
+    public function getGRPdf(Request $request)
+    {
+         // Validate input
+        // $request->validate([
+        //     'filename' => 'required|string',
+        // ]);
+        $expectedUser = env('API_AUTH_USER');
+        $expectedPw   = env('API_AUTH_PW');
+        $header_auth  = $request->header('Authorization');
+        $expectedToken = $expectedUser . ':' . $expectedPw;
+
+        if ("Bearer " . $expectedToken != $header_auth)
+        {
+            return response()->json([
+                'status_code' => 'ERROR',
+                'status_description' => 'Invalid authorization token!'
+            ], 403);
+        }
+
+        $filename  = $request->header('gr-number');
+
+        if (!$filename)
+        {
+            return response()->json(['error' => 'Missing file-name header'], 400);
+        }
+
+        $filename = basename($filename);
+
+        // Ensure the file has .pdf extension
+        if (!str_ends_with(strtolower($filename), '.pdf')) {
+            $filename .= '.pdf';
+        }
+
+        $filePath = "uploads/GRNumber/" . $filename;
+
+        if (!Storage::disk('local')->exists($filePath)) {
+            return response()->json(['error' => 'File not found'], 404);
+        }
+
+        $file = Storage::disk('local')->get($filePath);
+        $mimeType = Storage::disk('local')->mimeType($filePath);
+
+        return Response::make($file, 200, [
+            'Content-Type' => $mimeType,
+            'Content-Disposition' => 'inline; filename="' . $filename . '"',
+        ]);
+
+    }
+
     /**
      * Display the specified resource.
      */