]> BookStack Code Mirror - bookstack/blob - routes/web.php
projects / bookstack / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Opensearch: Fixed XML declaration when php short tags enabled
[bookstack] / routes / web.php
1 <?php
2
3 use BookStack\Access\Controllers as AccessControllers;
4 use BookStack\Activity\Controllers as ActivityControllers;
5 use BookStack\Api\ApiDocsController;
6 use BookStack\Api\UserApiTokenController;
7 use BookStack\App\HomeController;
8 use BookStack\App\MetaController;
9 use BookStack\Entities\Controllers as EntityControllers;
10 use BookStack\Exports\Controllers as ExportControllers;
11 use BookStack\Http\Middleware\VerifyCsrfToken;
12 use BookStack\Permissions\PermissionsController;
13 use BookStack\References\ReferenceController;
14 use BookStack\Search\SearchController;
15 use BookStack\Settings as SettingControllers;
16 use BookStack\Sorting as SortingControllers;
17 use BookStack\Theming\ThemeController;
18 use BookStack\Uploads\Controllers as UploadControllers;
19 use BookStack\Users\Controllers as UserControllers;
20 use Illuminate\Session\Middleware\StartSession;
21 use Illuminate\Support\Facades\Route;
22 use Illuminate\View\Middleware\ShareErrorsFromSession;
23
24 // Status & Meta routes
25 Route::get('/status', [SettingControllers\StatusController::class, 'show']);
26 Route::get('/robots.txt', [MetaController::class, 'robots']);
27 Route::get('/favicon.ico', [MetaController::class, 'favicon']);
28 Route::get('/manifest.json', [MetaController::class, 'pwaManifest']);
29 Route::get('/licenses', [MetaController::class, 'licenses']);
30 Route::get('/opensearch.xml', [MetaController::class, 'opensearch']);
31
32 // Authenticated routes...
33 Route::middleware('auth')->group(function () {
34
35     // Secure images routing
36     Route::get('/uploads/images/{path}', [UploadControllers\ImageController::class, 'showImage'])
37         ->where('path', '.*$');
38
39     // API docs routes
40     Route::get('/api', [ApiDocsController::class, 'redirect']);
41     Route::get('/api/docs', [ApiDocsController::class, 'display']);
42
43     Route::get('/pages/recently-updated', [EntityControllers\PageController::class, 'showRecentlyUpdated']);
44
45     // Shelves
46     Route::get('/create-shelf', [EntityControllers\BookshelfController::class, 'create']);
47     Route::get('/shelves/', [EntityControllers\BookshelfController::class, 'index']);
48     Route::post('/shelves/', [EntityControllers\BookshelfController::class, 'store']);
49     Route::get('/shelves/{slug}/edit', [EntityControllers\BookshelfController::class, 'edit']);
50     Route::get('/shelves/{slug}/delete', [EntityControllers\BookshelfController::class, 'showDelete']);
51     Route::get('/shelves/{slug}', [EntityControllers\BookshelfController::class, 'show']);
52     Route::put('/shelves/{slug}', [EntityControllers\BookshelfController::class, 'update']);
53     Route::delete('/shelves/{slug}', [EntityControllers\BookshelfController::class, 'destroy']);
54     Route::get('/shelves/{slug}/permissions', [PermissionsController::class, 'showForShelf']);
55     Route::put('/shelves/{slug}/permissions', [PermissionsController::class, 'updateForShelf']);
56     Route::post('/shelves/{slug}/copy-permissions', [PermissionsController::class, 'copyShelfPermissionsToBooks']);
57     Route::get('/shelves/{slug}/references', [ReferenceController::class, 'shelf']);
58
59     // Book Creation
60     Route::get('/shelves/{shelfSlug}/create-book', [EntityControllers\BookController::class, 'create']);
61     Route::post('/shelves/{shelfSlug}/create-book', [EntityControllers\BookController::class, 'store']);
62     Route::get('/create-book', [EntityControllers\BookController::class, 'create']);
63
64     // Books
65     Route::get('/books/', [EntityControllers\BookController::class, 'index']);
66     Route::post('/books/', [EntityControllers\BookController::class, 'store']);
67     Route::get('/books/{slug}/edit', [EntityControllers\BookController::class, 'edit']);
68     Route::put('/books/{slug}', [EntityControllers\BookController::class, 'update']);
69     Route::delete('/books/{id}', [EntityControllers\BookController::class, 'destroy']);
70     Route::get('/books/{slug}/sort-item', [SortingControllers\BookSortController::class, 'showItem']);
71     Route::get('/books/{slug}', [EntityControllers\BookController::class, 'show']);
72     Route::get('/books/{bookSlug}/permissions', [PermissionsController::class, 'showForBook']);
73     Route::put('/books/{bookSlug}/permissions', [PermissionsController::class, 'updateForBook']);
74     Route::get('/books/{slug}/delete', [EntityControllers\BookController::class, 'showDelete']);
75     Route::get('/books/{bookSlug}/copy', [EntityControllers\BookController::class, 'showCopy']);
76     Route::post('/books/{bookSlug}/copy', [EntityControllers\BookController::class, 'copy']);
77     Route::post('/books/{bookSlug}/convert-to-shelf', [EntityControllers\BookController::class, 'convertToShelf']);
78     Route::get('/books/{bookSlug}/sort', [SortingControllers\BookSortController::class, 'show']);
79     Route::put('/books/{bookSlug}/sort', [SortingControllers\BookSortController::class, 'update']);
80     Route::get('/books/{slug}/references', [ReferenceController::class, 'book']);
81     Route::get('/books/{bookSlug}/export/html', [ExportControllers\BookExportController::class, 'html']);
82     Route::get('/books/{bookSlug}/export/pdf', [ExportControllers\BookExportController::class, 'pdf']);
83     Route::get('/books/{bookSlug}/export/markdown', [ExportControllers\BookExportController::class, 'markdown']);
84     Route::get('/books/{bookSlug}/export/zip', [ExportControllers\BookExportController::class, 'zip']);
85     Route::get('/books/{bookSlug}/export/plaintext', [ExportControllers\BookExportController::class, 'plainText']);
86
87     // Pages
88     Route::get('/books/{bookSlug}/create-page', [EntityControllers\PageController::class, 'create']);
89     Route::post('/books/{bookSlug}/create-guest-page', [EntityControllers\PageController::class, 'createAsGuest']);
90     Route::get('/books/{bookSlug}/draft/{pageId}', [EntityControllers\PageController::class, 'editDraft']);
91     Route::post('/books/{bookSlug}/draft/{pageId}', [EntityControllers\PageController::class, 'store']);
92     Route::get('/books/{bookSlug}/page/{pageSlug}', [EntityControllers\PageController::class, 'show']);
93     Route::get('/books/{bookSlug}/page/{pageSlug}/export/pdf', [ExportControllers\PageExportController::class, 'pdf']);
94     Route::get('/books/{bookSlug}/page/{pageSlug}/export/html', [ExportControllers\PageExportController::class, 'html']);
95     Route::get('/books/{bookSlug}/page/{pageSlug}/export/markdown', [ExportControllers\PageExportController::class, 'markdown']);
96     Route::get('/books/{bookSlug}/page/{pageSlug}/export/plaintext', [ExportControllers\PageExportController::class, 'plainText']);
97     Route::get('/books/{bookSlug}/page/{pageSlug}/export/zip', [ExportControllers\PageExportController::class, 'zip']);
98     Route::get('/books/{bookSlug}/page/{pageSlug}/edit', [EntityControllers\PageController::class, 'edit']);
99     Route::get('/books/{bookSlug}/page/{pageSlug}/move', [EntityControllers\PageController::class, 'showMove']);
100     Route::put('/books/{bookSlug}/page/{pageSlug}/move', [EntityControllers\PageController::class, 'move']);
101     Route::get('/books/{bookSlug}/page/{pageSlug}/copy', [EntityControllers\PageController::class, 'showCopy']);
102     Route::post('/books/{bookSlug}/page/{pageSlug}/copy', [EntityControllers\PageController::class, 'copy']);
103     Route::get('/books/{bookSlug}/page/{pageSlug}/delete', [EntityControllers\PageController::class, 'showDelete']);
104     Route::get('/books/{bookSlug}/draft/{pageId}/delete', [EntityControllers\PageController::class, 'showDeleteDraft']);
105     Route::get('/books/{bookSlug}/page/{pageSlug}/permissions', [PermissionsController::class, 'showForPage']);
106     Route::put('/books/{bookSlug}/page/{pageSlug}/permissions', [PermissionsController::class, 'updateForPage']);
107     Route::get('/books/{bookSlug}/page/{pageSlug}/references', [ReferenceController::class, 'page']);
108     Route::put('/books/{bookSlug}/page/{pageSlug}', [EntityControllers\PageController::class, 'update']);
109     Route::delete('/books/{bookSlug}/page/{pageSlug}', [EntityControllers\PageController::class, 'destroy']);
110     Route::delete('/books/{bookSlug}/draft/{pageId}', [EntityControllers\PageController::class, 'destroyDraft']);
111
112     // Revisions
113     Route::get('/books/{bookSlug}/page/{pageSlug}/revisions', [EntityControllers\PageRevisionController::class, 'index']);
114     Route::get('/books/{bookSlug}/page/{pageSlug}/revisions/{revId}', [EntityControllers\PageRevisionController::class, 'show']);
115     Route::get('/books/{bookSlug}/page/{pageSlug}/revisions/{revId}/changes', [EntityControllers\PageRevisionController::class, 'changes']);
116     Route::put('/books/{bookSlug}/page/{pageSlug}/revisions/{revId}/restore', [EntityControllers\PageRevisionController::class, 'restore']);
117     Route::delete('/books/{bookSlug}/page/{pageSlug}/revisions/{revId}/delete', [EntityControllers\PageRevisionController::class, 'destroy']);
118     Route::delete('/page-revisions/user-drafts/{pageId}', [EntityControllers\PageRevisionController::class, 'destroyUserDraft']);
119
120     // Chapters
121     Route::get('/books/{bookSlug}/chapter/{chapterSlug}/create-page', [EntityControllers\PageController::class, 'create']);
122     Route::post('/books/{bookSlug}/chapter/{chapterSlug}/create-guest-page', [EntityControllers\PageController::class, 'createAsGuest']);
123     Route::get('/books/{bookSlug}/create-chapter', [EntityControllers\ChapterController::class, 'create']);
124     Route::post('/books/{bookSlug}/create-chapter', [EntityControllers\ChapterController::class, 'store']);
125     Route::get('/books/{bookSlug}/chapter/{chapterSlug}', [EntityControllers\ChapterController::class, 'show']);
126     Route::put('/books/{bookSlug}/chapter/{chapterSlug}', [EntityControllers\ChapterController::class, 'update']);
127     Route::get('/books/{bookSlug}/chapter/{chapterSlug}/move', [EntityControllers\ChapterController::class, 'showMove']);
128     Route::put('/books/{bookSlug}/chapter/{chapterSlug}/move', [EntityControllers\ChapterController::class, 'move']);
129     Route::get('/books/{bookSlug}/chapter/{chapterSlug}/copy', [EntityControllers\ChapterController::class, 'showCopy']);
130     Route::post('/books/{bookSlug}/chapter/{chapterSlug}/copy', [EntityControllers\ChapterController::class, 'copy']);
131     Route::get('/books/{bookSlug}/chapter/{chapterSlug}/edit', [EntityControllers\ChapterController::class, 'edit']);
132     Route::post('/books/{bookSlug}/chapter/{chapterSlug}/convert-to-book', [EntityControllers\ChapterController::class, 'convertToBook']);
133     Route::get('/books/{bookSlug}/chapter/{chapterSlug}/permissions', [PermissionsController::class, 'showForChapter']);
134     Route::get('/books/{bookSlug}/chapter/{chapterSlug}/export/pdf', [ExportControllers\ChapterExportController::class, 'pdf']);
135     Route::get('/books/{bookSlug}/chapter/{chapterSlug}/export/html', [ExportControllers\ChapterExportController::class, 'html']);
136     Route::get('/books/{bookSlug}/chapter/{chapterSlug}/export/markdown', [ExportControllers\ChapterExportController::class, 'markdown']);
137     Route::get('/books/{bookSlug}/chapter/{chapterSlug}/export/plaintext', [ExportControllers\ChapterExportController::class, 'plainText']);
138     Route::get('/books/{bookSlug}/chapter/{chapterSlug}/export/zip', [ExportControllers\ChapterExportController::class, 'zip']);
139     Route::put('/books/{bookSlug}/chapter/{chapterSlug}/permissions', [PermissionsController::class, 'updateForChapter']);
140     Route::get('/books/{bookSlug}/chapter/{chapterSlug}/references', [ReferenceController::class, 'chapter']);
141     Route::get('/books/{bookSlug}/chapter/{chapterSlug}/delete', [EntityControllers\ChapterController::class, 'showDelete']);
142     Route::delete('/books/{bookSlug}/chapter/{chapterSlug}', [EntityControllers\ChapterController::class, 'destroy']);
143
144     // User Profile routes
145     Route::get('/user/{slug}', [UserControllers\UserProfileController::class, 'show']);
146
147     // Image routes
148     Route::get('/images/gallery', [UploadControllers\GalleryImageController::class, 'list']);
149     Route::post('/images/gallery', [UploadControllers\GalleryImageController::class, 'create']);
150     Route::get('/images/drawio', [UploadControllers\DrawioImageController::class, 'list']);
151     Route::get('/images/drawio/base64/{id}', [UploadControllers\DrawioImageController::class, 'getAsBase64']);
152     Route::post('/images/drawio', [UploadControllers\DrawioImageController::class, 'create']);
153     Route::get('/images/edit/{id}', [UploadControllers\ImageController::class, 'edit']);
154     Route::put('/images/{id}/file', [UploadControllers\ImageController::class, 'updateFile']);
155     Route::put('/images/{id}/rebuild-thumbnails', [UploadControllers\ImageController::class, 'rebuildThumbnails']);
156     Route::put('/images/{id}', [UploadControllers\ImageController::class, 'update']);
157     Route::delete('/images/{id}', [UploadControllers\ImageController::class, 'destroy']);
158
159     // Attachments routes
160     Route::get('/attachments/{id}', [UploadControllers\AttachmentController::class, 'get']);
161     Route::post('/attachments/upload', [UploadControllers\AttachmentController::class, 'upload']);
162     Route::post('/attachments/upload/{id}', [UploadControllers\AttachmentController::class, 'uploadUpdate']);
163     Route::post('/attachments/link', [UploadControllers\AttachmentController::class, 'attachLink']);
164     Route::put('/attachments/{id}', [UploadControllers\AttachmentController::class, 'update']);
165     Route::get('/attachments/edit/{id}', [UploadControllers\AttachmentController::class, 'getUpdateForm']);
166     Route::get('/attachments/get/page/{pageId}', [UploadControllers\AttachmentController::class, 'listForPage']);
167     Route::put('/attachments/sort/page/{pageId}', [UploadControllers\AttachmentController::class, 'sortForPage']);
168     Route::delete('/attachments/{id}', [UploadControllers\AttachmentController::class, 'delete']);
169
170     // AJAX routes
171     Route::put('/ajax/page/{id}/save-draft', [EntityControllers\PageController::class, 'saveDraft']);
172     Route::get('/ajax/page/{id}', [EntityControllers\PageController::class, 'getPageAjax']);
173     Route::delete('/ajax/page/{id}', [EntityControllers\PageController::class, 'ajaxDestroy']);
174
175     // Tag routes
176     Route::get('/tags', [ActivityControllers\TagController::class, 'index']);
177     Route::get('/ajax/tags/suggest/names', [ActivityControllers\TagController::class, 'getNameSuggestions']);
178     Route::get('/ajax/tags/suggest/values', [ActivityControllers\TagController::class, 'getValueSuggestions']);
179
180     // Comments
181     Route::post('/comment/{pageId}', [ActivityControllers\CommentController::class, 'savePageComment']);
182     Route::put('/comment/{id}/archive', [ActivityControllers\CommentController::class, 'archive']);
183     Route::put('/comment/{id}/unarchive', [ActivityControllers\CommentController::class, 'unarchive']);
184     Route::put('/comment/{id}', [ActivityControllers\CommentController::class, 'update']);
185     Route::delete('/comment/{id}', [ActivityControllers\CommentController::class, 'destroy']);
186
187     // Links
188     Route::get('/link/{id}', [EntityControllers\PageController::class, 'redirectFromLink']);
189
190     // Search
191     Route::get('/search', [SearchController::class, 'search']);
192     Route::get('/search/book/{bookId}', [SearchController::class, 'searchBook']);
193     Route::get('/search/chapter/{bookId}', [SearchController::class, 'searchChapter']);
194     Route::get('/search/entity/siblings', [SearchController::class, 'searchSiblings']);
195     Route::get('/search/entity-selector', [SearchController::class, 'searchForSelector']);
196     Route::get('/search/entity-selector-templates', [SearchController::class, 'templatesForSelector']);
197     Route::get('/search/suggest', [SearchController::class, 'searchSuggestions']);
198
199     // User Search
200     Route::get('/search/users/select', [UserControllers\UserSearchController::class, 'forSelect']);
201
202     // Template System
203     Route::get('/templates', [EntityControllers\PageTemplateController::class, 'list']);
204     Route::get('/templates/{templateId}', [EntityControllers\PageTemplateController::class, 'get']);
205
206     // Favourites
207     Route::get('/favourites', [ActivityControllers\FavouriteController::class, 'index']);
208     Route::post('/favourites/add', [ActivityControllers\FavouriteController::class, 'add']);
209     Route::post('/favourites/remove', [ActivityControllers\FavouriteController::class, 'remove']);
210
211     // Watching
212     Route::put('/watching/update', [ActivityControllers\WatchController::class, 'update']);
213
214     // Importing
215     Route::get('/import', [ExportControllers\ImportController::class, 'start']);
216     Route::post('/import', [ExportControllers\ImportController::class, 'upload']);
217     Route::get('/import/{id}', [ExportControllers\ImportController::class, 'show']);
218     Route::post('/import/{id}', [ExportControllers\ImportController::class, 'run']);
219     Route::delete('/import/{id}', [ExportControllers\ImportController::class, 'delete']);
220
221     // Other Pages
222     Route::get('/', [HomeController::class, 'index']);
223     Route::get('/home', [HomeController::class, 'index']);
224
225     // Permissions
226     Route::get('/permissions/form-row/{entityType}/{roleId}', [PermissionsController::class, 'formRowForRole']);
227
228     // Maintenance
229     Route::get('/settings/maintenance', [SettingControllers\MaintenanceController::class, 'index']);
230     Route::delete('/settings/maintenance/cleanup-images', [SettingControllers\MaintenanceController::class, 'cleanupImages']);
231     Route::post('/settings/maintenance/send-test-email', [SettingControllers\MaintenanceController::class, 'sendTestEmail']);
232     Route::post('/settings/maintenance/regenerate-references', [SettingControllers\MaintenanceController::class, 'regenerateReferences']);
233
234     // Recycle Bin
235     Route::get('/settings/recycle-bin', [EntityControllers\RecycleBinController::class, 'index']);
236     Route::post('/settings/recycle-bin/empty', [EntityControllers\RecycleBinController::class, 'empty']);
237     Route::get('/settings/recycle-bin/{id}/destroy', [EntityControllers\RecycleBinController::class, 'showDestroy']);
238     Route::delete('/settings/recycle-bin/{id}', [EntityControllers\RecycleBinController::class, 'destroy']);
239     Route::get('/settings/recycle-bin/{id}/restore', [EntityControllers\RecycleBinController::class, 'showRestore']);
240     Route::post('/settings/recycle-bin/{id}/restore', [EntityControllers\RecycleBinController::class, 'restore']);
241
242     // Audit Log
243     Route::get('/settings/audit', [ActivityControllers\AuditLogController::class, 'index']);
244
245     // Users
246     Route::get('/settings/users', [UserControllers\UserController::class, 'index']);
247     Route::get('/settings/users/create', [UserControllers\UserController::class, 'create']);
248     Route::get('/settings/users/{id}/delete', [UserControllers\UserController::class, 'delete']);
249     Route::post('/settings/users/create', [UserControllers\UserController::class, 'store']);
250     Route::get('/settings/users/{id}', [UserControllers\UserController::class, 'edit']);
251     Route::put('/settings/users/{id}', [UserControllers\UserController::class, 'update']);
252     Route::delete('/settings/users/{id}', [UserControllers\UserController::class, 'destroy']);
253
254     // User Account
255     Route::get('/my-account', [UserControllers\UserAccountController::class, 'redirect']);
256     Route::get('/my-account/profile', [UserControllers\UserAccountController::class, 'showProfile']);
257     Route::put('/my-account/profile', [UserControllers\UserAccountController::class, 'updateProfile']);
258     Route::get('/my-account/shortcuts', [UserControllers\UserAccountController::class, 'showShortcuts']);
259     Route::put('/my-account/shortcuts', [UserControllers\UserAccountController::class, 'updateShortcuts']);
260     Route::get('/my-account/notifications', [UserControllers\UserAccountController::class, 'showNotifications']);
261     Route::put('/my-account/notifications', [UserControllers\UserAccountController::class, 'updateNotifications']);
262     Route::get('/my-account/auth', [UserControllers\UserAccountController::class, 'showAuth']);
263     Route::put('/my-account/auth/password', [UserControllers\UserAccountController::class, 'updatePassword']);
264     Route::get('/my-account/delete', [UserControllers\UserAccountController::class, 'delete']);
265     Route::delete('/my-account', [UserControllers\UserAccountController::class, 'destroy']);
266
267     // User Preference Endpoints
268     Route::patch('/preferences/change-view/{type}', [UserControllers\UserPreferencesController::class, 'changeView']);
269     Route::patch('/preferences/change-sort/{type}', [UserControllers\UserPreferencesController::class, 'changeSort']);
270     Route::patch('/preferences/change-expansion/{type}', [UserControllers\UserPreferencesController::class, 'changeExpansion']);
271     Route::patch('/preferences/toggle-dark-mode', [UserControllers\UserPreferencesController::class, 'toggleDarkMode']);
272     Route::patch('/preferences/update-code-language-favourite', [UserControllers\UserPreferencesController::class, 'updateCodeLanguageFavourite']);
273
274     // User API Tokens
275     Route::get('/api-tokens/{userId}/create', [UserApiTokenController::class, 'create']);
276     Route::post('/api-tokens/{userId}/create', [UserApiTokenController::class, 'store']);
277     Route::get('/api-tokens/{userId}/{tokenId}', [UserApiTokenController::class, 'edit']);
278     Route::put('/api-tokens/{userId}/{tokenId}', [UserApiTokenController::class, 'update']);
279     Route::get('/api-tokens/{userId}/{tokenId}/delete', [UserApiTokenController::class, 'delete']);
280     Route::delete('/api-tokens/{userId}/{tokenId}', [UserApiTokenController::class, 'destroy']);
281
282     // Roles
283     Route::get('/settings/roles', [UserControllers\RoleController::class, 'index']);
284     Route::get('/settings/roles/new', [UserControllers\RoleController::class, 'create']);
285     Route::post('/settings/roles/new', [UserControllers\RoleController::class, 'store']);
286     Route::get('/settings/roles/delete/{id}', [UserControllers\RoleController::class, 'showDelete']);
287     Route::delete('/settings/roles/delete/{id}', [UserControllers\RoleController::class, 'delete']);
288     Route::get('/settings/roles/{id}', [UserControllers\RoleController::class, 'edit']);
289     Route::put('/settings/roles/{id}', [UserControllers\RoleController::class, 'update']);
290
291     // Webhooks
292     Route::get('/settings/webhooks', [ActivityControllers\WebhookController::class, 'index']);
293     Route::get('/settings/webhooks/create', [ActivityControllers\WebhookController::class, 'create']);
294     Route::post('/settings/webhooks/create', [ActivityControllers\WebhookController::class, 'store']);
295     Route::get('/settings/webhooks/{id}', [ActivityControllers\WebhookController::class, 'edit']);
296     Route::put('/settings/webhooks/{id}', [ActivityControllers\WebhookController::class, 'update']);
297     Route::get('/settings/webhooks/{id}/delete', [ActivityControllers\WebhookController::class, 'delete']);
298     Route::delete('/settings/webhooks/{id}', [ActivityControllers\WebhookController::class, 'destroy']);
299
300     // Sort Rules
301     Route::get('/settings/sorting/rules/new', [SortingControllers\SortRuleController::class, 'create']);
302     Route::post('/settings/sorting/rules', [SortingControllers\SortRuleController::class, 'store']);
303     Route::get('/settings/sorting/rules/{id}', [SortingControllers\SortRuleController::class, 'edit']);
304     Route::put('/settings/sorting/rules/{id}', [SortingControllers\SortRuleController::class, 'update']);
305     Route::delete('/settings/sorting/rules/{id}', [SortingControllers\SortRuleController::class, 'destroy']);
306
307     // Settings
308     Route::get('/settings', [SettingControllers\SettingController::class, 'index'])->name('settings');
309     Route::get('/settings/{category}', [SettingControllers\SettingController::class, 'category'])->name('settings.category');
310     Route::post('/settings/{category}', [SettingControllers\SettingController::class, 'update']);
311 });
312
313 // MFA routes
314 Route::middleware('mfa-setup')->group(function () {
315     Route::get('/mfa/setup', [AccessControllers\MfaController::class, 'setup']);
316     Route::get('/mfa/totp/generate', [AccessControllers\MfaTotpController::class, 'generate']);
317     Route::post('/mfa/totp/confirm', [AccessControllers\MfaTotpController::class, 'confirm']);
318     Route::get('/mfa/backup_codes/generate', [AccessControllers\MfaBackupCodesController::class, 'generate']);
319     Route::post('/mfa/backup_codes/confirm', [AccessControllers\MfaBackupCodesController::class, 'confirm']);
320 });
321 Route::middleware('guest')->group(function () {
322     Route::get('/mfa/verify', [AccessControllers\MfaController::class, 'verify']);
323     Route::post('/mfa/totp/verify', [AccessControllers\MfaTotpController::class, 'verify']);
324     Route::post('/mfa/backup_codes/verify', [AccessControllers\MfaBackupCodesController::class, 'verify']);
325 });
326 Route::delete('/mfa/{method}/remove', [AccessControllers\MfaController::class, 'remove'])->middleware('auth');
327
328 // Social auth routes
329 Route::get('/login/service/{socialDriver}', [AccessControllers\SocialController::class, 'login']);
330 Route::get('/login/service/{socialDriver}/callback', [AccessControllers\SocialController::class, 'callback']);
331 Route::post('/login/service/{socialDriver}/detach', [AccessControllers\SocialController::class, 'detach'])->middleware('auth');
332 Route::get('/register/service/{socialDriver}', [AccessControllers\SocialController::class, 'register']);
333
334 // Login/Logout routes
335 Route::get('/login', [AccessControllers\LoginController::class, 'getLogin']);
336 Route::post('/login', [AccessControllers\LoginController::class, 'login']);
337 Route::post('/logout', [AccessControllers\LoginController::class, 'logout']);
338 Route::get('/register', [AccessControllers\RegisterController::class, 'getRegister']);
339 Route::get('/register/confirm', [AccessControllers\ConfirmEmailController::class, 'show']);
340 Route::get('/register/confirm/awaiting', [AccessControllers\ConfirmEmailController::class, 'showAwaiting']);
341 Route::post('/register/confirm/resend', [AccessControllers\ConfirmEmailController::class, 'resend']);
342 Route::get('/register/confirm/{token}', [AccessControllers\ConfirmEmailController::class, 'showAcceptForm']);
343 Route::post('/register/confirm/accept', [AccessControllers\ConfirmEmailController::class, 'confirm'])->middleware('throttle:public');
344 Route::post('/register', [AccessControllers\RegisterController::class, 'postRegister'])->middleware('throttle:public');
345
346 // SAML routes
347 Route::post('/saml2/login', [AccessControllers\Saml2Controller::class, 'login']);
348 Route::post('/saml2/logout', [AccessControllers\Saml2Controller::class, 'logout']);
349 Route::get('/saml2/metadata', [AccessControllers\Saml2Controller::class, 'metadata']);
350 Route::get('/saml2/sls', [AccessControllers\Saml2Controller::class, 'sls']);
351 Route::post('/saml2/acs', [AccessControllers\Saml2Controller::class, 'startAcs'])->withoutMiddleware([
352     StartSession::class,
353     ShareErrorsFromSession::class,
354     VerifyCsrfToken::class,
355 ]);
356 Route::get('/saml2/acs', [AccessControllers\Saml2Controller::class, 'processAcs']);
357
358 // OIDC routes
359 Route::post('/oidc/login', [AccessControllers\OidcController::class, 'login']);
360 Route::get('/oidc/callback', [AccessControllers\OidcController::class, 'callback']);
361 Route::post('/oidc/logout', [AccessControllers\OidcController::class, 'logout']);
362
363 // User invitation routes
364 Route::get('/register/invite/{token}', [AccessControllers\UserInviteController::class, 'showSetPassword'])->middleware('throttle:public');
365 Route::post('/register/invite/{token}', [AccessControllers\UserInviteController::class, 'setPassword'])->middleware('throttle:public');
366
367 // Password reset link request routes
368 Route::get('/password/email', [AccessControllers\ForgotPasswordController::class, 'showLinkRequestForm']);
369 Route::post('/password/email', [AccessControllers\ForgotPasswordController::class, 'sendResetLinkEmail'])->middleware('throttle:public');
370
371 // Password reset routes
372 Route::get('/password/reset/{token}', [AccessControllers\ResetPasswordController::class, 'showResetForm']);
373 Route::post('/password/reset', [AccessControllers\ResetPasswordController::class, 'reset'])->middleware('throttle:public');
374
375 // Help & Info routes
376 Route::view('/help/tinymce', 'help.tinymce');
377 Route::view('/help/wysiwyg', 'help.wysiwyg');
378
379 // Theme Routes
380 Route::get('/theme/{theme}/{path}', [ThemeController::class, 'publicFile'])
381     ->where('path', '.*$');
382
383 Route::fallback([MetaController::class, 'notFound'])->name('fallback');
The core source code for the BookStack project.