Changeset View
Changeset View
Standalone View
Standalone View
src/routes/api.php
Show First 20 Lines • Show All 54 Lines • ▼ Show 20 Lines | function () { | ||||
Route::post('signup/verify', [API\SignupController::class, 'verify']); | Route::post('signup/verify', [API\SignupController::class, 'verify']); | ||||
Route::post('signup', [API\SignupController::class, 'signup']); | Route::post('signup', [API\SignupController::class, 'signup']); | ||||
} | } | ||||
); | ); | ||||
Route::group( | Route::group( | ||||
[ | [ | ||||
'domain' => \config('app.website_domain'), | 'domain' => \config('app.website_domain'), | ||||
'middleware' => 'auth:api', | 'middleware' => ['auth:api', 'scope:mfa,api'], | ||||
'prefix' => 'v4' | 'prefix' => 'v4' | ||||
], | ], | ||||
function () { | function () { | ||||
Route::post('companion/register', [API\V4\CompanionAppsController::class, 'register']); | |||||
Route::post('auth-attempts/{id}/confirm', [API\V4\AuthAttemptsController::class, 'confirm']); | Route::post('auth-attempts/{id}/confirm', [API\V4\AuthAttemptsController::class, 'confirm']); | ||||
Route::post('auth-attempts/{id}/deny', [API\V4\AuthAttemptsController::class, 'deny']); | Route::post('auth-attempts/{id}/deny', [API\V4\AuthAttemptsController::class, 'deny']); | ||||
Route::get('auth-attempts/{id}/details', [API\V4\AuthAttemptsController::class, 'details']); | Route::get('auth-attempts/{id}/details', [API\V4\AuthAttemptsController::class, 'details']); | ||||
Route::get('auth-attempts', [API\V4\AuthAttemptsController::class, 'index']); | Route::get('auth-attempts', [API\V4\AuthAttemptsController::class, 'index']); | ||||
Route::get('companion/pairing', [API\V4\CompanionAppsController::class, 'pairing']); | |||||
Route::apiResource('companion', API\V4\CompanionAppsController::class); | |||||
Route::post('companion/register', [API\V4\CompanionAppsController::class, 'register']); | Route::post('companion/register', [API\V4\CompanionAppsController::class, 'register']); | ||||
Route::post('companion/revoke', [API\V4\CompanionAppsController::class, 'revokeAll']); | } | ||||
); | |||||
Route::group( | |||||
[ | |||||
'domain' => \config('app.website_domain'), | |||||
'middleware' => ['auth:api', 'scope:api'], | |||||
'prefix' => 'v4' | |||||
], | |||||
function () { | |||||
Route::apiResource('companions', API\V4\CompanionAppsController::class); | |||||
// This must not be accessible with the 2fa token, | |||||
// to prevent an attacker from pairing a new device with a stolen token. | |||||
Route::get('companions/{id}/pairing', [API\V4\CompanionAppsController::class, 'pairing']); | |||||
Route::apiResource('domains', API\V4\DomainsController::class); | Route::apiResource('domains', API\V4\DomainsController::class); | ||||
Route::get('domains/{id}/confirm', [API\V4\DomainsController::class, 'confirm']); | Route::get('domains/{id}/confirm', [API\V4\DomainsController::class, 'confirm']); | ||||
Route::get('domains/{id}/skus', [API\V4\DomainsController::class, 'skus']); | Route::get('domains/{id}/skus', [API\V4\DomainsController::class, 'skus']); | ||||
Route::get('domains/{id}/status', [API\V4\DomainsController::class, 'status']); | Route::get('domains/{id}/status', [API\V4\DomainsController::class, 'status']); | ||||
Route::post('domains/{id}/config', [API\V4\DomainsController::class, 'setConfig']); | Route::post('domains/{id}/config', [API\V4\DomainsController::class, 'setConfig']); | ||||
if (\config('app.with_files')) { | if (\config('app.with_files')) { | ||||
▲ Show 20 Lines • Show All 188 Lines • Show Last 20 Lines |