2019-05-20 07:37:41 +02:00
|
|
|
<?php
|
|
|
|
|
2022-03-19 00:14:20 +01:00
|
|
|
use Illuminate\Support\Facades\Route;
|
2022-03-15 14:47:07 +01:00
|
|
|
use App\Http\Controllers\Auth\WebAuthnManageController;
|
|
|
|
use App\Http\Controllers\Auth\WebAuthnRegisterController;
|
|
|
|
use App\Http\Controllers\Auth\WebAuthnLoginController;
|
|
|
|
use App\Http\Controllers\Auth\WebAuthnDeviceLostController;
|
|
|
|
use App\Http\Controllers\Auth\WebAuthnRecoveryController;
|
|
|
|
|
2019-05-20 07:37:41 +02:00
|
|
|
/*
|
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
| Web Routes
|
|
|
|
|--------------------------------------------------------------------------
|
|
|
|
*/
|
|
|
|
|
2022-03-24 14:58:30 +01:00
|
|
|
/**
|
|
|
|
* Routes that only work for unauthenticated user (return an error otherwise)
|
|
|
|
*/
|
2022-03-29 15:02:43 +02:00
|
|
|
Route::group(['middleware' => ['guest', 'rejectIfDemoMode']], function () {
|
2022-03-24 14:58:30 +01:00
|
|
|
Route::post('user', 'Auth\RegisterController@register')->name('user.register');
|
2022-03-28 13:48:29 +02:00
|
|
|
Route::post('user/password/lost', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('user.password.lost');;
|
2022-04-15 15:12:23 +02:00
|
|
|
Route::post('user/password/reset', 'Auth\ResetPasswordController@reset')->name('password.reset');
|
2022-03-24 14:58:30 +01:00
|
|
|
Route::post('webauthn/login/options', [WebAuthnLoginController::class, 'options'])->name('webauthn.login.options');
|
|
|
|
Route::post('webauthn/lost', [WebAuthnDeviceLostController::class, 'sendRecoveryEmail'])->name('webauthn.lost');
|
2022-11-14 17:13:24 +01:00
|
|
|
});
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Routes that can be requested max 10 times per minute by the same IP
|
|
|
|
*/
|
|
|
|
Route::group(['middleware' => ['rejectIfDemoMode', 'throttle:10,1']], function () {
|
2022-03-24 14:58:30 +01:00
|
|
|
Route::post('webauthn/recover', [WebAuthnRecoveryController::class, 'recover'])->name('webauthn.recover');
|
|
|
|
});
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Routes that only work for unauthenticated user (return an error otherwise)
|
|
|
|
* that can be requested max 10 times per minute by the same IP
|
|
|
|
*/
|
2022-07-12 12:32:32 +02:00
|
|
|
Route::group(['middleware' => ['SkipIfAuthenticated', 'throttle:10,1']], function () {
|
2022-03-24 14:58:30 +01:00
|
|
|
Route::post('user/login', 'Auth\LoginController@login')->name('user.login');
|
|
|
|
Route::post('webauthn/login', [WebAuthnLoginController::class, 'login'])->name('webauthn.login');
|
|
|
|
});
|
2019-05-20 07:37:41 +02:00
|
|
|
|
2022-03-24 14:58:30 +01:00
|
|
|
/**
|
2022-03-29 15:02:43 +02:00
|
|
|
* Routes protected by an authentication guard but rejected when reverse-proxy guard is enabled
|
2022-03-24 14:58:30 +01:00
|
|
|
*/
|
2022-03-29 15:02:43 +02:00
|
|
|
Route::group(['middleware' => ['behind-auth', 'rejectIfReverseProxy']], function () {
|
2022-03-15 14:47:07 +01:00
|
|
|
Route::put('user', 'Auth\UserController@update')->name('user.update');
|
2022-03-29 15:02:43 +02:00
|
|
|
Route::patch('user/password', 'Auth\PasswordController@update')->name('user.password.update')->middleware('rejectIfDemoMode');
|
2021-10-22 14:18:13 +02:00
|
|
|
Route::get('user/logout', 'Auth\LoginController@logout')->name('user.logout');
|
2022-03-29 15:02:43 +02:00
|
|
|
Route::delete('user', 'Auth\UserController@delete')->name('user.delete')->middleware('rejectIfDemoMode');
|
2022-03-24 14:58:30 +01:00
|
|
|
|
2022-03-31 14:37:28 +02:00
|
|
|
Route::get('oauth/personal-access-tokens', '\Laravel\Passport\Http\Controllers\PersonalAccessTokenController@forUser')->name('passport.personal.tokens.index');
|
|
|
|
Route::post('oauth/personal-access-tokens', '\Laravel\Passport\Http\Controllers\PersonalAccessTokenController@store')->name('passport.personal.tokens.store');
|
|
|
|
Route::delete('oauth/personal-access-tokens/{token_id}', '\Laravel\Passport\Http\Controllers\PersonalAccessTokenController@destroy')->name('passport.personal.tokens.destroy');
|
2022-03-24 14:58:30 +01:00
|
|
|
|
2022-03-15 14:47:07 +01:00
|
|
|
Route::post('webauthn/register/options', [WebAuthnRegisterController::class, 'options'])->name('webauthn.register.options');
|
|
|
|
Route::post('webauthn/register', [WebAuthnRegisterController::class, 'register'])->name('webauthn.register');
|
|
|
|
Route::get('webauthn/credentials', [WebAuthnManageController::class, 'index'])->name('webauthn.credentials.index');
|
|
|
|
Route::patch('webauthn/credentials/{credential}/name', [WebAuthnManageController::class, 'rename'])->name('webauthn.credentials.rename');
|
|
|
|
Route::delete('webauthn/credentials/{credential}', [WebAuthnManageController::class, 'delete'])->name('webauthn.credentials.delete');
|
|
|
|
});
|
|
|
|
|
2022-07-14 17:07:28 +02:00
|
|
|
Route::get('refresh-csrf', function(){
|
|
|
|
return csrf_token();
|
|
|
|
});
|
2022-07-21 15:48:23 +02:00
|
|
|
Route::get('infos', 'SystemController@infos')->name('system.infos');
|
2022-09-21 21:50:41 +02:00
|
|
|
Route::get('latestRelease', 'SystemController@latestRelease')->name('system.latestRelease');
|
2022-07-14 17:07:28 +02:00
|
|
|
|
2022-03-24 14:58:30 +01:00
|
|
|
/**
|
|
|
|
* Route for the main landing view
|
|
|
|
*/
|
2020-03-05 12:56:35 +01:00
|
|
|
Route::get('/{any}', 'SinglePageController@index')->where('any', '.*')->name('landing');
|