feat: implement an api endpoint to create a new license

app/Enums/LicenseSource.php

@@ -0,0 +1,10 @@
+<?php
+
+namespace App\Enums;
+
+enum LicenseSource: string
+{
+    case Stripe = 'stripe';
+    case Bifrost = 'bifrost';
+    case Manual = 'manual';
+}

app/Filament/Resources/PersonalAccessTokenResource.php

@@ -0,0 +1,111 @@
+<?php
+
+namespace App\Filament\Resources;
+
+use App\Filament\Resources\PersonalAccessTokenResource\Pages;
+use Filament\Forms;
+use Filament\Forms\Form;
+use Filament\Resources\Resource;
+use Filament\Tables;
+use Filament\Tables\Table;
+use Laravel\Sanctum\PersonalAccessToken;
+
+class PersonalAccessTokenResource extends Resource
+{
+    protected static ?string $model = PersonalAccessToken::class;
+
+    protected static ?string $navigationIcon = 'heroicon-o-key';
+
+    protected static ?string $navigationLabel = 'API Keys';
+
+    protected static ?string $modelLabel = 'API Key';
+
+    protected static ?string $pluralModelLabel = 'API Keys';
+
+    public static function form(Form $form): Form
+    {
+        return $form
+            ->schema([
+                Forms\Components\TextInput::make('name')
+                    ->required()
+                    ->maxLength(255)
+                    ->helperText('A descriptive name for this API key'),
+
+                Forms\Components\Select::make('tokenable_id')
+                    ->label('User')
+                    ->options(\App\Models\User::pluck('name', 'id'))
+                    ->required()
+                    ->searchable(),
+
+                Forms\Components\Hidden::make('tokenable_type')
+                    ->default(\App\Models\User::class),
+
+                Forms\Components\TextInput::make('abilities')
+                    ->default('*')
+                    ->helperText('Comma-separated list of abilities. Use * for all abilities.'),
+
+                Forms\Components\DateTimePicker::make('expires_at')
+                    ->label('Expires At')
+                    ->nullable()
+                    ->helperText('Leave empty for no expiration'),
+            ]);
+    }
+
+    public static function table(Table $table): Table
+    {
+        return $table
+            ->columns([
+                Tables\Columns\TextColumn::make('name')
+                    ->searchable()
+                    ->sortable(),
+
+                Tables\Columns\TextColumn::make('tokenable.name')
+                    ->label('User')
+                    ->searchable()
+                    ->sortable(),
+
+                Tables\Columns\TextColumn::make('abilities')
+                    ->formatStateUsing(fn ($state) => is_array($state) ? implode(', ', $state) : $state),
+
+                Tables\Columns\TextColumn::make('last_used_at')
+                    ->dateTime()
+                    ->sortable()
+                    ->placeholder('Never'),
+
+                Tables\Columns\TextColumn::make('expires_at')
+                    ->dateTime()
+                    ->sortable()
+                    ->placeholder('Never'),
+
+                Tables\Columns\TextColumn::make('created_at')
+                    ->dateTime()
+                    ->sortable()
+                    ->toggleable(isToggledHiddenByDefault: true),
+            ])
+            ->filters([
+                //
+            ])
+            ->actions([
+                Tables\Actions\DeleteAction::make(),
+            ])
+            ->bulkActions([
+                Tables\Actions\DeleteBulkAction::make(),
+            ])
+            ->defaultSort('created_at', 'desc');
+    }
+
+    public static function getRelations(): array
+    {
+        return [
+            //
+        ];
+    }
+
+    public static function getPages(): array
+    {
+        return [
+            'index' => Pages\ListPersonalAccessTokens::route('/'),
+            'create' => Pages\CreatePersonalAccessToken::route('/create'),
+        ];
+    }
+}

app/Filament/Resources/PersonalAccessTokenResource/Pages/CreatePersonalAccessToken.php

@@ -0,0 +1,61 @@
+<?php
+
+namespace App\Filament\Resources\PersonalAccessTokenResource\Pages;
+
+use App\Filament\Resources\PersonalAccessTokenResource;
+use App\Models\User;
+use Filament\Notifications\Notification;
+use Filament\Resources\Pages\CreateRecord;
+use Illuminate\Database\Eloquent\Model;
+
+class CreatePersonalAccessToken extends CreateRecord
+{
+    protected static string $resource = PersonalAccessTokenResource::class;
+
+    protected function handleRecordCreation(array $data): Model
+    {
+        // We need to handle token creation specially since we can't store plain text tokens
+        /** @var User $user */
+        $user = User::find($data['tokenable_id']);
+
+        // Parse abilities - handle both string and array input
+        $abilities = $data['abilities'] ?? '*';
+        if (is_string($abilities)) {
+            $abilities = $abilities === '*' ? ['*'] : explode(',', $abilities);
+            $abilities = array_map('trim', $abilities);
+        }
+
+        $token = $user->createToken(
+            name: $data['name'],
+            abilities: $abilities,
+            expiresAt: $data['expires_at'] ?? null
+        );
+
+        // Store the plain text token to show to user
+        session(['new_api_token' => $token->plainTextToken]);
+
+        // Return the token model
+        return $token->accessToken;
+    }
+
+    protected function afterCreate(): void
+    {
+        $token = session('new_api_token');
+
+        if ($token) {
+            Notification::make()
+                ->title('API Key Created Successfully')
+                ->body("Your API key: {$token}")
+                ->success()
+                ->persistent()
+                ->send();
+
+            session()->forget('new_api_token');
+        }
+    }
+
+    protected function getRedirectUrl(): string
+    {
+        return $this->getResource()::getUrl('index');
+    }
+}

app/Filament/Resources/PersonalAccessTokenResource/Pages/EditPersonalAccessToken.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Filament\Resources\PersonalAccessTokenResource\Pages;
+
+use App\Filament\Resources\PersonalAccessTokenResource;
+use Filament\Actions;
+use Filament\Resources\Pages\EditRecord;
+
+class EditPersonalAccessToken extends EditRecord
+{
+    protected static string $resource = PersonalAccessTokenResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\DeleteAction::make(),
+        ];
+    }
+}

app/Filament/Resources/PersonalAccessTokenResource/Pages/ListPersonalAccessTokens.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Filament\Resources\PersonalAccessTokenResource\Pages;
+
+use App\Filament\Resources\PersonalAccessTokenResource;
+use Filament\Actions;
+use Filament\Resources\Pages\ListRecords;
+
+class ListPersonalAccessTokens extends ListRecords
+{
+    protected static string $resource = PersonalAccessTokenResource::class;
+
+    protected function getHeaderActions(): array
+    {
+        return [
+            Actions\CreateAction::make(),
+        ];
+    }
+}

app/Http/Controllers/Api/LicenseController.php

@@ -0,0 +1,57 @@
+<?php
+
+namespace App\Http\Controllers\Api;
+
+use App\Enums\LicenseSource;
+use App\Enums\Subscription;
+use App\Http\Controllers\Controller;
+use App\Jobs\CreateAnystackLicenseJob;
+use App\Models\License;
+use App\Models\User;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Str;
+use Illuminate\Validation\Rules\Enum;
+
+class LicenseController extends Controller
+{
+    public function store(Request $request)
+    {
+        $validated = $request->validate([
+            'email' => 'required|email',
+            'name' => 'required|string|max:255',
+            'subscription' => ['required', new Enum(Subscription::class)],
+        ]);
+
+        // Find or create user
+        $user = User::firstOrCreate(
+            ['email' => $validated['email']],
+            [
+                'name' => $validated['name'],
+                'password' => Hash::make(Str::random(32)), // Random password
+            ]
+        );
+
+        // Create the license via job
+        $subscription = Subscription::from($validated['subscription']);
+
+        CreateAnystackLicenseJob::dispatchSync(
+            user: $user,
+            subscription: $subscription,
+            subscriptionItemId: null, // No subscription item for API-created licenses
+            firstName: null, // Set to null as requested
+            lastName: null,   // Set to null as requested
+            source: LicenseSource::Bifrost
+        );
+
+        // Since we're using dispatchSync, the job has completed by this point
+        // Find the created license
+        $license = License::where('user_id', $user->id)
+            ->where('policy_name', $subscription->value)
+            ->where('source', LicenseSource::Bifrost)
+            ->latest()
+            ->firstOrFail();
+
+        return response()->json($license);
+    }
+}

app/Jobs/CreateAnystackLicenseJob.php

@@ -2,6 +2,7 @@
 
 namespace App\Jobs;
 
+use App\Enums\LicenseSource;
 use App\Enums\Subscription;
 use App\Models\License;
 use App\Models\User;
@@ -24,6 +25,7 @@ public function __construct(
         public ?int $subscriptionItemId = null,
         public ?string $firstName = null,
         public ?string $lastName = null,
+        public LicenseSource $source = LicenseSource::Stripe,
     ) {}
 
     public function handle(): void
@@ -42,6 +44,7 @@ public function handle(): void
             'user_id' => $this->user->id,
             'subscription_item_id' => $this->subscriptionItemId,
             'policy_name' => $this->subscription->value,
+            'source' => $this->source,
             'key' => $licenseData['key'],
             'expires_at' => $licenseData['expires_at'],
             'created_at' => $licenseData['created_at'],

app/Models/License.php

@@ -2,6 +2,7 @@
 
 namespace App\Models;
 
+use App\Enums\LicenseSource;
 use App\Enums\Subscription;
 use Illuminate\Database\Eloquent\Builder;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
@@ -18,6 +19,7 @@ class License extends Model
     protected $casts = [
         'expires_at' => 'datetime',
         'is_suspended' => 'boolean',
+        'source' => LicenseSource::class,
     ];
 
     /**

composer.json

@@ -16,7 +16,7 @@
         "guzzlehttp/guzzle": "^7.2",
         "laravel/cashier": "^15.6",
         "laravel/framework": "^10.10",
-        "laravel/sanctum": "^3.2",
+        "laravel/sanctum": "^3.3",
         "laravel/tinker": "^2.8",
         "league/commonmark": "^2.4",
         "livewire/livewire": "^3.6.4",