einundzwanzig/einundzwanzig-app
1
0
Fork 0
mirror of https://github.com/HolgerHatGarKeineNode/einundzwanzig-app.git synced 2026-06-17 16:40:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
76894a6634c3eac154fae80893180f63e69b019c
einundzwanzig-app/routes/api.php
T
HolgerHatGarKeineNode 7531f28f22 Add verified App Link handoff and mobile token exchange endpoint 
Replaces the custom-scheme auto-redirect (which triggers Chrome's
confirmation prompt) with a verified Android App Link handoff:

- public/.well-known/assetlinks.json for space.einundzwanzig.mobile
  (debug cert fingerprint; add the release cert before store builds)
- GET /app/auth handoff: opens the app directly when the App Link is
  verified; renders a button-based fallback page otherwise
- POST /api/mobile/token: trades a NIP-55-signed login event for a
  Sanctum token — used when Amber's callback opens the app directly
- complete/confirm/signedCallback now redirect to the handoff URL
2026-06-11 19:51:14 +02:00

101 lines
5.3 KiB
PHP
Raw Blame History

<?php
use App\Http\Controllers\Api\BtcMapCommunityController;
use App\Http\Controllers\Api\CityController;
use App\Http\Controllers\Api\CountryController;
use App\Http\Controllers\Api\CourseController;
use App\Http\Controllers\Api\CourseEventController;
use App\Http\Controllers\Api\LecturerController;
use App\Http\Controllers\Api\MeetupController;
use App\Http\Controllers\Api\MeetupEventController;
use App\Http\Controllers\Api\MeetupMapController;
use App\Http\Controllers\Api\NostrPlebController;
use App\Http\Controllers\Api\UserController;
use App\Http\Controllers\Api\VenueController;
use App\Http\Controllers\LnurlAuthController;
use App\Http\Controllers\MobileAuthController;
use Illuminate\Support\Facades\Route;
Route::middleware(['throttle:60,1'])
->as('api.')
->group(function () {
Route::resource('countries', CountryController::class)->only(['index']);
Route::get('meetup/ical', [MeetupController::class, 'ical'])->name('api.meetup.ical');
Route::resource('meetup', MeetupController::class)->only(['index']);
Route::resource('lecturers', LecturerController::class)->only(['index']);
Route::resource('courses', CourseController::class)
->only(['index', 'show']);
Route::resource('cities', CityController::class)->only(['index']);
Route::resource('venues', VenueController::class)->only(['index']);
Route::get('nostrplebs', NostrPlebController::class);
Route::get('meetups', MeetupMapController::class);
Route::get('meetup-events/{date?}', MeetupEventController::class);
Route::get('btc-map-communities', BtcMapCommunityController::class);
});
/*
* Authenticated write endpoints (Sanctum token auth).
* Lets a lecturer create/update their own courses and course events
* programmatically, e.g. to sync events from an external system.
*/
Route::middleware('auth:sanctum')
->as('api.')
->group(function () {
Route::get('user', UserController::class)->name('user');
Route::post('courses', [CourseController::class, 'store'])
->name('courses.store');
Route::patch('courses/{course}', [CourseController::class, 'update'])
->name('courses.update');
Route::get('course-events', [CourseEventController::class, 'index'])
->name('course-events.index');
Route::post('course-events', [CourseEventController::class, 'store'])
->name('course-events.store');
Route::patch('course-events/{courseEvent}', [CourseEventController::class, 'update'])
->name('course-events.update');
Route::post('lecturers', [LecturerController::class, 'store'])->name('lecturers.store');
Route::patch('lecturers/{lecturer}', [LecturerController::class, 'update'])->name('lecturers.update');
Route::get('my-lecturers', [LecturerController::class, 'mine'])->name('lecturers.mine');
Route::get('my-lecturers/{lecturer}', [LecturerController::class, 'mineShow'])->name('lecturers.mine.show');
Route::post('venues', [VenueController::class, 'store'])->name('venues.store');
Route::patch('venues/{venue}', [VenueController::class, 'update'])->name('venues.update');
Route::get('my-venues', [VenueController::class, 'mine'])->name('venues.mine');
Route::get('my-venues/{venue}', [VenueController::class, 'mineShow'])->name('venues.mine.show');
Route::post('cities', [CityController::class, 'store'])->name('cities.store');
Route::patch('cities/{city}', [CityController::class, 'update'])->name('cities.update');
Route::get('my-cities', [CityController::class, 'mine'])->name('cities.mine');
Route::get('my-cities/{city}', [CityController::class, 'mineShow'])->name('cities.mine.show');
Route::post('meetup', [MeetupController::class, 'store'])->name('meetup.store');
Route::patch('meetup/{meetup}', [MeetupController::class, 'update'])->name('meetup.update');
Route::get('my-meetups', [MeetupController::class, 'mine'])->name('meetup.mine');
Route::get('my-meetups/{meetup}', [MeetupController::class, 'mineShow'])->name('meetup.mine.show');
Route::post('meetup-events', [MeetupEventController::class, 'store'])->name('meetup-events.store');
Route::patch('meetup-events/{meetupEvent}', [MeetupEventController::class, 'update'])->name('meetup-events.update');
Route::get('my-meetup-events', [MeetupEventController::class, 'mine'])->name('meetup-events.mine');
Route::get('my-meetup-events/{meetupEvent}', [MeetupEventController::class, 'mineShow'])->name('meetup-events.mine.show');
});
Route::get('/lnurl-auth-callback', [LnurlAuthController::class, 'callback'])
->name('auth.ln.callback');
// NIP-55 signer callback (e.g. Amber) for the mobile auth flow.
Route::get('/nostr-login-callback', [MobileAuthController::class, 'nostrCallback'])
->middleware('throttle:30,1')
->name('auth.nostr.callback');
// Token exchange for the mobile app: trades a NIP-55-signed login event
// for a Sanctum personal access token (used when the signer callback
// opens the app directly via a verified App Link).
Route::post('/mobile/token', [MobileAuthController::class, 'token'])
->middleware('throttle:30,1')
->name('auth.mobile.token');
Route::post('/check-auth-error', [LnurlAuthController::class, 'checkError'])
->name('auth.check-error');
Reference in New Issue View Git Blame Copy Permalink