mandant-crm/backend/routes/api.php

71 lines
3.2 KiB
PHP
Raw Permalink Normal View History

<?php
use App\Modules\Client\Controllers\ClientController;
use App\Modules\CustomField\Controllers\CustomFieldDefinitionController;
use App\Modules\CustomField\Controllers\CustomFieldValueController;
use App\Modules\History\Controllers\HistoryController;
use App\Modules\History\Controllers\HistoryTypeController;
use App\Modules\Import\Controllers\ClientImportController;
use App\Modules\Search\Controllers\SearchController;
use App\Modules\User\Controllers\UserController;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
Route::post('/login', function (Request $request) {
$credentials = $request->validate([
'email' => ['required', 'email'],
'password' => ['required'],
]);
if (! auth()->attempt($credentials)) {
return response()->json(['message' => 'Invalid credentials'], 401);
}
if ($request->hasSession()) {
$request->session()->regenerate();
}
return response()->json(['data' => auth()->user()]);
});
Route::middleware('auth:sanctum')->group(function () {
Route::apiResource('users', UserController::class)->only(['index', 'store', 'update', 'destroy']);
Route::post('/logout', function (Request $request) {
// SPA sessions authenticate through the stateful `web` guard; the default
// `sanctum` guard is a RequestGuard with no logout(), so call it explicitly.
auth()->guard('web')->logout();
if ($request->hasSession()) {
$request->session()->invalidate();
$request->session()->regenerateToken();
}
return response()->json(null, 204);
});
Route::get('/user', fn (Request $request) => response()->json(['data' => $request->user()]));
Route::get('search', SearchController::class);
Route::post('clients/import', [ClientImportController::class, 'store']);
Route::apiResource('clients', ClientController::class);
Route::get('clients/{client}/history', [HistoryController::class, 'index']);
Route::post('clients/{client}/history', [HistoryController::class, 'store']);
Route::put('history/{historyEntry}', [HistoryController::class, 'update']);
Route::delete('history/{historyEntry}', [HistoryController::class, 'destroy']);
Route::get('history-types', [HistoryTypeController::class, 'index']);
Route::post('history-types', [HistoryTypeController::class, 'store']);
Route::post('history-types/reorder', [HistoryTypeController::class, 'reorder']);
Route::put('history-types/{historyType}', [HistoryTypeController::class, 'update']);
Route::delete('history-types/{historyType}', [HistoryTypeController::class, 'destroy']);
Route::get('custom-fields', [CustomFieldDefinitionController::class, 'index']);
Route::post('custom-fields', [CustomFieldDefinitionController::class, 'store']);
Route::post('custom-fields/reorder', [CustomFieldDefinitionController::class, 'reorder']);
Route::put('custom-fields/{customFieldDefinition}', [CustomFieldDefinitionController::class, 'update']);
Route::delete('custom-fields/{customFieldDefinition}', [CustomFieldDefinitionController::class, 'destroy']);
Route::put('clients/{client}/custom-fields/{customFieldDefinition}', [CustomFieldValueController::class, 'update']);
});