fix: mover rutas web /api/* a routes/web.php para usar sesión Sanctum (auth web guard)

This commit is contained in:
javiservices 2026-06-17 09:15:55 +02:00
parent 18ff0d4fa1
commit 3a5da955a4
2 changed files with 36 additions and 30 deletions

View File

@ -5,7 +5,7 @@
use Illuminate\Http\Request; use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route; use Illuminate\Support\Facades\Route;
// ─── Auth ─── // ─── Auth (JSON, devuelve token Sanctum para integraciones externas) ───
Route::post('auth/register', [AuthController::class, 'register']); Route::post('auth/register', [AuthController::class, 'register']);
Route::post('auth/login', [AuthController::class, 'login']); Route::post('auth/login', [AuthController::class, 'login']);
Route::middleware('auth:sanctum')->group(function () { Route::middleware('auth:sanctum')->group(function () {
@ -23,36 +23,12 @@
Route::delete('tasks/{task}', [TaskController::class, 'destroy']); Route::delete('tasks/{task}', [TaskController::class, 'destroy']);
Route::post ('heartbeat', function (Request $r) { Route::post ('heartbeat', function (Request $r) {
return response()->json([ return response()->json([
'ok' => true, 'ok' => true,
'server_time' => now()->toIso8601String(), 'server_time' => now()->toIso8601String(),
'device' => $r->attributes->get('device')?->only('id','name'), 'device' => $r->attributes->get('device')?->only('id','name'),
]); ]);
}); });
}); });
// ─── Web UI (mismo backend; usa sesiones + Sanctum) ─── // Las rutas web JSON (/api/tasks, /api/devices, etc.) están en routes/web.php
// Tareas // porque necesitan sesión + Sanctum web guard para que la UI funcione sin tokens.
Route::middleware('auth:sanctum')->group(function () {
Route::get ('/tasks', [TaskController::class, 'index']);
Route::post ('/tasks', [TaskController::class, 'store']);
Route::put ('/tasks/{task}', [TaskController::class, 'update']);
Route::delete('/tasks/{task}', [TaskController::class, 'destroy']);
Route::post ('/tasks/{task}/done', [TaskController::class, 'done']);
Route::post ('/tasks/{task}/snooze', [TaskController::class, 'snooze']);
Route::post ('/tasks/{task}/restore',[TaskController::class, 'restore']);
Route::get ('/tasks/stats', [TaskController::class, 'stats']);
// Proyectos
Route::get ('/projects', [\App\Http\Controllers\Api\ProjectController::class, 'index']);
Route::post ('/projects', [\App\Http\Controllers\Api\ProjectController::class, 'store']);
Route::put ('/projects/{project}',[\App\Http\Controllers\Api\ProjectController::class, 'update']);
Route::delete('/projects/{project}',[\App\Http\Controllers\Api\ProjectController::class, 'destroy']);
// Tags
Route::get ('/tags', [\App\Http\Controllers\Api\TagController::class, 'index']);
Route::post ('/tags', [\App\Http\Controllers\Api\TagController::class, 'store']);
Route::delete('/tags/{tag}', [\App\Http\Controllers\Api\TagController::class, 'destroy']);
// Devices
Route::get ('/devices', [\App\Http\Controllers\Api\DeviceController::class, 'index']);
Route::post ('/devices', [\App\Http\Controllers\Api\DeviceController::class, 'store']);
Route::post ('/devices/{device}/rotate', [\App\Http\Controllers\Api\DeviceController::class, 'rotate']);
Route::delete('/devices/{device}',[\App\Http\Controllers\Api\DeviceController::class, 'destroy']);
});

View File

@ -3,8 +3,12 @@
use App\Http\Controllers\PageController; use App\Http\Controllers\PageController;
use App\Http\Controllers\TaskController; use App\Http\Controllers\TaskController;
use App\Http\Controllers\Auth\LoginController; use App\Http\Controllers\Auth\LoginController;
use App\Http\Controllers\Api\DeviceController;
use App\Http\Controllers\Api\ProjectController;
use App\Http\Controllers\Api\TagController;
use Illuminate\Support\Facades\Route; use Illuminate\Support\Facades\Route;
// ─── Páginas públicas ───
Route::get ('/', [PageController::class, 'home'])->name('home'); Route::get ('/', [PageController::class, 'home'])->name('home');
Route::get ('/login', [LoginController::class, 'showLogin'])->name('login'); Route::get ('/login', [LoginController::class, 'showLogin'])->name('login');
Route::get ('/register',[LoginController::class, 'showRegister'])->name('register'); Route::get ('/register',[LoginController::class, 'showRegister'])->name('register');
@ -12,7 +16,33 @@
Route::post('/register',[LoginController::class, 'register']); Route::post('/register',[LoginController::class, 'register']);
Route::post('/logout', [LoginController::class, 'logout'])->middleware('auth:sanctum')->name('logout'); Route::post('/logout', [LoginController::class, 'logout'])->middleware('auth:sanctum')->name('logout');
// ─── Páginas protegidas ───
Route::middleware('auth:sanctum')->group(function () { Route::middleware('auth:sanctum')->group(function () {
Route::get('/app', [PageController::class, 'app'])->name('app'); Route::get('/app', [PageController::class, 'app'])->name('app');
Route::get('/app/settings', [PageController::class, 'settings'])->name('settings'); Route::get('/app/settings', [PageController::class, 'settings'])->name('settings');
// API web (con sesión, usa el guard 'web' de Sanctum)
// Tareas
Route::get ('/api/tasks', [TaskController::class, 'index']);
Route::post ('/api/tasks', [TaskController::class, 'store']);
Route::put ('/api/tasks/{task}', [TaskController::class, 'update']);
Route::delete('/api/tasks/{task}', [TaskController::class, 'destroy']);
Route::post ('/api/tasks/{task}/done', [TaskController::class, 'done']);
Route::post ('/api/tasks/{task}/snooze', [TaskController::class, 'snooze']);
Route::post ('/api/tasks/{task}/restore', [TaskController::class, 'restore']);
Route::get ('/api/tasks/stats', [TaskController::class, 'stats']);
// Proyectos
Route::get ('/api/projects', [ProjectController::class, 'index']);
Route::post ('/api/projects', [ProjectController::class, 'store']);
Route::put ('/api/projects/{project}', [ProjectController::class, 'update']);
Route::delete('/api/projects/{project}', [ProjectController::class, 'destroy']);
// Tags
Route::get ('/api/tags', [TagController::class, 'index']);
Route::post ('/api/tags', [TagController::class, 'store']);
Route::delete('/api/tags/{tag}', [TagController::class, 'destroy']);
// Devices
Route::get ('/api/devices', [DeviceController::class, 'index']);
Route::post ('/api/devices', [DeviceController::class, 'store']);
Route::post ('/api/devices/{device}/rotate', [DeviceController::class, 'rotate']);
Route::delete('/api/devices/{device}', [DeviceController::class, 'destroy']);
}); });