first commit

lib/services/vanguard_api.dart

@@ -0,0 +1,126 @@
+import 'dart:convert';
+import 'package:http/http.dart' as http;
+import '../config/api_config.dart';
+
+class VanguardApi {
+  static Map<String, String> authHeaders(String token) => {
+    'Accept': 'application/json',
+    'Content-Type': 'application/json',
+    'Authorization': 'Bearer $token',
+  };
+
+  static Future<String> login({
+    required String username,
+    required String password,
+  }) async {
+    final url = Uri.parse('${ApiConfig.laravelApiBase}/login');
+
+    final res = await http.post(
+      url,
+      headers: const {
+        'Accept': 'application/json',
+        'Content-Type': 'application/json',
+      },
+      body: jsonEncode({
+        'username': username,
+        'password': password,
+        'device_name': ApiConfig.deviceName,
+      }),
+    );
+
+    if (res.statusCode != 200) {
+      throw Exception('Login failed (${res.statusCode}): ${res.body}');
+    }
+
+    final data = jsonDecode(res.body) as Map<String, dynamic>;
+    final token = data['token'];
+    if (token == null || token.toString().isEmpty) {
+      throw Exception('Missing token in login response.');
+    }
+    return token.toString();
+  }
+
+  static Future<void> requestPasswordResetEmail({required String email}) async {
+    final url = Uri.parse('${ApiConfig.laravelApiBase}/password/remind');
+
+    final res = await http.post(
+      url,
+      headers: const {
+        'Accept': 'application/json',
+        'Content-Type': 'application/json',
+      },
+      body: jsonEncode({'email': email}),
+    );
+
+    if (res.statusCode != 200) {
+      throw Exception(
+        'Password remind failed (${res.statusCode}): ${res.body}',
+      );
+    }
+  }
+
+  // ---------- Your custom APIs ----------
+
+  static Future<Map<String, dynamic>> getUserSchools({
+    required String token,
+  }) async {
+    final url = Uri.parse('${ApiConfig.phpApiBase}/api_user_schools.php');
+
+    final res = await http.get(
+      url,
+      headers: {'Accept': 'application/json', 'Authorization': 'Bearer $token'},
+    );
+
+    if (res.statusCode != 200) {
+      throw Exception('User schools failed (${res.statusCode}): ${res.body}');
+    }
+
+    final data = jsonDecode(res.body) as Map<String, dynamic>;
+    if (data['success'] != true) {
+      throw Exception(data['message'] ?? 'Unknown error (user schools).');
+    }
+    return data;
+  }
+
+  static Future<Map<String, dynamic>> getMyLessons({
+    required String token,
+    required int schoolId,
+    required String month, // YYYY-MM
+  }) async {
+    final url = Uri.parse(
+      '${ApiConfig.phpApiBase}/api_my_lessons.php',
+    ).replace(queryParameters: {'school_id': '$schoolId', 'month': month});
+
+    final res = await http.get(
+      url,
+      headers: {'Accept': 'application/json', 'Authorization': 'Bearer $token'},
+    );
+
+    if (res.statusCode != 200) {
+      throw Exception('My lessons failed (${res.statusCode}): ${res.body}');
+    }
+
+    final data = jsonDecode(res.body) as Map<String, dynamic>;
+    if (data['success'] != true) {
+      throw Exception(data['message'] ?? 'Unknown error (my lessons).');
+    }
+    return data;
+  }
+
+  static Future<void> logout({required String token}) async {
+    // Vanguard / Laravel: quasi sempre POST /logout con Bearer token (Sanctum)
+    final url = Uri.parse('${ApiConfig.laravelApiBase}/logout');
+
+    final res = await http.post(url, headers: authHeaders(token));
+
+    // 200 o 204 ok. Alcuni backend rispondono 401 se token già scaduto:
+    // in app lo consideriamo comunque "logout riuscito".
+    if (res.statusCode == 200 ||
+        res.statusCode == 204 ||
+        res.statusCode == 401) {
+      return;
+    }
+
+    throw Exception('Logout failed (${res.statusCode}): ${res.body}');
+  }
+}