sky121113
8f008ffb61
All checks were successful
star-cloud-deploy-demo / deploy-demo (push) Successful in 52s
1. 強化 B000 登入接口:驗證成功後回傳 Sanctum Token 供後續初始化使用。 2. 實作 B014 (getSettings) API:整合機台、金流與發票設定,並映射至 Android App 預期欄位。 3. 強化安全性:B014 API 掛載 auth:sanctum 並執行 RBAC 權限檢查。 4. 更新 API 說明文件 (iot-spec.md, api-docs.php) 及技術規範 (SKILL.md)。
89 lines
4.3 KiB
PHP
89 lines
4.3 KiB
PHP
<?php
|
|
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Route;
|
|
use App\Http\Controllers\Api\V1\MemberController;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| API Routes
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| 這裡註冊所有的 API 路由,預設套用 api middleware group。
|
|
| 加入 v1 前綴與 throttle 進行速率限制防護。
|
|
|
|
|
*/
|
|
|
|
Route::prefix('v1')->middleware(['throttle:api'])->group(function () {
|
|
|
|
// 基本的使用者資料查詢
|
|
Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
|
|
return $request->user();
|
|
});
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| 會員 API Routes
|
|
|--------------------------------------------------------------------------
|
|
*/
|
|
|
|
// 公開路由(無需認證)
|
|
Route::prefix('members')->group(function () {
|
|
Route::post('/register', [MemberController::class, 'register']);
|
|
Route::post('/login', [MemberController::class, 'login']);
|
|
Route::post('/social-login', [MemberController::class, 'socialLogin']);
|
|
});
|
|
|
|
// 需認證路由
|
|
Route::prefix('members')->middleware('auth:sanctum')->group(function () {
|
|
Route::get('/profile', [MemberController::class, 'profile']);
|
|
Route::put('/profile', [MemberController::class, 'updateProfile']);
|
|
Route::post('/logout', [MemberController::class, 'logout']);
|
|
});
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| 機台 API Routes (IoT)
|
|
|--------------------------------------------------------------------------
|
|
| 專門用於機台通訊,頻率較高,建議搭配異步處理。
|
|
*/
|
|
|
|
// 機台管理員 B000 登入驗證 (由於此階段機台未帶 Token 無法通過 iot.auth)
|
|
Route::prefix('app')->group(function () {
|
|
Route::post('admin/login/B000', [\App\Http\Controllers\Api\V1\App\MachineAuthController::class, 'loginB000'])->middleware('throttle:30,1');
|
|
|
|
// 機台啟動引導與參數下載 (需人員登入 Token)
|
|
Route::middleware('auth:sanctum')->post('machine/setting/B014', [App\Http\Controllers\Api\V1\App\MachineController::class, 'getSettings']);
|
|
});
|
|
|
|
Route::prefix('app')->middleware(['iot.auth', 'throttle:100,1'])->group(function () {
|
|
// 心跳與狀態 (B010, B017, B710, B220)
|
|
Route::post('machine/status/B010', [App\Http\Controllers\Api\V1\App\MachineController::class, 'heartbeat']);
|
|
Route::post('machine/reload_msg/B017', [App\Http\Controllers\Api\V1\App\MachineController::class, 'getSlots']);
|
|
Route::post('machine/timer/B710', [App\Http\Controllers\Api\V1\App\MachineController::class, 'syncTimer']);
|
|
Route::post('machine/coins/B220', [App\Http\Controllers\Api\V1\App\MachineController::class, 'syncCoinInventory']);
|
|
Route::post('machine/member/verify/B650', [App\Http\Controllers\Api\V1\App\MachineController::class, 'verifyMember']);
|
|
|
|
// 廣告與貨道清單 (B005, B009, B012)
|
|
Route::get('machine/ad/B005', [App\Http\Controllers\Api\V1\App\MachineController::class, 'getAdvertisements']);
|
|
Route::put('products/supplementary/B009', [App\Http\Controllers\Api\V1\App\MachineController::class, 'reportSlotList']);
|
|
|
|
// 統一商品主檔 API (B012 整合版)
|
|
Route::match(['get', 'patch'], 'machine/products/B012', [App\Http\Controllers\Api\V1\App\MachineController::class, 'getProducts']);
|
|
|
|
// 機台故障與異常上報 (B013)
|
|
Route::post('machine/error/B013', [App\Http\Controllers\Api\V1\App\MachineController::class, 'reportError']);
|
|
|
|
// 交易、發票與出貨 (B600, B601, B602)
|
|
Route::post('machine/restock/B018', [App\Http\Controllers\Api\V1\App\MachineController::class, 'recordRestock']);
|
|
Route::post('B600', [App\Http\Controllers\Api\V1\App\TransactionController::class, 'store']);
|
|
Route::post('B601', [App\Http\Controllers\Api\V1\App\TransactionController::class, 'recordInvoice']);
|
|
Route::post('B602', [App\Http\Controllers\Api\V1\App\TransactionController::class, 'recordDispense']);
|
|
});
|
|
|
|
Route::prefix('machines')->group(function () {
|
|
Route::post('/{id}/logs', [\App\Http\Controllers\Api\V1\MachineController::class, 'storeLog']);
|
|
});
|
|
|
|
});
|