- Modernized authentication with the introduction of TenantProject

- Created a base mail template
- Adapt and improve document API to usage of catalogs and processors
- Adapt eveai_sync to new authentication mechanism and usage of catalogs and processors

integrations/Wordpress/eveai-chat-widget/includes/class-eveai-api.php

@@ -0,0 +1,164 @@
+<?php
+class EveAI_Chat_API {
+    private $security;
+    private $eveai_api_url;
+
+    public function __construct() {
+        $this->security = new EveAI_Chat_Security();
+        $this->eveai_api_url = 'https://api.eveai.com'; // Should come from settings
+    }
+
+    public function register_routes() {
+        register_rest_route('eveai/v1', '/session-token', array(
+            'methods' => 'POST',
+            'callback' => array($this, 'get_session_token'),
+            'permission_callback' => array($this, 'verify_request'),
+            'args' => array(
+                'tenant_id' => array(
+                    'required' => true,
+                    'validate_callback' => function($param) {
+                        return is_numeric($param);
+                    }
+                ),
+                'domain' => array(
+                    'required' => true,
+                    'validate_callback' => function($param) {
+                        return is_string($param) && !empty($param);
+                    }
+                )
+            )
+        ));
+    }
+
+    public function verify_request($request) {
+        // Origin verification
+        $origin = $request->get_header('origin');
+        if (!$this->security->verify_origin($origin)) {
+            return new WP_Error(
+                'invalid_origin',
+                'Invalid request origin',
+                array('status' => 403)
+            );
+        }
+
+        // Nonce verification
+        $nonce = $request->get_header('X-WP-Nonce');
+        if (!wp_verify_nonce($nonce, 'wp_rest')) {
+            return new WP_Error(
+                'invalid_nonce',
+                'Invalid nonce',
+                array('status' => 403)
+            );
+        }
+
+        return true;
+    }
+
+    public function get_session_token($request) {
+        try {
+            // Get the API key from WordPress options and decrypt it
+            $settings = get_option('eveai_chat_settings');
+            $encrypted_api_key = $settings['api_key'] ?? '';
+
+            if (empty($encrypted_api_key)) {
+                return new WP_Error(
+                    'no_api_key',
+                    'API key not configured',
+                    array('status' => 500)
+                );
+            }
+
+            $api_key = $this->security->decrypt_sensitive_data($encrypted_api_key);
+
+            // Get parameters from request
+            $tenant_id = $request->get_param('tenant_id');
+            $domain = $request->get_param('domain');
+
+            // Request a session token from EveAI server
+            $response = wp_remote_post(
+                $this->eveai_api_url . '/session',
+                array(
+                    'headers' => array(
+                        'Authorization' => 'Bearer ' . $api_key,
+                        'Content-Type' => 'application/json'
+                    ),
+                    'body' => json_encode(array(
+                        'tenant_id' => $tenant_id,
+                        'domain' => $domain,
+                        'origin' => get_site_url()
+                    )),
+                    'timeout' => 15,
+                    'data_format' => 'body'
+                )
+            );
+
+            if (is_wp_error($response)) {
+                throw new Exception($response->get_error_message());
+            }
+
+            $response_code = wp_remote_retrieve_response_code($response);
+            if ($response_code !== 200) {
+                throw new Exception('Invalid response from EveAI server: ' . $response_code);
+            }
+
+            $body = json_decode(wp_remote_retrieve_body($response), true);
+
+            if (empty($body['token'])) {
+                throw new Exception('No token received from EveAI server');
+            }
+
+            // Log the token generation (optional, for debugging)
+            error_log(sprintf(
+                'Generated session token for tenant %d from domain %s',
+                $tenant_id,
+                $domain
+            ));
+
+            return array(
+                'success' => true,
+                'session_token' => $body['token']
+            );
+
+        } catch (Exception $e) {
+            error_log('EveAI session token generation failed: ' . $e->getMessage());
+
+            return new WP_Error(
+                'token_generation_failed',
+                'Failed to generate session token: ' . $e->getMessage(),
+                array('status' => 500)
+            );
+        }
+    }
+
+    /**
+     * Validates the session token with EveAI server
+     * Can be used for additional security checks
+     */
+    public function validate_session_token($token) {
+        try {
+            $response = wp_remote_post(
+                $this->eveai_api_url . '/validate-token',
+                array(
+                    'headers' => array(
+                        'Content-Type' => 'application/json'
+                    ),
+                    'body' => json_encode(array(
+                        'token' => $token
+                    )),
+                    'timeout' => 15
+                )
+            );
+
+            if (is_wp_error($response)) {
+                return false;
+            }
+
+            $body = json_decode(wp_remote_retrieve_body($response), true);
+            return isset($body['valid']) && $body['valid'] === true;
+
+        } catch (Exception $e) {
+            error_log('Token validation failed: ' . $e->getMessage());
+            return false;
+        }
+    }
+}