remco/Atomcms-edit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
Atomcms-edit/routes/user.php
T
root 75b78c17fa refactor: improve security, split routes, add API resources and FormRequests 
- Fix timing attack vulnerability in AuthController
- Split web.php (316 lines) into 7 focused route files
- Add 8 API Resources for consistent response formatting
- Add 8 FormRequest classes for centralized validation
- Use Resources instead of manual array mapping in controllers
2026-05-20 23:03:16 +02:00

46 lines
2.5 KiB
PHP
Executable File
Raw Permalink Blame History

<?php
use App\Http\Controllers\User\AccountSettingsController;
use App\Http\Controllers\User\GuestbookController;
use App\Http\Controllers\User\MeController;
use App\Http\Controllers\User\PasswordSettingsController;
use App\Http\Controllers\User\PreferencesController;
use App\Http\Controllers\User\ProfileController;
use App\Http\Controllers\User\ReferralController;
use App\Http\Controllers\User\TwoFactorAuthenticationController;
use Illuminate\Support\Facades\Route;
// User routes
Route::prefix('user')->group(function () {
Route::get('/me', MeController::class)->name('me.show');
Route::get('/claim/referral-reward', ReferralController::class)->name('claim.referral-reward');
// Public profile
Route::withoutMiddleware('auth')->group(function () {
Route::get('/profile/{user:username}', ProfileController::class)->name('profile.show');
});
// Guestbook
Route::post('/profile/{user}/guestbook', [GuestbookController::class, 'store'])->name('guestbook.store');
Route::delete('/profile/{user}/{guestbook}/delete', [GuestbookController::class, 'destroy'])->name('guestbook.destroy');
// Settings
Route::prefix('settings')->group(function () {
Route::get('/account', [AccountSettingsController::class, 'edit'])->name('settings.account.show');
Route::put('/account', [AccountSettingsController::class, 'update'])->name('settings.account.update');
Route::get('/password', [PasswordSettingsController::class, 'edit'])->name('settings.password.show');
Route::put('/password', [PasswordSettingsController::class, 'update'])->name('settings.password.update');
Route::get('/session-logs', [AccountSettingsController::class, 'sessionLogs'])->name('settings.session-logs');
Route::get('/two-factor', [TwoFactorAuthenticationController::class, 'index'])->name('settings.two-factor');
Route::post('/user/settings/two-factor-authentication', [TwoFactorAuthenticationController::class, 'store'])->name('user.two-factor.enable');
Route::post('/2fa-verify', [TwoFactorAuthenticationController::class, 'verify'])->name('two-factor.verify');
Route::delete('/user/settings/two-factor-authentication', [TwoFactorAuthenticationController::class, 'destroy'])->name('user.two-factor.disable');
Route::get('/preferences', [PreferencesController::class, 'edit'])->name('settings.preferences.show');
Route::put('/preferences', [PreferencesController::class, 'update'])->name('settings.preferences.update');
});
});
Reference in New Issue View Git Blame Copy Permalink