Initialize repo and add session changes (2025-09-08)
This commit is contained in:
Auto Commit
60
routes/auth.php
Normal file
60
routes/auth.php
Normal file
@@ -0,0 +1,60 @@
|
||||
<?php
|
||||
|
||||
use App\Http\Controllers\Auth\AuthenticatedSessionController;
|
||||
use App\Http\Controllers\Auth\ConfirmablePasswordController;
|
||||
use App\Http\Controllers\Auth\EmailVerificationNotificationController;
|
||||
use App\Http\Controllers\Auth\EmailVerificationPromptController;
|
||||
use App\Http\Controllers\Auth\NewPasswordController;
|
||||
use App\Http\Controllers\Auth\PasswordResetLinkController;
|
||||
use App\Http\Controllers\Auth\RegisteredUserController;
|
||||
use App\Http\Controllers\Auth\VerifyEmailController;
|
||||
use Illuminate\Support\Facades\Route;
|
||||
|
||||
Route::middleware('guest')->group(function () {
|
||||
Route::get('register', [RegisteredUserController::class, 'create'])
|
||||
->name('register');
|
||||
|
||||
Route::post('register', [RegisteredUserController::class, 'store'])
|
||||
->name('register.store');
|
||||
|
||||
Route::get('login', [AuthenticatedSessionController::class, 'create'])
|
||||
->name('login');
|
||||
|
||||
Route::post('login', [AuthenticatedSessionController::class, 'store'])
|
||||
->name('login.store');
|
||||
|
||||
Route::get('forgot-password', [PasswordResetLinkController::class, 'create'])
|
||||
->name('password.request');
|
||||
|
||||
Route::post('forgot-password', [PasswordResetLinkController::class, 'store'])
|
||||
->name('password.email');
|
||||
|
||||
Route::get('reset-password/{token}', [NewPasswordController::class, 'create'])
|
||||
->name('password.reset');
|
||||
|
||||
Route::post('reset-password', [NewPasswordController::class, 'store'])
|
||||
->name('password.store');
|
||||
});
|
||||
|
||||
Route::middleware('auth')->group(function () {
|
||||
Route::get('verify-email', EmailVerificationPromptController::class)
|
||||
->name('verification.notice');
|
||||
|
||||
Route::get('verify-email/{id}/{hash}', VerifyEmailController::class)
|
||||
->middleware(['signed', 'throttle:6,1'])
|
||||
->name('verification.verify');
|
||||
|
||||
Route::post('email/verification-notification', [EmailVerificationNotificationController::class, 'store'])
|
||||
->middleware('throttle:6,1')
|
||||
->name('verification.send');
|
||||
|
||||
Route::get('confirm-password', [ConfirmablePasswordController::class, 'show'])
|
||||
->name('password.confirm');
|
||||
|
||||
Route::post('confirm-password', [ConfirmablePasswordController::class, 'store'])
|
||||
->middleware('throttle:6,1')
|
||||
->name('password.confirm.store');
|
||||
|
||||
Route::post('logout', [AuthenticatedSessionController::class, 'destroy'])
|
||||
->name('logout');
|
||||
});
|
||||
8
routes/console.php
Normal file
8
routes/console.php
Normal file
@@ -0,0 +1,8 @@
|
||||
<?php
|
||||
|
||||
use Illuminate\Foundation\Inspiring;
|
||||
use Illuminate\Support\Facades\Artisan;
|
||||
|
||||
Artisan::command('inspire', function () {
|
||||
$this->comment(Inspiring::quote());
|
||||
})->purpose('Display an inspiring quote');
|
||||
24
routes/settings.php
Normal file
24
routes/settings.php
Normal file
@@ -0,0 +1,24 @@
|
||||
<?php
|
||||
|
||||
use App\Http\Controllers\Settings\PasswordController;
|
||||
use App\Http\Controllers\Settings\ProfileController;
|
||||
use Illuminate\Support\Facades\Route;
|
||||
use Inertia\Inertia;
|
||||
|
||||
Route::middleware('auth')->group(function () {
|
||||
Route::redirect('settings', '/settings/profile');
|
||||
|
||||
Route::get('settings/profile', [ProfileController::class, 'edit'])->name('profile.edit');
|
||||
Route::patch('settings/profile', [ProfileController::class, 'update'])->name('profile.update');
|
||||
Route::delete('settings/profile', [ProfileController::class, 'destroy'])->name('profile.destroy');
|
||||
|
||||
Route::get('settings/password', [PasswordController::class, 'edit'])->name('password.edit');
|
||||
|
||||
Route::put('settings/password', [PasswordController::class, 'update'])
|
||||
->middleware('throttle:6,1')
|
||||
->name('password.update');
|
||||
|
||||
Route::get('settings/appearance', function () {
|
||||
return Inertia::render('settings/appearance');
|
||||
})->name('appearance');
|
||||
});
|
||||
82
routes/web.php
Normal file
82
routes/web.php
Normal file
@@ -0,0 +1,82 @@
|
||||
<?php
|
||||
|
||||
use Illuminate\Support\Facades\Route;
|
||||
use Inertia\Inertia;
|
||||
|
||||
Route::get('/', function () {
|
||||
return Inertia::render('welcome');
|
||||
})->name('home');
|
||||
|
||||
Route::middleware(['auth', 'verified'])->group(function () {
|
||||
Route::get('dashboard', function () {
|
||||
return Inertia::render('dashboard');
|
||||
})->name('dashboard');
|
||||
});
|
||||
|
||||
require __DIR__.'/settings.php';
|
||||
require __DIR__.'/auth.php';
|
||||
|
||||
// Guest PWA shell (served for event and /pwa paths; React handles routing)
|
||||
Route::view('/e/{any?}', 'guest')->where('any', '.*');
|
||||
Route::view('/pwa/{any?}', 'guest')->where('any', '.*');
|
||||
|
||||
// Minimal public API for Guest PWA (stateless; no CSRF)
|
||||
Route::prefix('api/v1')->withoutMiddleware([\App\Http\Middleware\VerifyCsrfToken::class])->group(function () {
|
||||
Route::get('/events/{slug}/stats', [\App\Http\Controllers\Api\EventPublicController::class, 'stats'])->middleware('throttle:60,1');
|
||||
Route::get('/events/{slug}/photos', [\App\Http\Controllers\Api\EventPublicController::class, 'photos'])->middleware('throttle:60,1');
|
||||
Route::get('/events/{slug}', [\App\Http\Controllers\Api\EventPublicController::class, 'event'])->middleware('throttle:60,1');
|
||||
Route::get('/photos/{id}', [\App\Http\Controllers\Api\EventPublicController::class, 'photo'])->whereNumber('id')->middleware('throttle:120,1');
|
||||
Route::post('/photos/{id}/like', [\App\Http\Controllers\Api\EventPublicController::class, 'like'])->whereNumber('id')->middleware('throttle:60,1');
|
||||
Route::post('/events/{slug}/photos', [\App\Http\Controllers\Api\EventPublicController::class, 'upload'])->middleware('throttle:30,1');
|
||||
});
|
||||
|
||||
// CSV templates for Super Admin imports
|
||||
Route::get('/super-admin/templates/emotions.csv', function () {
|
||||
$headers = [
|
||||
'Content-Type' => 'text/csv',
|
||||
'Content-Disposition' => 'attachment; filename="emotions_template.csv"',
|
||||
];
|
||||
$callback = function () {
|
||||
$out = fopen('php://output', 'w');
|
||||
fputcsv($out, ['name_de','name_en','icon','color','description_de','description_en','sort_order','is_active','event_types']);
|
||||
fputcsv($out, ['Fröhlich','Happy','😀','#FFD700','Fröhlicher Moment','Happy moment','0','1','wedding|corporate']);
|
||||
fclose($out);
|
||||
};
|
||||
return response()->stream($callback, 200, $headers);
|
||||
});
|
||||
|
||||
// Tenant Admin API (temporary token-based, no hardening)
|
||||
Route::prefix('api/v1/tenant')->group(function () {
|
||||
Route::post('/login', [\App\Http\Controllers\Api\TenantController::class, 'login']);
|
||||
Route::middleware([\App\Http\Middleware\ApiTokenAuth::class])->group(function () {
|
||||
Route::get('/me', [\App\Http\Controllers\Api\TenantController::class, 'me']);
|
||||
Route::get('/events', [\App\Http\Controllers\Api\TenantController::class, 'events']);
|
||||
Route::get('/events/{id}', [\App\Http\Controllers\Api\TenantController::class, 'showEvent']);
|
||||
Route::post('/events', [\App\Http\Controllers\Api\TenantController::class, 'storeEvent']);
|
||||
Route::put('/events/{id}', [\App\Http\Controllers\Api\TenantController::class, 'updateEvent']);
|
||||
Route::post('/events/{id}/toggle', [\App\Http\Controllers\Api\TenantController::class, 'toggleEvent']);
|
||||
Route::get('/events/{id}/photos', [\App\Http\Controllers\Api\TenantController::class, 'eventPhotos']);
|
||||
Route::get('/events/{id}/stats', [\App\Http\Controllers\Api\TenantController::class, 'eventStats']);
|
||||
Route::post('/events/{id}/invites', [\App\Http\Controllers\Api\TenantController::class, 'createInvite']);
|
||||
Route::post('/photos/{id}/feature', [\App\Http\Controllers\Api\TenantController::class, 'featurePhoto']);
|
||||
Route::post('/photos/{id}/unfeature', [\App\Http\Controllers\Api\TenantController::class, 'unfeaturePhoto']);
|
||||
Route::delete('/photos/{id}', [\App\Http\Controllers\Api\TenantController::class, 'deletePhoto']);
|
||||
});
|
||||
});
|
||||
|
||||
// Tenant Admin PWA shell
|
||||
Route::view('/admin/{any?}', 'admin')->where('any', '.*');
|
||||
Route::get('/admin/qr', [\App\Http\Controllers\Admin\QrController::class, 'png']);
|
||||
Route::get('/super-admin/templates/tasks.csv', function () {
|
||||
$headers = [
|
||||
'Content-Type' => 'text/csv',
|
||||
'Content-Disposition' => 'attachment; filename="tasks_template.csv"',
|
||||
];
|
||||
$callback = function () {
|
||||
$out = fopen('php://output', 'w');
|
||||
fputcsv($out, ['emotion_name','emotion_name_de','emotion_name_en','event_type_slug','title_de','title_en','description_de','description_en','difficulty','example_text_de','example_text_en','sort_order','is_active']);
|
||||
fputcsv($out, ['Happy','','','wedding','Gruppenfoto','Group photo','Sammelt euch für ein Foto.','Get together for a photo.','easy','Zeigt eure besten Lächeln.','Show your best smiles.','0','1']);
|
||||
fclose($out);
|
||||
};
|
||||
return response()->stream($callback, 200, $headers);
|
||||
});
|
||||
Reference in New Issue
Block a user