Initial commit

2026-05-09 17:28:23 +02:00
commit 9d73f82529
5575 changed files with 281989 additions and 0 deletions
@@ -0,0 +1,316 @@
+<?php
+
+use App\Actions\Fortify\Controllers\TwoFactorAuthenticatedSessionController;
+use App\Http\Controllers\Admin\RadioSetupController;
+use App\Http\Controllers\Api\FurniEditorController;
+use App\Http\Controllers\Articles\ArticleController;
+use App\Http\Controllers\Articles\WebsiteArticleCommentsController;
+use App\Http\Controllers\Auth\SocialAuthController;
+use App\Http\Controllers\Badge\BadgeController;
+use App\Http\Controllers\Client\FlashController;
+use App\Http\Controllers\Client\NitroController;
+use App\Http\Controllers\Community\LeaderboardController;
+use App\Http\Controllers\Community\PhotosController;
+use App\Http\Controllers\Community\RadioController;
+use App\Http\Controllers\Community\RadioLeaderboardController;
+use App\Http\Controllers\Community\Staff\StaffApplicationsController;
+use App\Http\Controllers\Community\Staff\StaffController;
+use App\Http\Controllers\Community\Staff\WebsiteTeamApplicationsController;
+use App\Http\Controllers\Community\Staff\WebsiteTeamsController;
+use App\Http\Controllers\Community\WebsiteRareValuesController;
+use App\Http\Controllers\Help\HelpCenterController;
+use App\Http\Controllers\Help\TicketController;
+use App\Http\Controllers\Help\TicketReplyController;
+use App\Http\Controllers\Help\WebsiteRulesController;
+use App\Http\Controllers\Miscellaneous\HomeController;
+use App\Http\Controllers\Miscellaneous\InstallationController;
+use App\Http\Controllers\Miscellaneous\LocaleController;
+use App\Http\Controllers\Miscellaneous\LogoGeneratorController;
+use App\Http\Controllers\Miscellaneous\MaintenanceController;
+use App\Http\Controllers\RadioContestController;
+use App\Http\Controllers\RadioGiveawayController;
+use App\Http\Controllers\RadioSongRequestController;
+use App\Http\Controllers\Shop\PayPalController;
+use App\Http\Controllers\Shop\ShopController;
+use App\Http\Controllers\Shop\ShopVoucherController;
+use App\Http\Controllers\User\AccountSettingsController;
+use App\Http\Controllers\User\BannedController;
+use App\Http\Controllers\User\ForgotPasswordController;
+use App\Http\Controllers\User\GuestbookController;
+use App\Http\Controllers\User\MeController;
+use App\Http\Controllers\User\PasswordSettingsController;
+use App\Http\Controllers\User\PreferencesController;
+use App\Http\Controllers\User\ProfileController;
+use App\Http\Controllers\User\ReferralController;
+use App\Http\Controllers\User\TwoFactorAuthenticationController;
+use App\Http\Controllers\User\UserReferralController;
+use Illuminate\Support\Facades\Route;
+use Laravel\Fortify\Features;
+use Laravel\Fortify\Http\Controllers\RegisteredUserController;
+
+// Language route
+Route::get('/language/{locale}', LocaleController::class)->name('language.select');
+
+// Social Login routes
+Route::prefix('auth')->group(function () {
+    Route::get('/google', [SocialAuthController::class, 'redirect'])->name('auth.google');
+    Route::get('/google/callback', [SocialAuthController::class, 'callback'])->name('auth.google.callback');
+
+    Route::get('/discord', [SocialAuthController::class, 'redirect'])->name('auth.discord');
+    Route::get('/discord/callback', [SocialAuthController::class, 'callback'])->name('auth.discord.callback');
+
+    Route::get('/github', [SocialAuthController::class, 'redirect'])->name('auth.github');
+    Route::get('/github/callback', [SocialAuthController::class, 'callback'])->name('auth.github.callback');
+
+    Route::delete('/unlink/{provider}', [SocialAuthController::class, 'unlink'])->name('auth.unlink')->middleware('auth');
+});
+
+// Installation routes
+Route::prefix('installation')->controller(InstallationController::class)->group(function () {
+    Route::get('/', 'index')->name('installation.index');
+    Route::get('/step/{step}', 'showStep')->name('installation.show-step');
+
+    Route::post('/start-installation', 'storeInstallationKey')->name('installation.start-installation');
+    Route::post('/restart-installation', 'restartInstallation')->name('installation.restart');
+    Route::post('/previous-step', 'previousStep')->name('installation.previous-step');
+    Route::post('/save-step', 'saveStepSettings')->name('installation.save-step');
+    Route::post('/complete', 'completeInstallation')->name('installation.complete');
+});
+
+// All routes within this group is protected by maintenance, ban and 2FA middleware
+Route::middleware(['maintenance', 'check.ban', 'force.staff.2fa'])->group(function () {
+    // Maintenance route
+    Route::get('/maintenance', MaintenanceController::class)->name('maintenance.show');
+
+    // Banned route
+    Route::get('/banned', BannedController::class)->name('banned.show');
+
+    // Exceptions to the 2FA check and must only be visited if not logged in
+    Route::middleware(['guest', 'throttle:60,1'])->withoutMiddleware('force.staff.2fa')->group(function () {
+        Route::get('/login', static fn () => to_route('welcome'))->name('login');
+        Route::get('/', HomeController::class)->name('welcome');
+        Route::get('/home', HomeController::class)->name('home');
+
+        Route::get('/register', [RegisteredUserController::class, 'create']);
+
+        Route::post('/register', [RegisteredUserController::class, 'store'])
+            ->name('register');
+
+        Route::get('/register/{referral_code}', UserReferralController::class)->name('register.referral');
+
+        // Password
+        Route::get('forgot-password', ForgotPasswordController::class)->name('forgot.password.get');
+        Route::post('forgot-password', [ForgotPasswordController::class, 'submitForgetPassword'])->name('forgot.password.post');
+        Route::get('reset-password/{token}', [ForgotPasswordController::class, 'showResetPassword'])->name('reset.password.get');
+        Route::post('reset-password/{token}', [ForgotPasswordController::class, 'submitResetPassword'])->name('reset.password.post');
+
+        // Two factor challenge login
+        Route::get('/two-factor-challenge', static fn () => view('auth.two-factor-challenge'))->name('two-factor.login');
+
+        // Email verification resend
+        Route::post('/email/verification-notification', static function () {
+            request()->user()->sendEmailVerificationNotification();
+
+            return back()->with('status', 'verification-link-sent');
+        })->middleware(['auth', 'throttle:6,1'])->name('verification.send');
+    });
+
+    // Logout route - must be accessible when logged in
+    Route::post('/logout', static function () {
+        auth()->guard('web')->logout();
+        session()->invalidate();
+        session()->regenerateToken();
+
+        return redirect('/');
+    })->name('logout');
+
+    // Can only be accessed if logged in
+    Route::middleware('auth')->group(function () {
+        Route::prefix('user')->group(function () {
+            Route::get('/me', MeController::class)->name('me.show');
+            Route::get('/claim/referral-reward', ReferralController::class)->name('claim.referral-reward');
+
+            // User routes that can be accessed without auth (for public profiles)
+            Route::withoutMiddleware('auth')->group(function () {
+                Route::get('/profile/{user:username}', ProfileController::class)->name('profile.show');
+            });
+
+            // Guestbook routes
+            Route::post('/profile/{user}/guestbook', [GuestbookController::class, 'store'])->name('guestbook.store');
+            Route::delete('/profile/{user}/{guestbook}/delete', [GuestbookController::class, 'destroy'])->name('guestbook.destroy');
+
+            // User settings routes
+            Route::prefix('settings')->group(function () {
+                Route::get('/account', [AccountSettingsController::class, 'edit'])->name('settings.account.show');
+                Route::put('/account', [AccountSettingsController::class, 'update'])->name('settings.account.update');
+
+                Route::get('/password', [PasswordSettingsController::class, 'edit'])->name('settings.password.show');
+                Route::put('/password', [PasswordSettingsController::class, 'update'])->name('settings.password.update');
+
+                Route::get('/session-logs', [AccountSettingsController::class, 'sessionLogs'])->name('settings.session-logs');
+
+                Route::get('/two-factor', [TwoFactorAuthenticationController::class, 'index'])->name('settings.two-factor');
+                Route::post('/user/settings/two-factor-authentication', [TwoFactorAuthenticationController::class, 'store'])->name('user.two-factor.enable');
+                Route::post('/2fa-verify', [TwoFactorAuthenticationController::class, 'verify'])->name('two-factor.verify');
+                Route::delete('/user/settings/two-factor-authentication', [TwoFactorAuthenticationController::class, 'destroy'])->name('user.two-factor.disable');
+
+                Route::get('/preferences', [PreferencesController::class, 'edit'])->name('settings.preferences.show');
+                Route::put('/preferences', [PreferencesController::class, 'update'])->name('settings.preferences.update');
+            });
+        });
+
+        // Admin Radio Setup routes
+        Route::prefix('admin')->middleware(['auth'])->group(function () {
+            Route::get('/radio/setup', [RadioSetupController::class, 'index'])->name('admin.radio.setup');
+            Route::post('/radio/setup', [RadioSetupController::class, 'setup'])->name('admin.radio.setup.post');
+
+            // Game Rewards Admin
+
+        });
+
+        // Community routes
+        Route::prefix('community')->group(function () {
+            // Allowed to be visited without being logged in
+            Route::withoutMiddleware('auth')->group(function () {
+                Route::get('/photos', PhotosController::class)->name('photos.index');
+                Route::get('/staff', StaffController::class)->name('staff.index');
+                Route::get('/articles', [ArticleController::class, 'index'])->name('article.index');
+                Route::get('/article/{article:slug}', [ArticleController::class, 'show'])->name('article.show');
+
+                // Radio routes accessible without auth
+                Route::prefix('radio')->group(function () {
+                    Route::get('/', [RadioController::class, 'index'])->name('radio.index');
+                    Route::get('/rooster', [RadioController::class, 'rooster'])->name('radio.rooster');
+                    Route::get('/punten', RadioLeaderboardController::class)->name('radio.leaderboard');
+                });
+            });
+
+            // Radio routes that require auth
+            Route::prefix('radio')->group(function () {
+                Route::get('/shouts', [RadioController::class, 'shouts'])->name('radio.shouts');
+                Route::get('/dj-aanmelden', [RadioController::class, 'apply'])->name('radio.apply');
+                Route::post('/dj-aanmelden', [RadioController::class, 'storeApplication'])->name('radio.apply.store');
+                Route::post('/shouts', [RadioController::class, 'storeShout'])->name('radio.shouts.store');
+
+                // DJ Session management
+                Route::post('/session/start', [RadioController::class, 'startSession'])->name('radio.session.start')->middleware('auth');
+                Route::post('/session/end', [RadioController::class, 'endSession'])->name('radio.session.end')->middleware('auth');
+
+                // Requests
+                Route::get('/requests', [RadioSongRequestController::class, 'index'])->name('radio.requests.index');
+                Route::post('/requests', [RadioSongRequestController::class, 'store'])->name('radio.requests.store');
+                Route::post('/requests/{songRequest}/vote', [RadioSongRequestController::class, 'vote'])->name('radio.requests.vote');
+
+                // Contests
+                Route::get('/contests', [RadioContestController::class, 'index'])->name('radio.contests.index');
+                Route::get('/contests/{contest}', [RadioContestController::class, 'show'])->name('radio.contests.show');
+
+                // Giveaways
+                Route::get('/giveaways', [RadioGiveawayController::class, 'index'])->name('radio.giveaways.index');
+                Route::get('/giveaways/{giveaway}', [RadioGiveawayController::class, 'show'])->name('radio.giveaways.show');
+            });
+
+            Route::get('/teams', WebsiteTeamsController::class)->name('teams.index');
+            Route::get('/draw-badge', [BadgeController::class, 'show'])->name('draw-badge');
+            Route::post('/draw-badge/buy', [BadgeController::class, 'buy'])->name('badge.buy')->middleware('throttle:10,1');
+
+            Route::get('/staff-applications', [StaffApplicationsController::class, 'index'])->name('staff-applications.index');
+            Route::get('/staff-applications/{position}', [StaffApplicationsController::class, 'show'])->name('staff-applications.show');
+            Route::post('/staff-applications/{position}', [StaffApplicationsController::class, 'store'])->name('staff-applications.store');
+
+            Route::get('/team-applications', [WebsiteTeamApplicationsController::class, 'index'])->name('team-applications.index');
+            Route::get('/team-applications/{position}', [WebsiteTeamApplicationsController::class, 'show'])->name('team-applications.show');
+            Route::post('/team-applications/{position}', [WebsiteTeamApplicationsController::class, 'store'])->name('team-applications.store');
+
+            Route::post('/article/{article:slug}/comment', [WebsiteArticleCommentsController::class, 'store'])->name('article.comment.store');
+            Route::delete('/article/{comment}/comment', [WebsiteArticleCommentsController::class, 'destroy'])->name('article.comment.destroy');
+            Route::post('/article/{article:slug}/toggle-reaction', [ArticleController::class, 'toggleReaction'])
+                ->name('article.toggle-reaction')
+                ->middleware('throttle:100,1');
+        });
+
+        // Leaderboard route (accessible without auth)
+        Route::withoutMiddleware('auth')->group(function () {
+            Route::get('/leaderboard', LeaderboardController::class)->name('leaderboard.index');
+        });
+
+        // Shop routes
+        Route::prefix('shop')->group(function () {
+            Route::get('/{category:slug?}', ShopController::class)->name('shop.index')->withoutMiddleware('auth');
+
+            Route::post('/purchase/{package}', [ShopController::class, 'purchase'])->name('shop.buy')->middleware('throttle:10,1');
+            Route::post('/voucher', ShopVoucherController::class)->name('shop.use-voucher')->middleware('throttle:10,1');
+        });
+
+        // Help center
+        Route::prefix('help-center')->as('help-center.')->group(function () {
+            Route::get('/', HelpCenterController::class)->name('index')->withoutMiddleware(['auth', 'check.ban']);
+
+            Route::prefix('tickets')->as('ticket.')->middleware('auth')->withoutMiddleware('check.ban')->group(function () {
+                Route::get('/create', [TicketController::class, 'create'])->name('create');
+                Route::post('/store', [TicketController::class, 'store'])->name('store');
+
+                Route::get('/show/{ticket}', [TicketController::class, 'show'])->name('show');
+                Route::get('/edit/{ticket}', [TicketController::class, 'edit'])->name('edit');
+                Route::put('/edit/{ticket}', [TicketController::class, 'update'])->name('update');
+                Route::delete('/delete/{ticket}', [TicketController::class, 'destroy'])->name('destroy');
+
+                Route::put('/toggle-status/{ticket}', [TicketController::class, 'toggleTicketStatus'])->name('toggle-status');
+
+                Route::post('/reply/{ticket}/store', [TicketReplyController::class, 'store'])->name('reply.store')->middleware('throttle:30,1');
+                Route::delete('/reply/{reply}/delete', [TicketController::class, 'destroyReply'])->name('reply.destroy');
+
+                // All open tickets
+                Route::get('/all', [TicketController::class, 'index'])->name('index');
+            });
+
+            // Rules
+            Route::get('/rules', WebsiteRulesController::class)->name('rules.index')->withoutMiddleware('auth');
+        });
+
+        // Rare values routes
+        Route::get('/values', [WebsiteRareValuesController::class, 'index'])->name('values.index');
+        Route::post('/values/search', [WebsiteRareValuesController::class, 'search'])->name('values.search');
+        Route::get('/values/category/{id}', [WebsiteRareValuesController::class, 'category'])->name('values.category');
+        Route::get('/values/{value}', [WebsiteRareValuesController::class, 'value'])->name('values.value');
+
+        // Client route
+        Route::prefix('game')->middleware(['findretros.redirect', 'vpn.checker'])->group(function () {
+            Route::get('/nitro', NitroController::class)->name('nitro-client');
+            Route::get('/flash', FlashController::class)->name('flash-client');
+        });
+
+        // Logo generator
+        Route::get('/logo-generator', [LogoGeneratorController::class, 'index'])->name('logo-generator.index');
+        Route::post('/logo-generator', [LogoGeneratorController::class, 'store'])->name('store.generated-logo');
+
+        // PayPal routes
+        Route::controller(PayPalController::class)->prefix('paypal')->group(function () {
+            Route::get('/process-transaction', 'process')->name('paypal.process-transaction');
+            Route::get('/successful-transaction', 'successful')->name('paypal.successful-transaction');
+            Route::get('/cancelled-transaction', 'cancelled')->name('paypal.cancelled-transaction');
+        });
+    });
+});
+
+if (Features::enabled(Features::twoFactorAuthentication())) {
+    $twoFactorLimiter = config('fortify.limiters.two-factor');
+
+    Route::post('/two-factor-challenge', [TwoFactorAuthenticatedSessionController::class, 'store'])
+        ->middleware(
+            array_filter([
+                'guest:' . config('fortify.guard'),
+                $twoFactorLimiter ? 'throttle:' . $twoFactorLimiter : null,
+            ]),
+        );
+}
+
+Route::prefix('api/admin/furni-editor')->middleware(['auth', 'admin.security', 'throttle:api'])->group(function () {
+    Route::get('/', [FurniEditorController::class, 'search']);
+    Route::post('/', [FurniEditorController::class, 'create']);
+    Route::get('/detail', [FurniEditorController::class, 'detail']);
+    Route::post('/update', [FurniEditorController::class, 'update']);
+    Route::post('/delete', [FurniEditorController::class, 'delete']);
+    Route::get('/interactions', [FurniEditorController::class, 'interactions']);
+    Route::get('/by-sprite', [FurniEditorController::class, 'bySprite']);
+});