# API CartRecover AI

## Autenticazione connettori

Le richieste evento devono includere:

```http
X-CartRecover-Shop: cr_xxx
X-CartRecover-Timestamp: 1780912800
X-CartRecover-Signature: hmac_sha256
```

La firma e':

```php
hash_hmac('sha256', $timestamp.$rawBody, $webhookSecret)
```

La richiesta viene rifiutata se:

- shop non trovato o non attivo
- timestamp piu' vecchio di 5 minuti
- firma non valida
- payload non valido

## Endpoint

```http
POST /api/connectors/register
POST /api/events/cart-updated
POST /api/events/checkout-started
POST /api/events/customer-updated
POST /api/events/order-created
POST /api/events/order-paid
POST /api/events/order-failed
GET  /api/recover/{token}
POST /api/whatsapp/webhook
GET  /api/dashboard/stats
GET  /api/carts
GET  /api/messages
GET  /api/conversions
```

## Payload carrello

```json
{
  "event": "checkout_started",
  "platform": "woocommerce",
  "shop_domain": "https://example.com",
  "cart": {
    "platform_cart_id": "abc123",
    "platform_checkout_id": null,
    "token": "unique-token",
    "total": 129.9,
    "currency": "EUR",
    "recovery_url": "https://example.com/?cartrecover_token=unique-token",
    "last_activity_at": "2026-06-08T10:00:00+02:00"
  },
  "customer": {
    "platform_customer_id": "123",
    "first_name": "Mario",
    "last_name": "Rossi",
    "email": "mario@example.com",
    "phone": "+393331234567",
    "whatsapp_optin": true,
    "marketing_optin": true,
    "language": "it"
  },
  "items": [
    {
      "platform_product_id": "456",
      "platform_variant_id": null,
      "name": "T-shirt nera",
      "sku": "TSHIRT-BLK",
      "quantity": 1,
      "price": 29.9,
      "image_url": "https://example.com/image.jpg",
      "product_url": "https://example.com/product/t-shirt"
    }
  ]
}
```