remco/Atomcms-edit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ea2160132a05200c9802d558bce9814824c43f0d
Atomcms-edit/routes/community.php
T
root 75b78c17fa refactor: improve security, split routes, add API resources and FormRequests 
- Fix timing attack vulnerability in AuthController
- Split web.php (316 lines) into 7 focused route files
- Add 8 API Resources for consistent response formatting
- Add 8 FormRequest classes for centralized validation
- Use Resources instead of manual array mapping in controllers
2026-05-20 23:03:16 +02:00

85 lines
5.3 KiB
PHP
Executable File
Raw Blame History

<?php
use App\Http\Controllers\Articles\ArticleController;
use App\Http\Controllers\Articles\WebsiteArticleCommentsController;
use App\Http\Controllers\Badge\BadgeController;
use App\Http\Controllers\Community\LeaderboardController;
use App\Http\Controllers\Community\PhotosController;
use App\Http\Controllers\Community\RadioController;
use App\Http\Controllers\Community\RadioLeaderboardController;
use App\Http\Controllers\Community\Staff\StaffApplicationsController;
use App\Http\Controllers\Community\Staff\StaffController;
use App\Http\Controllers\Community\Staff\WebsiteTeamApplicationsController;
use App\Http\Controllers\Community\Staff\WebsiteTeamsController;
use App\Http\Controllers\Community\WebsiteRareValuesController;
use App\Http\Controllers\RadioContestController;
use App\Http\Controllers\RadioGiveawayController;
use App\Http\Controllers\RadioSongRequestController;
use Illuminate\Support\Facades\Route;
// Community routes
Route::prefix('community')->group(function () {
// Public routes
Route::withoutMiddleware('auth')->group(function () {
Route::get('/photos', PhotosController::class)->name('photos.index');
Route::get('/staff', StaffController::class)->name('staff.index');
Route::get('/articles', [ArticleController::class, 'index'])->name('article.index');
Route::get('/article/{article:slug}', [ArticleController::class, 'show'])->name('article.show');
Route::prefix('radio')->group(function () {
Route::get('/', [RadioController::class, 'index'])->name('radio.index');
Route::get('/rooster', [RadioController::class, 'rooster'])->name('radio.rooster');
Route::get('/punten', RadioLeaderboardController::class)->name('radio.leaderboard');
});
});
// Authenticated radio routes
Route::prefix('radio')->group(function () {
Route::get('/shouts', [RadioController::class, 'shouts'])->name('radio.shouts');
Route::get('/dj-aanmelden', [RadioController::class, 'apply'])->name('radio.apply');
Route::post('/dj-aanmelden', [RadioController::class, 'storeApplication'])->name('radio.apply.store');
Route::post('/shouts', [RadioController::class, 'storeShout'])->name('radio.shouts.store');
Route::post('/session/start', [RadioController::class, 'startSession'])->name('radio.session.start');
Route::post('/session/end', [RadioController::class, 'endSession'])->name('radio.session.end');
Route::get('/requests', [RadioSongRequestController::class, 'index'])->name('radio.requests.index');
Route::post('/requests', [RadioSongRequestController::class, 'store'])->name('radio.requests.store');
Route::post('/requests/{songRequest}/vote', [RadioSongRequestController::class, 'vote'])->name('radio.requests.vote');
Route::get('/contests', [RadioContestController::class, 'index'])->name('radio.contests.index');
Route::get('/contests/{contest}', [RadioContestController::class, 'show'])->name('radio.contests.show');
Route::get('/giveaways', [RadioGiveawayController::class, 'index'])->name('radio.giveaways.index');
Route::get('/giveaways/{giveaway}', [RadioGiveawayController::class, 'show'])->name('radio.giveaways.show');
});
Route::get('/teams', WebsiteTeamsController::class)->name('teams.index');
Route::get('/draw-badge', [BadgeController::class, 'show'])->name('draw-badge');
Route::post('/draw-badge/buy', [BadgeController::class, 'buy'])->name('badge.buy')->middleware('throttle:10,1');
Route::get('/staff-applications', [StaffApplicationsController::class, 'index'])->name('staff-applications.index');
Route::get('/staff-applications/{position}', [StaffApplicationsController::class, 'show'])->name('staff-applications.show');
Route::post('/staff-applications/{position}', [StaffApplicationsController::class, 'store'])->name('staff-applications.store');
Route::get('/team-applications', [WebsiteTeamApplicationsController::class, 'index'])->name('team-applications.index');
Route::get('/team-applications/{position}', [WebsiteTeamApplicationsController::class, 'show'])->name('team-applications.show');
Route::post('/team-applications/{position}', [WebsiteTeamApplicationsController::class, 'store'])->name('team-applications.store');
Route::post('/article/{article:slug}/comment', [WebsiteArticleCommentsController::class, 'store'])->name('article.comment.store');
Route::delete('/article/{comment}/comment', [WebsiteArticleCommentsController::class, 'destroy'])->name('article.comment.destroy');
Route::post('/article/{article:slug}/toggle-reaction', [ArticleController::class, 'toggleReaction'])
->name('article.toggle-reaction')
->middleware('throttle:100,1');
});
// Leaderboard (public)
Route::withoutMiddleware('auth')->group(function () {
Route::get('/leaderboard', LeaderboardController::class)->name('leaderboard.index');
});
// Rare values
Route::get('/values', [WebsiteRareValuesController::class, 'index'])->name('values.index');
Route::post('/values/search', [WebsiteRareValuesController::class, 'search'])->name('values.search');
Route::get('/values/category/{id}', [WebsiteRareValuesController::class, 'category'])->name('values.category');
Route::get('/values/{value}', [WebsiteRareValuesController::class, 'value'])->name('values.value');
Reference in New Issue View Git Blame Copy Permalink