X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/b01bbf9c8900ee2cc182f47d34aaa682bf1aa244..refs/pull/5312/head:/routes/web.php diff --git a/routes/web.php b/routes/web.php index 74ee74a2c..81b938f32 100644 --- a/routes/web.php +++ b/routes/web.php @@ -5,6 +5,7 @@ use BookStack\Activity\Controllers as ActivityControllers; use BookStack\Api\ApiDocsController; use BookStack\Api\UserApiTokenController; use BookStack\App\HomeController; +use BookStack\App\MetaController; use BookStack\Entities\Controllers as EntityControllers; use BookStack\Http\Middleware\VerifyCsrfToken; use BookStack\Permissions\PermissionsController; @@ -18,8 +19,11 @@ use Illuminate\Support\Facades\Route; use Illuminate\View\Middleware\ShareErrorsFromSession; Route::get('/status', [SettingControllers\StatusController::class, 'show']); -Route::get('/robots.txt', [HomeController::class, 'robots']); -Route::get('/favicon.ico', [HomeController::class, 'favicon']); +Route::get('/robots.txt', [MetaController::class, 'robots']); +Route::get('/favicon.ico', [MetaController::class, 'favicon']); +Route::get('/manifest.json', [MetaController::class, 'pwaManifest']); +Route::get('/licenses', [MetaController::class, 'licenses']); +Route::get('/opensearch.xml', [MetaController::class, 'opensearch']); // Authenticated routes... Route::middleware('auth')->group(function () { @@ -142,6 +146,7 @@ Route::middleware('auth')->group(function () { Route::post('/images/drawio', [UploadControllers\DrawioImageController::class, 'create']); Route::get('/images/edit/{id}', [UploadControllers\ImageController::class, 'edit']); Route::put('/images/{id}/file', [UploadControllers\ImageController::class, 'updateFile']); + Route::put('/images/{id}/rebuild-thumbnails', [UploadControllers\ImageController::class, 'rebuildThumbnails']); Route::put('/images/{id}', [UploadControllers\ImageController::class, 'update']); Route::delete('/images/{id}', [UploadControllers\ImageController::class, 'destroy']); @@ -180,6 +185,7 @@ Route::middleware('auth')->group(function () { Route::get('/search/chapter/{bookId}', [SearchController::class, 'searchChapter']); Route::get('/search/entity/siblings', [SearchController::class, 'searchSiblings']); Route::get('/search/entity-selector', [SearchController::class, 'searchForSelector']); + Route::get('/search/entity-selector-templates', [SearchController::class, 'templatesForSelector']); Route::get('/search/suggest', [SearchController::class, 'searchSuggestions']); // User Search @@ -194,6 +200,9 @@ Route::middleware('auth')->group(function () { Route::post('/favourites/add', [ActivityControllers\FavouriteController::class, 'add']); Route::post('/favourites/remove', [ActivityControllers\FavouriteController::class, 'remove']); + // Watching + Route::put('/watching/update', [ActivityControllers\WatchController::class, 'update']); + // Other Pages Route::get('/', [HomeController::class, 'index']); Route::get('/home', [HomeController::class, 'index']); @@ -227,24 +236,33 @@ Route::middleware('auth')->group(function () { Route::put('/settings/users/{id}', [UserControllers\UserController::class, 'update']); Route::delete('/settings/users/{id}', [UserControllers\UserController::class, 'destroy']); - // User Preferences - Route::redirect('/preferences', '/'); - Route::get('/preferences/shortcuts', [UserControllers\UserPreferencesController::class, 'showShortcuts']); - Route::put('/preferences/shortcuts', [UserControllers\UserPreferencesController::class, 'updateShortcuts']); + // User Account + Route::get('/my-account', [UserControllers\UserAccountController::class, 'redirect']); + Route::get('/my-account/profile', [UserControllers\UserAccountController::class, 'showProfile']); + Route::put('/my-account/profile', [UserControllers\UserAccountController::class, 'updateProfile']); + Route::get('/my-account/shortcuts', [UserControllers\UserAccountController::class, 'showShortcuts']); + Route::put('/my-account/shortcuts', [UserControllers\UserAccountController::class, 'updateShortcuts']); + Route::get('/my-account/notifications', [UserControllers\UserAccountController::class, 'showNotifications']); + Route::put('/my-account/notifications', [UserControllers\UserAccountController::class, 'updateNotifications']); + Route::get('/my-account/auth', [UserControllers\UserAccountController::class, 'showAuth']); + Route::put('/my-account/auth/password', [UserControllers\UserAccountController::class, 'updatePassword']); + Route::get('/my-account/delete', [UserControllers\UserAccountController::class, 'delete']); + Route::delete('/my-account', [UserControllers\UserAccountController::class, 'destroy']); + + // User Preference Endpoints Route::patch('/preferences/change-view/{type}', [UserControllers\UserPreferencesController::class, 'changeView']); Route::patch('/preferences/change-sort/{type}', [UserControllers\UserPreferencesController::class, 'changeSort']); Route::patch('/preferences/change-expansion/{type}', [UserControllers\UserPreferencesController::class, 'changeExpansion']); Route::patch('/preferences/toggle-dark-mode', [UserControllers\UserPreferencesController::class, 'toggleDarkMode']); Route::patch('/preferences/update-code-language-favourite', [UserControllers\UserPreferencesController::class, 'updateCodeLanguageFavourite']); - Route::patch('/preferences/update-boolean', [UserControllers\UserPreferencesController::class, 'updateBooleanPreference']); // User API Tokens - Route::get('/settings/users/{userId}/create-api-token', [UserApiTokenController::class, 'create']); - Route::post('/settings/users/{userId}/create-api-token', [UserApiTokenController::class, 'store']); - Route::get('/settings/users/{userId}/api-tokens/{tokenId}', [UserApiTokenController::class, 'edit']); - Route::put('/settings/users/{userId}/api-tokens/{tokenId}', [UserApiTokenController::class, 'update']); - Route::get('/settings/users/{userId}/api-tokens/{tokenId}/delete', [UserApiTokenController::class, 'delete']); - Route::delete('/settings/users/{userId}/api-tokens/{tokenId}', [UserApiTokenController::class, 'destroy']); + Route::get('/api-tokens/{userId}/create', [UserApiTokenController::class, 'create']); + Route::post('/api-tokens/{userId}/create', [UserApiTokenController::class, 'store']); + Route::get('/api-tokens/{userId}/{tokenId}', [UserApiTokenController::class, 'edit']); + Route::put('/api-tokens/{userId}/{tokenId}', [UserApiTokenController::class, 'update']); + Route::get('/api-tokens/{userId}/{tokenId}/delete', [UserApiTokenController::class, 'delete']); + Route::delete('/api-tokens/{userId}/{tokenId}', [UserApiTokenController::class, 'destroy']); // Roles Route::get('/settings/roles', [UserControllers\RoleController::class, 'index']); @@ -300,8 +318,8 @@ Route::get('/register/confirm', [AccessControllers\ConfirmEmailController::class Route::get('/register/confirm/awaiting', [AccessControllers\ConfirmEmailController::class, 'showAwaiting']); Route::post('/register/confirm/resend', [AccessControllers\ConfirmEmailController::class, 'resend']); Route::get('/register/confirm/{token}', [AccessControllers\ConfirmEmailController::class, 'showAcceptForm']); -Route::post('/register/confirm/accept', [AccessControllers\ConfirmEmailController::class, 'confirm']); -Route::post('/register', [AccessControllers\RegisterController::class, 'postRegister']); +Route::post('/register/confirm/accept', [AccessControllers\ConfirmEmailController::class, 'confirm'])->middleware('throttle:public'); +Route::post('/register', [AccessControllers\RegisterController::class, 'postRegister'])->middleware('throttle:public'); // SAML routes Route::post('/saml2/login', [AccessControllers\Saml2Controller::class, 'login']); @@ -318,20 +336,21 @@ Route::get('/saml2/acs', [AccessControllers\Saml2Controller::class, 'processAcs' // OIDC routes Route::post('/oidc/login', [AccessControllers\OidcController::class, 'login']); Route::get('/oidc/callback', [AccessControllers\OidcController::class, 'callback']); +Route::post('/oidc/logout', [AccessControllers\OidcController::class, 'logout']); // User invitation routes -Route::get('/register/invite/{token}', [AccessControllers\UserInviteController::class, 'showSetPassword']); -Route::post('/register/invite/{token}', [AccessControllers\UserInviteController::class, 'setPassword']); +Route::get('/register/invite/{token}', [AccessControllers\UserInviteController::class, 'showSetPassword'])->middleware('throttle:public'); +Route::post('/register/invite/{token}', [AccessControllers\UserInviteController::class, 'setPassword'])->middleware('throttle:public'); // Password reset link request routes Route::get('/password/email', [AccessControllers\ForgotPasswordController::class, 'showLinkRequestForm']); -Route::post('/password/email', [AccessControllers\ForgotPasswordController::class, 'sendResetLinkEmail']); +Route::post('/password/email', [AccessControllers\ForgotPasswordController::class, 'sendResetLinkEmail'])->middleware('throttle:public'); // Password reset routes Route::get('/password/reset/{token}', [AccessControllers\ResetPasswordController::class, 'showResetForm']); -Route::post('/password/reset', [AccessControllers\ResetPasswordController::class, 'reset']); +Route::post('/password/reset', [AccessControllers\ResetPasswordController::class, 'reset'])->middleware('throttle:public'); // Metadata routes Route::view('/help/wysiwyg', 'help.wysiwyg'); -Route::fallback([HomeController::class, 'notFound'])->name('fallback'); +Route::fallback([MetaController::class, 'notFound'])->name('fallback');