admin_api/app/Http/Controllers/Game/RewardCodeController.php

<?php

namespace App\Http\Controllers\Game;

use App\Game\GlobalUserInfo;
use App\Http\Controllers\Controller;
use App\Services\RewardCodeService;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;

class RewardCodeController extends Controller
{
    /**
     * Redeem reward code (4 chars).
     */
    public function redeem(Request $request)
    {
        $code = strtoupper(trim($request->input('code', '')));

        if (strlen($code) !== 4 || !preg_match('/^[A-Z0-9]{4}$/', $code)) {
            return apiReturnFail('invalid_code');
        }

        // only allow logged-in users
        $user = $request->user();
        if (!$user) {
            return apiReturnFail('login_required');
        }
        $UserID = $user->UserID;
        $GlobalUID = $user->GlobalUID;

        $lockKey = 'reward_code_redeem_' . $UserID;
        $locked = \App\Utility\SetNXLock::getExclusiveLock($lockKey, 5);
        if (!$locked) {
            return apiReturnFail('try_again_later');
        }

        try {
            $data = RewardCodeService::redeem($code, $GlobalUID, $request->ip(), $UserID);
            return apiReturnSuc($data, '', 'success');
        } catch (\InvalidArgumentException $e) {
            $msg = $e->getMessage();
            return apiReturnFail($msg);
        } catch (\Throwable $e) {
            Log::error('Reward code redeem error: ' . $e->getMessage(), ['trace' => $e->getTraceAsString()]);
            return apiReturnFail('system_error');
        } finally {
            \App\Utility\SetNXLock::release($lockKey);
        }
    }
}