validate([ 'email' => ['required', 'email'], 'password' => ['required'], ]); if (! auth()->attempt($credentials)) { return response()->json(['message' => 'Invalid credentials'], 401); } if ($request->hasSession()) { $request->session()->regenerate(); } return response()->json(['data' => auth()->user()]); }); Route::middleware('auth:sanctum')->group(function () { Route::post('/logout', function (Request $request) { auth()->logout(); if ($request->hasSession()) { $request->session()->invalidate(); $request->session()->regenerateToken(); } return response()->json(null, 204); }); Route::get('/user', fn (Request $request) => response()->json(['data' => $request->user()])); Route::get('search', SearchController::class); Route::apiResource('clients', ClientController::class)->except(['destroy']); Route::get('clients/{client}/history', [HistoryController::class, 'index']); Route::post('clients/{client}/history', [HistoryController::class, 'store']); Route::put('history/{historyEntry}', [HistoryController::class, 'update']); Route::delete('history/{historyEntry}', [HistoryController::class, 'destroy']); });