Add radio embed widget, SSE real-time, song history, moderation panel, and Auto DJ

- Embed widget: standalone iframe player with dark/light/transparent themes, copy-paste embed code admin page - Real-time SSE: streaming now-playing/listeners/dj events, replaces polling in radio-player and embed - Song history: auto-records song changes to radio_song_plays table, Filament resource to view - DJ moderation: unified panel for shouts approval, song request queue, DJ applications - Auto DJ: playlist management with round-robin playback when no DJ is live - Refactored radio-player Alpine component to use EventSource API with auto-reconnect
2026-05-24 14:07:32 +02:00
parent 5476dce882
commit 0c6c558a59
32 changed files with 2236 additions and 29 deletions
@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Http\Middleware;
+
+use App\Models\RadioApiKey;
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class RadioApiKey
+{
+    public function handle(Request $request, Closure $next, string $permission = '*'): Response
+    {
+        $key = $request->bearerToken() ?? $request->query('api_key');
+
+        if (empty($key)) {
+            return response()->json([
+                'error' => 'API key is verplicht. Gebruik Authorization: Bearer <key> of ?api_key=<key>',
+            ], 401);
+        }
+
+        $apiKey = RadioApiKey::active()->where('key', $key)->first();
+
+        if (! $apiKey) {
+            return response()->json([
+                'error' => 'API key is ongeldig of verlopen',
+            ], 401);
+        }
+
+        if (! $apiKey->isAllowedIp($request->ip())) {
+            return response()->json([
+                'error' => 'IP-adres niet toegestaan voor deze API key',
+            ], 403);
+        }
+
+        if (! $apiKey->hasPermission($permission)) {
+            return response()->json([
+                'error' => 'Geen toestemming voor deze actie',
+            ], 403);
+        }
+
+        $apiKey->touchLastUsed();
+
+        $request->merge(['radio_api_key_id' => $apiKey->id]);
+
+        return $next($request);
+    }
+}