einundzwanzig/einundzwanzig-app
1
0
Fork 0
mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-app.git synced 2026-06-17 16:40:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
07169dfee6c7c3ab3d02e724bf937683affc1ced
einundzwanzig-app/routes/auth.php
T
HolgerHatGarKeineNode 07169dfee6 Add mobile app auth flow with Sanctum token handoff via deep link 
The Einundzwanzig mobile app opens /auth/mobile in an in-app browser.
After a Lightning (LNURL) or Nostr login the flow issues a personal
access token and hands it back via the einundzwanzig://auth deep link.

- New auth.mobile-login Livewire view: Lightning QR (shared k1) plus
  Nostr signing via NIP-55 Android signers (Amber) with server callback,
  and a confirmation screen for already authenticated sessions
- MobileAuthController: NIP-55 callback verification, completion route
  issuing the token (replacing same-device tokens), redirect whitelist
- Nostr login event verification and npub user resolution extracted to
  App\Support\NostrLogin, now shared with the interactive login
- GET /api/user (auth:sanctum) returns the token owner's profile
2026-06-11 18:01:50 +02:00

58 lines
1.9 KiB
PHP
Raw Blame History

<?php
use App\Http\Controllers\Auth\VerifyEmailController;
use App\Http\Controllers\LnurlAuthController;
use App\Http\Controllers\MobileAuthController;
use App\Livewire\Actions\Logout;
use Illuminate\Support\Facades\Route;
Route::middleware('guest')
->group(function () {
Route::livewire('/login', 'auth.login')
->name('login');
Route::livewire('/forgot-password', 'auth.forgot-password')
->name('password.request');
Route::livewire('/reset-password/{token}', 'auth.reset-password')
->name('password.reset');
Route::get('/auth/complete-lightning/{k1}', [LnurlAuthController::class, 'completeLogin'])
->where('k1', '[a-f0-9]{64}')
->name('auth.ln.complete');
});
Route::middleware('auth')
->group(function () {
Route::livewire('/verify-email', 'auth.verify-email')
->name('verification.notice');
Route::get('verify-email/{id}/{hash}', VerifyEmailController::class)
->middleware(['signed', 'throttle:6,1'])
->name('verification.verify');
Route::livewire('/confirm-password', 'auth.confirm-password')
->name('password.confirm');
});
/*
* Mobile app auth flow: works for guests (login via Lightning/Nostr) and
* for already authenticated users (confirmation screen), so it lives
* outside the guest group.
*/
Route::livewire('/auth/mobile', 'auth.mobile-login')
->middleware('throttle:30,1')
->name('auth.mobile');
Route::get('/auth/mobile/complete/{k1}', [MobileAuthController::class, 'complete'])
->where('k1', '[a-f0-9]{64}')
->middleware('throttle:30,1')
->name('auth.mobile.complete');
Route::post('/auth/mobile/confirm', [MobileAuthController::class, 'confirm'])
->middleware(['auth', 'throttle:30,1'])
->name('auth.mobile.confirm');
Route::post('logout', Logout::class)
->name('logout');
Reference in New Issue View Git Blame Copy Permalink