Changeset View
Changeset View
Standalone View
Standalone View
src/routes/api.php
Show First 20 Lines • Show All 54 Lines • ▼ Show 20 Lines | function () { | ||||
Route::post('signup/verify', [API\SignupController::class, 'verify']); | Route::post('signup/verify', [API\SignupController::class, 'verify']); | ||||
Route::post('signup', [API\SignupController::class, 'signup']); | Route::post('signup', [API\SignupController::class, 'signup']); | ||||
} | } | ||||
); | ); | ||||
Route::group( | Route::group( | ||||
[ | [ | ||||
'domain' => \config('app.website_domain'), | 'domain' => \config('app.website_domain'), | ||||
'middleware' => 'auth:api', | 'middleware' => ['auth:api', 'scope:mfa,api'], | ||||
'prefix' => 'v4' | 'prefix' => 'v4' | ||||
], | ], | ||||
function () { | function () { | ||||
Route::post('companion/register', [API\V4\CompanionAppsController::class, 'register']); | |||||
Route::post('auth-attempts/{id}/confirm', [API\V4\AuthAttemptsController::class, 'confirm']); | Route::post('auth-attempts/{id}/confirm', [API\V4\AuthAttemptsController::class, 'confirm']); | ||||
Route::post('auth-attempts/{id}/deny', [API\V4\AuthAttemptsController::class, 'deny']); | Route::post('auth-attempts/{id}/deny', [API\V4\AuthAttemptsController::class, 'deny']); | ||||
Route::get('auth-attempts/{id}/details', [API\V4\AuthAttemptsController::class, 'details']); | Route::get('auth-attempts/{id}/details', [API\V4\AuthAttemptsController::class, 'details']); | ||||
Route::get('auth-attempts', [API\V4\AuthAttemptsController::class, 'index']); | Route::get('auth-attempts', [API\V4\AuthAttemptsController::class, 'index']); | ||||
Route::get('companion/pairing', [API\V4\CompanionAppsController::class, 'pairing']); | |||||
Route::apiResource('companion', API\V4\CompanionAppsController::class); | |||||
Route::post('companion/register', [API\V4\CompanionAppsController::class, 'register']); | Route::post('companion/register', [API\V4\CompanionAppsController::class, 'register']); | ||||
Route::post('companion/revoke', [API\V4\CompanionAppsController::class, 'revokeAll']); | } | ||||
); | |||||
Route::group( | |||||
[ | |||||
'domain' => \config('app.website_domain'), | |||||
'middleware' => ['auth:api', 'scope:api'], | |||||
'prefix' => 'v4' | |||||
], | |||||
function () { | |||||
Route::apiResource('companions', API\V4\CompanionAppsController::class); | |||||
// This must not be accessible with the 2fa token, | |||||
// to prevent an attacker from pairing a new device with a stolen token. | |||||
Route::get('companions/{id}/pairing', [API\V4\CompanionAppsController::class, 'pairing']); | |||||
Route::apiResource('domains', API\V4\DomainsController::class); | Route::apiResource('domains', API\V4\DomainsController::class); | ||||
Route::get('domains/{id}/confirm', [API\V4\DomainsController::class, 'confirm']); | Route::get('domains/{id}/confirm', [API\V4\DomainsController::class, 'confirm']); | ||||
Route::get('domains/{id}/skus', [API\V4\DomainsController::class, 'skus']); | Route::get('domains/{id}/skus', [API\V4\DomainsController::class, 'skus']); | ||||
Route::get('domains/{id}/status', [API\V4\DomainsController::class, 'status']); | Route::get('domains/{id}/status', [API\V4\DomainsController::class, 'status']); | ||||
Route::post('domains/{id}/config', [API\V4\DomainsController::class, 'setConfig']); | Route::post('domains/{id}/config', [API\V4\DomainsController::class, 'setConfig']); | ||||
if (\config('app.with_files')) { | if (\config('app.with_files')) { | ||||
Route::apiResource('files', API\V4\FilesController::class); | Route::apiResource('files', API\V4\FilesController::class); | ||||
Route::get('files/{fileId}/permissions', [API\V4\FilesController::class, 'getPermissions']); | Route::get('files/{fileId}/permissions', [API\V4\FilesController::class, 'getPermissions']); | ||||
Route::post('files/{fileId}/permissions', [API\V4\FilesController::class, 'createPermission']); | Route::post('files/{fileId}/permissions', [API\V4\FilesController::class, 'createPermission']); | ||||
Route::put('files/{fileId}/permissions/{id}', [API\V4\FilesController::class, 'updatePermission']); | Route::put('files/{fileId}/permissions/{id}', [API\V4\FilesController::class, 'updatePermission']); | ||||
Route::delete('files/{fileId}/permissions/{id}', [API\V4\FilesController::class, 'deletePermission']); | Route::delete('files/{fileId}/permissions/{id}', [API\V4\FilesController::class, 'deletePermission']); | ||||
Route::post('files/uploads/{id}', [API\V4\FilesController::class, 'upload']) | Route::post('files/uploads/{id}', [API\V4\FilesController::class, 'upload']) | ||||
->withoutMiddleware(['auth:api']) | ->withoutMiddleware(['auth:api', 'scope:api']) | ||||
->middleware(['api']); | ->middleware(['api']); | ||||
Route::get('files/downloads/{id}', [API\V4\FilesController::class, 'download']) | Route::get('files/downloads/{id}', [API\V4\FilesController::class, 'download']) | ||||
->withoutMiddleware(['auth:api']); | ->withoutMiddleware(['auth:api', 'scope:api']); | ||||
} | } | ||||
Route::apiResource('groups', API\V4\GroupsController::class); | Route::apiResource('groups', API\V4\GroupsController::class); | ||||
Route::get('groups/{id}/skus', [API\V4\GroupsController::class, 'skus']); | Route::get('groups/{id}/skus', [API\V4\GroupsController::class, 'skus']); | ||||
Route::get('groups/{id}/status', [API\V4\GroupsController::class, 'status']); | Route::get('groups/{id}/status', [API\V4\GroupsController::class, 'status']); | ||||
Route::post('groups/{id}/config', [API\V4\GroupsController::class, 'setConfig']); | Route::post('groups/{id}/config', [API\V4\GroupsController::class, 'setConfig']); | ||||
Route::apiResource('packages', API\V4\PackagesController::class); | Route::apiResource('packages', API\V4\PackagesController::class); | ||||
Route::apiResource('rooms', API\V4\RoomsController::class); | Route::apiResource('rooms', API\V4\RoomsController::class); | ||||
Route::post('rooms/{id}/config', [API\V4\RoomsController::class, 'setConfig']); | Route::post('rooms/{id}/config', [API\V4\RoomsController::class, 'setConfig']); | ||||
Route::get('rooms/{id}/skus', [API\V4\RoomsController::class, 'skus']); | Route::get('rooms/{id}/skus', [API\V4\RoomsController::class, 'skus']); | ||||
Route::post('meet/rooms/{id}', [API\V4\MeetController::class, 'joinRoom']) | Route::post('meet/rooms/{id}', [API\V4\MeetController::class, 'joinRoom']) | ||||
->withoutMiddleware(['auth:api']); | ->withoutMiddleware(['auth:api', 'scope:api']); | ||||
Route::apiResource('resources', API\V4\ResourcesController::class); | Route::apiResource('resources', API\V4\ResourcesController::class); | ||||
Route::get('resources/{id}/skus', [API\V4\ResourcesController::class, 'skus']); | Route::get('resources/{id}/skus', [API\V4\ResourcesController::class, 'skus']); | ||||
Route::get('resources/{id}/status', [API\V4\ResourcesController::class, 'status']); | Route::get('resources/{id}/status', [API\V4\ResourcesController::class, 'status']); | ||||
Route::post('resources/{id}/config', [API\V4\ResourcesController::class, 'setConfig']); | Route::post('resources/{id}/config', [API\V4\ResourcesController::class, 'setConfig']); | ||||
Route::apiResource('shared-folders', API\V4\SharedFoldersController::class); | Route::apiResource('shared-folders', API\V4\SharedFoldersController::class); | ||||
Route::get('shared-folders/{id}/skus', [API\V4\SharedFoldersController::class, 'skus']); | Route::get('shared-folders/{id}/skus', [API\V4\SharedFoldersController::class, 'skus']); | ||||
Show All 22 Lines | function () { | ||||
Route::post('payments/mandate', [API\V4\PaymentsController::class, 'mandateCreate']); | Route::post('payments/mandate', [API\V4\PaymentsController::class, 'mandateCreate']); | ||||
Route::put('payments/mandate', [API\V4\PaymentsController::class, 'mandateUpdate']); | Route::put('payments/mandate', [API\V4\PaymentsController::class, 'mandateUpdate']); | ||||
Route::delete('payments/mandate', [API\V4\PaymentsController::class, 'mandateDelete']); | Route::delete('payments/mandate', [API\V4\PaymentsController::class, 'mandateDelete']); | ||||
Route::get('payments/methods', [API\V4\PaymentsController::class, 'paymentMethods']); | Route::get('payments/methods', [API\V4\PaymentsController::class, 'paymentMethods']); | ||||
Route::get('payments/pending', [API\V4\PaymentsController::class, 'payments']); | Route::get('payments/pending', [API\V4\PaymentsController::class, 'payments']); | ||||
Route::get('payments/has-pending', [API\V4\PaymentsController::class, 'hasPayments']); | Route::get('payments/has-pending', [API\V4\PaymentsController::class, 'hasPayments']); | ||||
Route::post('support/request', [API\V4\SupportController::class, 'request']) | Route::post('support/request', [API\V4\SupportController::class, 'request']) | ||||
->withoutMiddleware(['auth:api']) | ->withoutMiddleware(['auth:api', 'scope:api']) | ||||
->middleware(['api']); | ->middleware(['api']); | ||||
} | } | ||||
); | ); | ||||
Route::group( | Route::group( | ||||
[ | [ | ||||
'domain' => \config('app.website_domain'), | 'domain' => \config('app.website_domain'), | ||||
'prefix' => 'webhooks' | 'prefix' => 'webhooks' | ||||
▲ Show 20 Lines • Show All 116 Lines • Show Last 20 Lines |