55 lines
1.9 KiB
PHP
55 lines
1.9 KiB
PHP
<?php
|
|
|
|
use App\Http\Controllers\Api\V1\AppConfigController;
|
|
use App\Http\Controllers\Api\V1\AuthController;
|
|
use App\Http\Controllers\Api\V1\UserController;
|
|
use Illuminate\Support\Facades\RateLimiter;
|
|
use Illuminate\Support\Facades\Route;
|
|
use Illuminate\Cache\RateLimiting\Limit;
|
|
use Illuminate\Http\Request;
|
|
use Spatie\Permission\Models\Permission;
|
|
use Spatie\Permission\Models\Role;
|
|
|
|
RateLimiter::for('api.login', fn (Request $request) =>
|
|
Limit::perMinute(10)->by($request->ip())->response(function () {
|
|
return response()->json(['message' => 'Too many login attempts. Please try again later.'], 429);
|
|
})
|
|
);
|
|
|
|
Route::prefix('v1')->group(function () {
|
|
|
|
// Public
|
|
Route::post('/auth/login', [AuthController::class, 'login'])
|
|
->middleware('throttle:api.login');
|
|
|
|
Route::get('/app/config', AppConfigController::class)
|
|
->name('api.app.config');
|
|
|
|
// Protected
|
|
Route::middleware('auth:sanctum')->group(function () {
|
|
|
|
Route::get('/auth/me', [AuthController::class, 'me']);
|
|
Route::post('/auth/logout', [AuthController::class, 'logout']);
|
|
|
|
Route::apiResource('users', UserController::class)->names([
|
|
'index' => 'api.users.index',
|
|
'store' => 'api.users.store',
|
|
'show' => 'api.users.show',
|
|
'update' => 'api.users.update',
|
|
'destroy' => 'api.users.destroy',
|
|
]);
|
|
|
|
Route::get('/roles', function () {
|
|
return response()->json([
|
|
'data' => Role::select('id', 'name', 'guard_name', 'created_at')->get(),
|
|
]);
|
|
})->middleware('permission:role.view')->name('api.roles.index');
|
|
|
|
Route::get('/permissions', function () {
|
|
return response()->json([
|
|
'data' => Permission::select('id', 'name', 'guard_name')->get(),
|
|
]);
|
|
})->middleware('permission:role.view')->name('api.permissions.index');
|
|
});
|
|
});
|