42 lines
1.6 KiB
PHP
42 lines
1.6 KiB
PHP
<?php
|
|
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Route;
|
|
use App\Http\Controllers\PersonController;
|
|
use App\Http\Controllers\AuthController;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| API Routes
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Here is where you can register API routes for your application. These
|
|
| routes are loaded by the RouteServiceProvider and all of them will
|
|
| be assigned to the "api" middleware group. Make something great!
|
|
|
|
|
*/
|
|
|
|
// Public routes - no authentication required
|
|
Route::post('/login', [AuthController::class, 'login'])->name('login');
|
|
|
|
// Public search endpoint - allows searching without authentication
|
|
Route::get('/persons/search', [PersonController::class, 'publicSearch'])->name('persons.public.search');
|
|
|
|
// Protected routes - require Sanctum authentication
|
|
Route::middleware('auth:sanctum')->group(function () {
|
|
// User authentication routes
|
|
Route::get('/user', [AuthController::class, 'me'])->name('user.profile');
|
|
Route::post('/logout', [AuthController::class, 'logout'])->name('logout');
|
|
|
|
// Admin-only routes
|
|
Route::middleware('ability:admin')->group(function () {
|
|
Route::post('/register', [AuthController::class, 'register'])->name('register');
|
|
});
|
|
|
|
// Person API endpoints - all CRUD operations protected by authentication
|
|
Route::apiResource('persons', PersonController::class);
|
|
|
|
// Custom route for finding a person by ID card number
|
|
Route::get('persons/id-card/{idCardNo}', [PersonController::class, 'findByIdCard'])->name('persons.findByIdCard');
|
|
});
|