soeren/fotospiel-app
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
02363792c873c8717728a1b63a815efe224bc458
fotospiel-app/routes/api.php
Codex Agent 02363792c8
Some checks failed
linter / quality (push) Has been cancelled
Details
tests / ci (push) Has been cancelled
Details
tests / ui (push) Has been cancelled
Details
feat: poll checkout status and show failures
2026-01-12 13:31:30 +01:00

392 lines
24 KiB
PHP
Raw Blame History

<?php
use App\Http\Controllers\Api\EventPublicController;
use App\Http\Controllers\Api\HelpController;
use App\Http\Controllers\Api\LegalController;
use App\Http\Controllers\Api\LiveShowController;
use App\Http\Controllers\Api\Marketing\CouponPreviewController;
use App\Http\Controllers\Api\PackageController;
use App\Http\Controllers\Api\SparkboothUploadController;
use App\Http\Controllers\Api\Tenant\AdminPushSubscriptionController;
use App\Http\Controllers\Api\Tenant\DashboardController;
use App\Http\Controllers\Api\Tenant\DataExportController;
use App\Http\Controllers\Api\Tenant\EmotionController;
use App\Http\Controllers\Api\Tenant\EventAddonCatalogController;
use App\Http\Controllers\Api\Tenant\EventAddonController;
use App\Http\Controllers\Api\Tenant\EventController;
use App\Http\Controllers\Api\Tenant\EventGuestNotificationController;
use App\Http\Controllers\Api\Tenant\EventJoinTokenController;
use App\Http\Controllers\Api\Tenant\EventJoinTokenLayoutController;
use App\Http\Controllers\Api\Tenant\EventMemberController;
use App\Http\Controllers\Api\Tenant\EventTypeController;
use App\Http\Controllers\Api\Tenant\FontController;
use App\Http\Controllers\Api\Tenant\LiveShowLinkController;
use App\Http\Controllers\Api\Tenant\LiveShowPhotoController;
use App\Http\Controllers\Api\Tenant\NotificationLogController;
use App\Http\Controllers\Api\Tenant\OnboardingController;
use App\Http\Controllers\Api\Tenant\PhotoboothController;
use App\Http\Controllers\Api\Tenant\PhotoController;
use App\Http\Controllers\Api\Tenant\ProfileController;
use App\Http\Controllers\Api\Tenant\SettingsController;
use App\Http\Controllers\Api\Tenant\TaskCollectionController;
use App\Http\Controllers\Api\Tenant\TaskController;
use App\Http\Controllers\Api\Tenant\TenantAdminTokenController;
use App\Http\Controllers\Api\Tenant\TenantAnnouncementController;
use App\Http\Controllers\Api\Tenant\TenantFeedbackController;
use App\Http\Controllers\Api\TenantAuth\TenantAdminPasswordResetController;
use App\Http\Controllers\Api\TenantBillingController;
use App\Http\Controllers\Api\TenantPackageController;
use App\Http\Controllers\RevenueCatWebhookController;
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
use Illuminate\Cookie\Middleware\EncryptCookies;
use Illuminate\Session\Middleware\StartSession;
use Illuminate\Support\Facades\Route;
Route::prefix('v1')->name('api.v1.')->group(function () {
Route::prefix('marketing')->name('marketing.')->group(function () {
Route::post('/coupons/preview', CouponPreviewController::class)
->middleware([EncryptCookies::class, AddQueuedCookiesToResponse::class, StartSession::class, 'throttle:coupon-preview'])
->name('coupons.preview');
Route::post('/gift-vouchers/checkout', [\App\Http\Controllers\Api\Marketing\GiftVoucherCheckoutController::class, 'store'])
->middleware('throttle:60,1')
->name('gift-vouchers.checkout');
Route::get('/gift-vouchers/tiers', [\App\Http\Controllers\Api\Marketing\GiftVoucherCheckoutController::class, 'tiers'])
->middleware('throttle:60,1')
->name('gift-vouchers.tiers');
Route::get('/gift-vouchers/lookup', [\App\Http\Controllers\Api\Marketing\GiftVoucherCheckoutController::class, 'show'])
->middleware('throttle:gift-lookup')
->name('gift-vouchers.lookup');
Route::post('/gift-vouchers/resend', \App\Http\Controllers\Api\Marketing\GiftVoucherResendController::class)
->middleware('throttle:gift-resend')
->name('gift-vouchers.resend');
});
Route::post('/webhooks/revenuecat', [RevenueCatWebhookController::class, 'handle'])
->middleware('throttle:60,1')
->name('webhooks.revenuecat');
Route::prefix('tenant-auth')->name('tenant-auth.')->group(function () {
Route::post('/login', [TenantAdminTokenController::class, 'store'])
->middleware('throttle:tenant-auth')
->name('login');
Route::post('/forgot-password', [TenantAdminPasswordResetController::class, 'requestLink'])
->middleware('throttle:tenant-auth')
->name('forgot-password');
Route::post('/reset-password', [TenantAdminPasswordResetController::class, 'reset'])
->middleware('throttle:tenant-auth')
->name('reset-password');
Route::middleware([EncryptCookies::class, AddQueuedCookiesToResponse::class, StartSession::class])->group(function () {
Route::post('/exchange', [TenantAdminTokenController::class, 'exchange'])
->middleware('throttle:tenant-auth')
->name('exchange');
});
Route::middleware(['auth:sanctum', 'tenant.admin'])->group(function () {
Route::post('/logout', [TenantAdminTokenController::class, 'destroy'])->name('logout');
Route::get('/me', [TenantAdminTokenController::class, 'me'])->name('me');
});
});
Route::middleware('throttle:guest-api')->group(function () {
Route::get('/help', [HelpController::class, 'index'])->name('help.index');
Route::get('/help/{slug}', [HelpController::class, 'show'])->name('help.show');
Route::get('/legal/{slug}', [LegalController::class, 'show'])->name('legal.show');
Route::prefix('live-show')->name('live-show.')->group(function () {
Route::get('{token}', [LiveShowController::class, 'state'])->name('state');
Route::get('{token}/updates', [LiveShowController::class, 'updates'])->name('updates');
Route::get('{token}/stream', [LiveShowController::class, 'stream'])->name('stream');
});
Route::get('/events/{token}', [EventPublicController::class, 'event'])->name('events.show');
Route::get('/events/{token}/stats', [EventPublicController::class, 'stats'])->name('events.stats');
Route::get('/events/{token}/package', [EventPublicController::class, 'package'])->name('events.package');
Route::get('/events/{token}/notifications', [EventPublicController::class, 'notifications'])->name('events.notifications');
Route::post('/events/{token}/notifications/{notification}/read', [EventPublicController::class, 'markNotificationRead'])
->whereNumber('notification')
->name('events.notifications.read');
Route::post('/events/{token}/notifications/{notification}/dismiss', [EventPublicController::class, 'dismissNotification'])
->whereNumber('notification')
->name('events.notifications.dismiss');
Route::post('/events/{token}/push-subscriptions', [EventPublicController::class, 'registerPushSubscription'])
->name('events.push-subscriptions.store');
Route::delete('/events/{token}/push-subscriptions', [EventPublicController::class, 'destroyPushSubscription'])
->name('events.push-subscriptions.destroy');
Route::get('/events/{token}/achievements', [EventPublicController::class, 'achievements'])->name('events.achievements');
Route::get('/events/{token}/emotions', [EventPublicController::class, 'emotions'])->name('events.emotions');
Route::get('/events/{token}/tasks', [EventPublicController::class, 'tasks'])->name('events.tasks');
Route::get('/events/{token}/photos', [EventPublicController::class, 'photos'])->name('events.photos');
Route::get('/photos/{id}', [EventPublicController::class, 'photo'])->name('photos.show');
Route::post('/photos/{id}/like', [EventPublicController::class, 'like'])->name('photos.like');
Route::post('/events/{token}/photos/{photo}/share', [EventPublicController::class, 'createShareLink'])
->whereNumber('photo')
->name('photos.share');
Route::get('/photo-shares/{slug}', [EventPublicController::class, 'shareLink'])->name('photo-shares.show');
Route::get('/photo-shares/{slug}/asset/{variant}', [EventPublicController::class, 'shareLinkAsset'])
->middleware('signed')
->name('photo-shares.asset');
Route::post('/events/{token}/upload', [EventPublicController::class, 'upload'])->name('events.upload');
Route::get('/events/{token}/pending-photos', [EventPublicController::class, 'pendingUploads'])
->name('events.pending-photos');
Route::get('/events/{token}/pending-photos/{photo}/{variant}', [EventPublicController::class, 'pendingPhotoAsset'])
->whereNumber('photo')
->where('variant', 'thumbnail|full')
->middleware('signed')
->name('events.pending-photos.asset');
Route::get('/branding/asset/{path}', [EventPublicController::class, 'brandingAsset'])
->where('path', '.*')
->middleware('signed')
->name('branding.asset');
Route::get('/gallery/{token}', [EventPublicController::class, 'gallery'])->name('gallery.show');
Route::get('/gallery/{token}/photos', [EventPublicController::class, 'galleryPhotos'])->name('gallery.photos');
Route::get('/gallery/{token}/photos/{photo}/download', [EventPublicController::class, 'galleryPhotoDownload'])
->whereNumber('photo')
->middleware('signed')
->name('gallery.photos.download');
Route::get('/gallery/{token}/photos/{photo}/{variant}', [EventPublicController::class, 'galleryPhotoAsset'])
->whereNumber('photo')
->where('variant', 'thumbnail|full')
->middleware('signed')
->name('gallery.photos.asset');
Route::post('/photobooth/sparkbooth/upload', [SparkboothUploadController::class, 'store'])
->name('photobooth.sparkbooth.upload');
Route::get('/tenant/events/{event:slug}/photos/{photo}/{variant}/asset', [PhotoController::class, 'asset'])
->whereNumber('photo')
->where('variant', 'thumbnail|full')
->middleware('signed')
->name('tenant.events.photos.asset');
});
Route::middleware(['auth:sanctum', 'tenant.collaborator', 'tenant.isolation', 'throttle:tenant-api'])->prefix('tenant')->group(function () {
Route::get('profile', [ProfileController::class, 'show'])
->middleware('tenant.admin')
->name('tenant.profile.show');
Route::put('profile', [ProfileController::class, 'update'])
->middleware('tenant.admin')
->name('tenant.profile.update');
Route::get('fonts', [FontController::class, 'index'])->name('tenant.fonts.index');
Route::get('onboarding', [OnboardingController::class, 'show'])
->middleware('tenant.admin')
->name('tenant.onboarding.show');
Route::post('onboarding', [OnboardingController::class, 'store'])
->middleware('tenant.admin')
->name('tenant.onboarding.store');
Route::get('me', [TenantAdminTokenController::class, 'legacyTenantMe'])
->name('tenant.me');
Route::get('dashboard', DashboardController::class)
->middleware('tenant.admin')
->name('tenant.dashboard');
Route::get('announcements', [TenantAnnouncementController::class, 'index'])
->middleware('tenant.admin')
->name('tenant.announcements.index');
Route::get('event-types', EventTypeController::class)->name('tenant.event-types.index');
Route::get('events', [EventController::class, 'index'])
->name('tenant.events.index');
Route::get('events/{event:slug}', [EventController::class, 'show'])
->name('tenant.events.show');
Route::delete('events/{event:slug}', [EventController::class, 'destroy'])
->middleware('tenant.admin')
->name('tenant.events.destroy');
Route::middleware(['package.check', 'credit.check', 'tenant.admin'])->group(function () {
Route::post('events', [EventController::class, 'store'])->name('tenant.events.store');
Route::match(['put', 'patch'], 'events/{event:slug}', [EventController::class, 'update'])->name('tenant.events.update');
});
Route::prefix('events/{event:slug}')->scopeBindings()->group(function () {
Route::middleware('tenant.admin')->group(function () {
Route::get('stats', [EventController::class, 'stats'])->name('tenant.events.stats');
Route::get('analytics', [\App\Http\Controllers\Api\Tenant\EventAnalyticsController::class, 'show'])->name('tenant.events.analytics');
Route::post('toggle', [EventController::class, 'toggle'])->name('tenant.events.toggle');
Route::post('invites', [EventController::class, 'createInvite'])->name('tenant.events.invites');
Route::get('toolkit', [EventController::class, 'toolkit'])->name('tenant.events.toolkit');
Route::get('guest-notifications', [EventGuestNotificationController::class, 'index'])->name('tenant.events.guest-notifications.index');
Route::post('guest-notifications', [EventGuestNotificationController::class, 'store'])->name('tenant.events.guest-notifications.store');
Route::post('addons/apply', [EventAddonController::class, 'apply'])->name('tenant.events.addons.apply');
Route::post('addons/checkout', [EventAddonController::class, 'checkout'])->name('tenant.events.addons.checkout');
Route::prefix('live-show')->group(function () {
Route::get('link', [LiveShowLinkController::class, 'show'])->name('tenant.events.live-show.link');
Route::post('link/rotate', [LiveShowLinkController::class, 'rotate'])->name('tenant.events.live-show.link.rotate');
Route::get('photos', [LiveShowPhotoController::class, 'index'])->name('tenant.events.live-show.photos.index');
Route::post('photos/{photo}/approve', [LiveShowPhotoController::class, 'approve'])
->name('tenant.events.live-show.photos.approve');
Route::post('photos/{photo}/approve-and-live', [LiveShowPhotoController::class, 'approveAndLive'])
->name('tenant.events.live-show.photos.approve-and-live');
Route::post('photos/{photo}/reject', [LiveShowPhotoController::class, 'reject'])
->name('tenant.events.live-show.photos.reject');
Route::post('photos/{photo}/clear', [LiveShowPhotoController::class, 'clear'])
->name('tenant.events.live-show.photos.clear');
});
});
Route::prefix('join-tokens')->group(function () {
Route::get('/', [EventJoinTokenController::class, 'index'])->name('tenant.events.join-tokens.index');
Route::post('/', [EventJoinTokenController::class, 'store'])->name('tenant.events.join-tokens.store');
Route::get('{joinToken}/layouts', [EventJoinTokenLayoutController::class, 'index'])
->whereNumber('joinToken')
->name('tenant.events.join-tokens.layouts.index');
Route::get('{joinToken}/layouts/{layout}.{format}', [EventJoinTokenLayoutController::class, 'download'])
->whereNumber('joinToken')
->where('format', 'pdf|png')
->name('tenant.events.join-tokens.layouts.download');
Route::patch('{joinToken}', [EventJoinTokenController::class, 'update'])
->whereNumber('joinToken')
->name('tenant.events.join-tokens.update');
Route::delete('{joinToken}', [EventJoinTokenController::class, 'destroy'])
->whereNumber('joinToken')
->name('tenant.events.join-tokens.destroy');
});
Route::prefix('photos')->group(function () {
Route::get('/', [PhotoController::class, 'index'])->name('tenant.events.photos.index');
Route::post('/', [PhotoController::class, 'store'])->name('tenant.events.photos.store');
Route::get('{photo}', [PhotoController::class, 'show'])->name('tenant.events.photos.show');
Route::patch('{photo}', [PhotoController::class, 'update'])->name('tenant.events.photos.update');
Route::delete('{photo}', [PhotoController::class, 'destroy'])->name('tenant.events.photos.destroy');
Route::post('{photo}/feature', [PhotoController::class, 'feature'])->name('tenant.events.photos.feature');
Route::post('{photo}/unfeature', [PhotoController::class, 'unfeature'])->name('tenant.events.photos.unfeature');
Route::post('{photo}/visibility', [PhotoController::class, 'visibility'])->name('tenant.events.photos.visibility');
Route::post('bulk-approve', [PhotoController::class, 'bulkApprove'])->name('tenant.events.photos.bulk-approve');
Route::post('bulk-reject', [PhotoController::class, 'bulkReject'])->name('tenant.events.photos.bulk-reject');
Route::get('moderation', [PhotoController::class, 'forModeration'])->name('tenant.events.photos.for-moderation');
Route::get('stats', [PhotoController::class, 'stats'])->name('tenant.events.photos.stats');
});
Route::prefix('photobooth')->middleware('tenant.admin')->group(function () {
Route::get('/', [PhotoboothController::class, 'show'])->name('tenant.events.photobooth.show');
Route::post('/enable', [PhotoboothController::class, 'enable'])->name('tenant.events.photobooth.enable');
Route::post('/rotate', [PhotoboothController::class, 'rotate'])->name('tenant.events.photobooth.rotate');
Route::post('/disable', [PhotoboothController::class, 'disable'])->name('tenant.events.photobooth.disable');
});
Route::get('members', [EventMemberController::class, 'index'])
->middleware('tenant.admin')
->name('tenant.events.members.index');
Route::post('members', [EventMemberController::class, 'store'])
->middleware('tenant.admin')
->name('tenant.events.members.store');
Route::delete('members/{member}', [EventMemberController::class, 'destroy'])
->middleware('tenant.admin')
->whereNumber('member')
->name('tenant.events.members.destroy');
});
Route::post('events/bulk-status', [EventController::class, 'bulkUpdateStatus'])
->middleware('tenant.admin')
->name('tenant.events.bulk-status');
Route::get('events/search', [EventController::class, 'search'])
->name('tenant.events.search');
Route::apiResource('tasks', TaskController::class);
Route::post('tasks/{task}/assign-event/{event}', [TaskController::class, 'assignToEvent'])
->name('tenant.tasks.assign-to-event');
Route::post('tasks/bulk-assign-event/{event}', [TaskController::class, 'bulkAssignToEvent'])
->name('tenant.tasks.bulk-assign-to-event');
Route::get('tasks/event/{event}', [TaskController::class, 'forEvent'])
->name('tenant.tasks.for-event');
Route::get('tasks/collection/{collection}', [TaskController::class, 'fromCollection'])
->name('tenant.tasks.from-collection');
Route::post('tasks/bulk-detach-event/{event}', [TaskController::class, 'bulkDetachFromEvent'])
->name('tenant.tasks.bulk-detach-from-event');
Route::post('tasks/event/{event}/reorder', [TaskController::class, 'reorderForEvent'])
->name('tenant.tasks.reorder-for-event');
Route::get('task-collections', [TaskCollectionController::class, 'index'])
->name('tenant.task-collections.index');
Route::get('task-collections/{collection}', [TaskCollectionController::class, 'show'])
->name('tenant.task-collections.show');
Route::post('task-collections/{collection}/activate', [TaskCollectionController::class, 'activate'])
->name('tenant.task-collections.activate');
Route::middleware('tenant.admin')->group(function () {
Route::get('emotions', [EmotionController::class, 'index'])->name('tenant.emotions.index');
Route::post('emotions', [EmotionController::class, 'store'])->name('tenant.emotions.store');
Route::patch('emotions/{emotion}', [EmotionController::class, 'update'])->name('tenant.emotions.update');
});
Route::prefix('settings')->middleware('tenant.admin')->group(function () {
Route::get('/', [SettingsController::class, 'index'])
->name('tenant.settings.index');
Route::post('/', [SettingsController::class, 'update'])
->name('tenant.settings.update');
Route::post('/reset', [SettingsController::class, 'reset'])
->name('tenant.settings.reset');
Route::post('/validate-domain', [SettingsController::class, 'validateDomain'])
->name('tenant.settings.validate-domain');
Route::get('/notifications', [SettingsController::class, 'notificationPreferences'])
->name('tenant.settings.notifications.index');
Route::post('/notifications', [SettingsController::class, 'updateNotificationPreferences'])
->name('tenant.settings.notifications.update');
});
Route::middleware('tenant.admin')->group(function () {
Route::get('exports', [DataExportController::class, 'index'])
->name('tenant.exports.index');
Route::post('exports', [DataExportController::class, 'store'])
->name('tenant.exports.store');
Route::get('exports/{export}/download', [DataExportController::class, 'download'])
->name('tenant.exports.download');
});
Route::get('notifications/logs', [NotificationLogController::class, 'index'])
->middleware('tenant.admin')
->name('tenant.notifications.logs.index');
Route::post('notifications/logs/mark', [NotificationLogController::class, 'mark'])
->middleware('tenant.admin')
->name('tenant.notifications.logs.mark');
Route::post('notifications/push-subscriptions', [AdminPushSubscriptionController::class, 'store'])
->middleware('tenant.admin')
->name('tenant.notifications.push-subscriptions.store');
Route::delete('notifications/push-subscriptions', [AdminPushSubscriptionController::class, 'destroy'])
->middleware('tenant.admin')
->name('tenant.notifications.push-subscriptions.destroy');
Route::prefix('packages')->middleware('tenant.admin')->group(function () {
Route::get('/', [PackageController::class, 'index'])->name('packages.index');
Route::post('/purchase', [PackageController::class, 'purchase'])->name('packages.purchase');
Route::post('/complete', [PackageController::class, 'completePurchase'])->name('packages.complete');
Route::post('/free', [PackageController::class, 'assignFree'])->name('packages.free');
Route::post('/paddle-checkout', [PackageController::class, 'createPaddleCheckout'])->name('packages.paddle-checkout');
Route::get('/checkout-session/{session}/status', [PackageController::class, 'checkoutSessionStatus'])
->name('packages.checkout-session.status');
});
Route::get('addons/catalog', [EventAddonCatalogController::class, 'index'])
->middleware('tenant.admin')
->name('tenant.addons.catalog');
Route::prefix('tenant/packages')->middleware('tenant.admin')->group(function () {
Route::get('/', [TenantPackageController::class, 'index'])->name('tenant.packages.index');
});
Route::prefix('billing')->middleware('tenant.admin')->group(function () {
Route::get('transactions', [TenantBillingController::class, 'transactions'])
->name('tenant.billing.transactions');
Route::get('addons', [TenantBillingController::class, 'addons'])
->name('tenant.billing.addons');
Route::post('portal', [TenantBillingController::class, 'portal'])
->name('tenant.billing.portal');
});
Route::prefix('tenant/billing')->middleware('tenant.admin')->group(function () {
Route::get('transactions', [TenantBillingController::class, 'transactions']);
Route::get('addons', [TenantBillingController::class, 'addons']);
Route::post('portal', [TenantBillingController::class, 'portal']);
});
Route::post('feedback', [TenantFeedbackController::class, 'store'])
->name('tenant.feedback.store');
});
});
if (config('e2e.testing_enabled')) {
require __DIR__.'/testing.php';
}
Reference in New Issue View Git Blame Copy Permalink