validate([ // 'filename' => 'required|string', // ]); $expectedUser = env('API_AUTH_USER'); $expectedPw = env('API_AUTH_PW'); $header_auth = $request->header('Authorization'); $expectedToken = $expectedUser . ':' . $expectedPw; if ("Bearer " . $expectedToken != $header_auth) { return response()->json([ 'status_code' => 'ERROR', 'status_description' => 'Invalid authorization token!' ], 403); } $filename = $request->header('process-order'); if (!$filename) { return response()->json(['error' => 'Missing file-name header'], 400); } $filename = basename($filename); // Ensure the file has .pdf extension if (!str_ends_with(strtolower($filename), '.pdf')) { $filename .= '.pdf'; } $filePath = "uploads/temp/" . $filename; if (!Storage::disk('local')->exists($filePath)) { return response()->json(['error' => 'File not found'], 404); } $file = Storage::disk('local')->get($filePath); $mimeType = Storage::disk('local')->mimeType($filePath); return Response::make($file, 200, [ 'Content-Type' => $mimeType, 'Content-Disposition' => 'inline; filename="' . $filename . '"', ]); } /** * Display the specified resource. */ public function show(string $id) { // } /** * Update the specified resource in storage. */ public function update(Request $request, string $id) { // } /** * Remove the specified resource from storage. */ public function destroy(string $id) { // } }