├── .editorconfig ├── .env.example ├── .gitattributes ├── .gitignore ├── README.md ├── app ├── Console │ └── Kernel.php ├── Exceptions │ └── Handler.php ├── Http │ ├── Controllers │ │ ├── AdminController.php │ │ ├── Auth │ │ │ ├── AuthenticatedSessionController.php │ │ │ ├── ConfirmablePasswordController.php │ │ │ ├── EmailVerificationNotificationController.php │ │ │ ├── EmailVerificationPromptController.php │ │ │ ├── NewPasswordController.php │ │ │ ├── PasswordController.php │ │ │ ├── PasswordResetLinkController.php │ │ │ ├── RegisteredUserController.php │ │ │ └── VerifyEmailController.php │ │ ├── Controller.php │ │ ├── PermissionController.php │ │ ├── PostController.php │ │ ├── ProfileController.php │ │ ├── RemoveRoleFromUserController.php │ │ ├── RevokePermissionFromRoleController.php │ │ ├── RevokePermissionFromUserController.php │ │ ├── RoleController.php │ │ └── UserController.php │ ├── Kernel.php │ ├── Middleware │ │ ├── Authenticate.php │ │ ├── EncryptCookies.php │ │ ├── HandleInertiaRequests.php │ │ ├── PreventRequestsDuringMaintenance.php │ │ ├── RedirectIfAuthenticated.php │ │ ├── TrimStrings.php │ │ ├── TrustHosts.php │ │ ├── TrustProxies.php │ │ ├── ValidateSignature.php │ │ └── VerifyCsrfToken.php │ ├── Requests │ │ ├── Auth │ │ │ └── LoginRequest.php │ │ ├── CreatePermissionRequest.php │ │ ├── CreatePostRequest.php │ │ ├── CreateRoleRequest.php │ │ └── ProfileUpdateRequest.php │ └── Resources │ │ ├── PermissionResource.php │ │ ├── PostResource.php │ │ ├── RoleResource.php │ │ ├── UserResource.php │ │ └── UserSharedResource.php ├── Models │ ├── Post.php │ └── User.php ├── Policies │ └── PostPolicy.php └── Providers │ ├── AppServiceProvider.php │ ├── AuthServiceProvider.php │ ├── BroadcastServiceProvider.php │ ├── EventServiceProvider.php │ └── RouteServiceProvider.php ├── artisan ├── bootstrap ├── app.php └── cache │ └── .gitignore ├── composer.json ├── composer.lock ├── config ├── app.php ├── auth.php ├── broadcasting.php ├── cache.php ├── cors.php ├── database.php ├── filesystems.php ├── hashing.php ├── logging.php ├── mail.php ├── permission.php ├── queue.php ├── sanctum.php ├── services.php ├── session.php └── view.php ├── database ├── .gitignore ├── factories │ └── UserFactory.php ├── migrations │ ├── 2014_10_12_000000_create_users_table.php │ ├── 2014_10_12_100000_create_password_reset_tokens_table.php │ ├── 2019_08_19_000000_create_failed_jobs_table.php │ ├── 2019_12_14_000001_create_personal_access_tokens_table.php │ ├── 2023_02_22_083852_create_permission_tables.php │ └── 2023_03_15_132250_create_posts_table.php └── seeders │ ├── AdminSeeder.php │ ├── DatabaseSeeder.php │ └── RoleSeeder.php ├── jsconfig.json ├── package-lock.json ├── package.json ├── phpunit.xml ├── postcss.config.js ├── public ├── .htaccess ├── favicon.ico ├── index.php └── robots.txt ├── resources ├── .DS_Store ├── css │ └── app.css ├── js │ ├── Components │ │ ├── ApplicationLogo.vue │ │ ├── Checkbox.vue │ │ ├── DangerButton.vue │ │ ├── Dropdown.vue │ │ ├── DropdownLink.vue │ │ ├── InputError.vue │ │ ├── InputLabel.vue │ │ ├── Modal.vue │ │ ├── NavLink.vue │ │ ├── PrimaryButton.vue │ │ ├── ResponsiveNavLink.vue │ │ ├── SecondaryButton.vue │ │ ├── SidebarLink.vue │ │ ├── Table.vue │ │ ├── TableDataCell.vue │ │ ├── TableHeaderCell.vue │ │ ├── TableRow.vue │ │ └── TextInput.vue │ ├── Layouts │ │ ├── AdminLayout.vue │ │ ├── AuthenticatedLayout.vue │ │ └── GuestLayout.vue │ ├── Pages │ │ ├── Admin │ │ │ ├── AdminIndex.vue │ │ │ ├── Permissions │ │ │ │ ├── Create.vue │ │ │ │ ├── Edit.vue │ │ │ │ └── PermissionIndex.vue │ │ │ ├── Posts │ │ │ │ ├── Create.vue │ │ │ │ ├── Edit.vue │ │ │ │ └── PostIndex.vue │ │ │ ├── Roles │ │ │ │ ├── Create.vue │ │ │ │ ├── Edit.vue │ │ │ │ └── RoleIndex.vue │ │ │ └── Users │ │ │ │ ├── Create.vue │ │ │ │ ├── Edit.vue │ │ │ │ └── UserIndex.vue │ │ ├── Auth │ │ │ ├── ConfirmPassword.vue │ │ │ ├── ForgotPassword.vue │ │ │ ├── Login.vue │ │ │ ├── Register.vue │ │ │ ├── ResetPassword.vue │ │ │ └── VerifyEmail.vue │ │ ├── Dashboard.vue │ │ ├── Profile │ │ │ ├── Edit.vue │ │ │ └── Partials │ │ │ │ ├── DeleteUserForm.vue │ │ │ │ ├── UpdatePasswordForm.vue │ │ │ │ └── UpdateProfileInformationForm.vue │ │ └── Welcome.vue │ ├── app.js │ ├── bootstrap.js │ └── composables │ │ └── permissions.js └── views │ ├── app.blade.php │ └── welcome.blade.php ├── routes ├── api.php ├── auth.php ├── channels.php ├── console.php └── web.php ├── storage ├── app │ ├── .gitignore │ └── public │ │ └── .gitignore ├── framework │ ├── .gitignore │ ├── cache │ │ ├── .gitignore │ │ └── data │ │ │ └── .gitignore │ ├── sessions │ │ └── .gitignore │ ├── testing │ │ └── .gitignore │ └── views │ │ └── .gitignore └── logs │ └── .gitignore ├── tailwind.config.js ├── tests ├── CreatesApplication.php ├── Feature │ ├── Auth │ │ ├── AuthenticationTest.php │ │ ├── EmailVerificationTest.php │ │ ├── PasswordConfirmationTest.php │ │ ├── PasswordResetTest.php │ │ ├── PasswordUpdateTest.php │ │ └── RegistrationTest.php │ ├── ExampleTest.php │ └── ProfileTest.php ├── Pest.php ├── TestCase.php └── Unit │ └── ExampleTest.php └── vite.config.js /.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | charset = utf-8 5 | end_of_line = lf 6 | indent_size = 4 7 | indent_style = space 8 | insert_final_newline = true 9 | trim_trailing_whitespace = true 10 | 11 | [*.md] 12 | trim_trailing_whitespace = false 13 | 14 | [*.{yml,yaml}] 15 | indent_size = 2 16 | 17 | [docker-compose.yml] 18 | indent_size = 4 19 | -------------------------------------------------------------------------------- /.env.example: -------------------------------------------------------------------------------- 1 | APP_NAME=Laravel 2 | APP_ENV=local 3 | APP_KEY= 4 | APP_DEBUG=true 5 | APP_URL=http://localhost 6 | 7 | LOG_CHANNEL=stack 8 | LOG_DEPRECATIONS_CHANNEL=null 9 | LOG_LEVEL=debug 10 | 11 | DB_CONNECTION=mysql 12 | DB_HOST=127.0.0.1 13 | DB_PORT=3306 14 | DB_DATABASE=inertia_permission 15 | DB_USERNAME=root 16 | DB_PASSWORD= 17 | 18 | BROADCAST_DRIVER=log 19 | CACHE_DRIVER=file 20 | FILESYSTEM_DISK=local 21 | QUEUE_CONNECTION=sync 22 | SESSION_DRIVER=file 23 | SESSION_LIFETIME=120 24 | 25 | MEMCACHED_HOST=127.0.0.1 26 | 27 | REDIS_HOST=127.0.0.1 28 | REDIS_PASSWORD=null 29 | REDIS_PORT=6379 30 | 31 | MAIL_MAILER=smtp 32 | MAIL_HOST=mailpit 33 | MAIL_PORT=1025 34 | MAIL_USERNAME=null 35 | MAIL_PASSWORD=null 36 | MAIL_ENCRYPTION=null 37 | MAIL_FROM_ADDRESS="hello@example.com" 38 | MAIL_FROM_NAME="${APP_NAME}" 39 | 40 | AWS_ACCESS_KEY_ID= 41 | AWS_SECRET_ACCESS_KEY= 42 | AWS_DEFAULT_REGION=us-east-1 43 | AWS_BUCKET= 44 | AWS_USE_PATH_STYLE_ENDPOINT=false 45 | 46 | PUSHER_APP_ID= 47 | PUSHER_APP_KEY= 48 | PUSHER_APP_SECRET= 49 | PUSHER_HOST= 50 | PUSHER_PORT=443 51 | PUSHER_SCHEME=https 52 | PUSHER_APP_CLUSTER=mt1 53 | 54 | VITE_PUSHER_APP_KEY="${PUSHER_APP_KEY}" 55 | VITE_PUSHER_HOST="${PUSHER_HOST}" 56 | VITE_PUSHER_PORT="${PUSHER_PORT}" 57 | VITE_PUSHER_SCHEME="${PUSHER_SCHEME}" 58 | VITE_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}" 59 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | * text=auto eol=lf 2 | 3 | *.blade.php diff=html 4 | *.css diff=css 5 | *.html diff=html 6 | *.md diff=markdown 7 | *.php diff=php 8 | 9 | /.github export-ignore 10 | CHANGELOG.md export-ignore 11 | .styleci.yml export-ignore 12 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /.phpunit.cache 2 | /node_modules 3 | /public/build 4 | /public/hot 5 | /public/storage 6 | /storage/*.key 7 | /vendor 8 | .env 9 | .env.backup 10 | .env.production 11 | .phpunit.result.cache 12 | Homestead.json 13 | Homestead.yaml 14 | auth.json 15 | npm-debug.log 16 | yarn-error.log 17 | /.fleet 18 | /.idea 19 | /.vscode 20 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 |

Laravel Logo

2 | 3 |

4 | Build Status 5 | Total Downloads 6 | Latest Stable Version 7 | License 8 |

9 | 10 | ## About Laravel 11 | 12 | Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experience to be truly fulfilling. Laravel takes the pain out of development by easing common tasks used in many web projects, such as: 13 | 14 | - [Simple, fast routing engine](https://laravel.com/docs/routing). 15 | - [Powerful dependency injection container](https://laravel.com/docs/container). 16 | - Multiple back-ends for [session](https://laravel.com/docs/session) and [cache](https://laravel.com/docs/cache) storage. 17 | - Expressive, intuitive [database ORM](https://laravel.com/docs/eloquent). 18 | - Database agnostic [schema migrations](https://laravel.com/docs/migrations). 19 | - [Robust background job processing](https://laravel.com/docs/queues). 20 | - [Real-time event broadcasting](https://laravel.com/docs/broadcasting). 21 | 22 | Laravel is accessible, powerful, and provides tools required for large, robust applications. 23 | 24 | ## Learning Laravel 25 | 26 | Laravel has the most extensive and thorough [documentation](https://laravel.com/docs) and video tutorial library of all modern web application frameworks, making it a breeze to get started with the framework. 27 | 28 | You may also try the [Laravel Bootcamp](https://bootcamp.laravel.com), where you will be guided through building a modern Laravel application from scratch. 29 | 30 | If you don't feel like reading, [Laracasts](https://laracasts.com) can help. Laracasts contains over 2000 video tutorials on a range of topics including Laravel, modern PHP, unit testing, and JavaScript. Boost your skills by digging into our comprehensive video library. 31 | 32 | ## Laravel Sponsors 33 | 34 | We would like to extend our thanks to the following sponsors for funding Laravel development. If you are interested in becoming a sponsor, please visit the Laravel [Patreon page](https://patreon.com/taylorotwell). 35 | 36 | ### Premium Partners 37 | 38 | - **[Vehikl](https://vehikl.com/)** 39 | - **[Tighten Co.](https://tighten.co)** 40 | - **[Kirschbaum Development Group](https://kirschbaumdevelopment.com)** 41 | - **[64 Robots](https://64robots.com)** 42 | - **[Cubet Techno Labs](https://cubettech.com)** 43 | - **[Cyber-Duck](https://cyber-duck.co.uk)** 44 | - **[Many](https://www.many.co.uk)** 45 | - **[Webdock, Fast VPS Hosting](https://www.webdock.io/en)** 46 | - **[DevSquad](https://devsquad.com)** 47 | - **[Curotec](https://www.curotec.com/services/technologies/laravel/)** 48 | - **[OP.GG](https://op.gg)** 49 | - **[WebReinvent](https://webreinvent.com/?utm_source=laravel&utm_medium=github&utm_campaign=patreon-sponsors)** 50 | - **[Lendio](https://lendio.com)** 51 | 52 | ## Contributing 53 | 54 | Thank you for considering contributing to the Laravel framework! The contribution guide can be found in the [Laravel documentation](https://laravel.com/docs/contributions). 55 | 56 | ## Code of Conduct 57 | 58 | In order to ensure that the Laravel community is welcoming to all, please review and abide by the [Code of Conduct](https://laravel.com/docs/contributions#code-of-conduct). 59 | 60 | ## Security Vulnerabilities 61 | 62 | If you discover a security vulnerability within Laravel, please send an e-mail to Taylor Otwell via [taylor@laravel.com](mailto:taylor@laravel.com). All security vulnerabilities will be promptly addressed. 63 | 64 | ## License 65 | 66 | The Laravel framework is open-sourced software licensed under the [MIT license](https://opensource.org/licenses/MIT). 67 | -------------------------------------------------------------------------------- /app/Console/Kernel.php: -------------------------------------------------------------------------------- 1 | command('inspire')->hourly(); 16 | } 17 | 18 | /** 19 | * Register the commands for the application. 20 | */ 21 | protected function commands(): void 22 | { 23 | $this->load(__DIR__.'/Commands'); 24 | 25 | require base_path('routes/console.php'); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /app/Exceptions/Handler.php: -------------------------------------------------------------------------------- 1 | , \Psr\Log\LogLevel::*> 14 | */ 15 | protected $levels = [ 16 | // 17 | ]; 18 | 19 | /** 20 | * A list of the exception types that are not reported. 21 | * 22 | * @var array> 23 | */ 24 | protected $dontReport = [ 25 | // 26 | ]; 27 | 28 | /** 29 | * A list of the inputs that are never flashed to the session on validation exceptions. 30 | * 31 | * @var array 32 | */ 33 | protected $dontFlash = [ 34 | 'current_password', 35 | 'password', 36 | 'password_confirmation', 37 | ]; 38 | 39 | /** 40 | * Register the exception handling callbacks for the application. 41 | */ 42 | public function register(): void 43 | { 44 | $this->reportable(function (Throwable $e) { 45 | // 46 | }); 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /app/Http/Controllers/AdminController.php: -------------------------------------------------------------------------------- 1 | Route::has('password.request'), 24 | 'status' => session('status'), 25 | ]); 26 | } 27 | 28 | /** 29 | * Handle an incoming authentication request. 30 | */ 31 | public function store(LoginRequest $request): RedirectResponse 32 | { 33 | $request->authenticate(); 34 | 35 | $request->session()->regenerate(); 36 | 37 | return redirect()->intended(RouteServiceProvider::HOME); 38 | } 39 | 40 | /** 41 | * Destroy an authenticated session. 42 | */ 43 | public function destroy(Request $request): RedirectResponse 44 | { 45 | Auth::guard('web')->logout(); 46 | 47 | $request->session()->invalidate(); 48 | 49 | $request->session()->regenerateToken(); 50 | 51 | return redirect('/'); 52 | } 53 | } 54 | -------------------------------------------------------------------------------- /app/Http/Controllers/Auth/ConfirmablePasswordController.php: -------------------------------------------------------------------------------- 1 | validate([ 30 | 'email' => $request->user()->email, 31 | 'password' => $request->password, 32 | ])) { 33 | throw ValidationException::withMessages([ 34 | 'password' => __('auth.password'), 35 | ]); 36 | } 37 | 38 | $request->session()->put('auth.password_confirmed_at', time()); 39 | 40 | return redirect()->intended(RouteServiceProvider::HOME); 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /app/Http/Controllers/Auth/EmailVerificationNotificationController.php: -------------------------------------------------------------------------------- 1 | user()->hasVerifiedEmail()) { 18 | return redirect()->intended(RouteServiceProvider::HOME); 19 | } 20 | 21 | $request->user()->sendEmailVerificationNotification(); 22 | 23 | return back()->with('status', 'verification-link-sent'); 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /app/Http/Controllers/Auth/EmailVerificationPromptController.php: -------------------------------------------------------------------------------- 1 | user()->hasVerifiedEmail() 20 | ? redirect()->intended(RouteServiceProvider::HOME) 21 | : Inertia::render('Auth/VerifyEmail', ['status' => session('status')]); 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /app/Http/Controllers/Auth/NewPasswordController.php: -------------------------------------------------------------------------------- 1 | $request->email, 26 | 'token' => $request->route('token'), 27 | ]); 28 | } 29 | 30 | /** 31 | * Handle an incoming new password request. 32 | * 33 | * @throws \Illuminate\Validation\ValidationException 34 | */ 35 | public function store(Request $request): RedirectResponse 36 | { 37 | $request->validate([ 38 | 'token' => 'required', 39 | 'email' => 'required|email', 40 | 'password' => ['required', 'confirmed', Rules\Password::defaults()], 41 | ]); 42 | 43 | // Here we will attempt to reset the user's password. If it is successful we 44 | // will update the password on an actual user model and persist it to the 45 | // database. Otherwise we will parse the error and return the response. 46 | $status = Password::reset( 47 | $request->only('email', 'password', 'password_confirmation', 'token'), 48 | function ($user) use ($request) { 49 | $user->forceFill([ 50 | 'password' => Hash::make($request->password), 51 | 'remember_token' => Str::random(60), 52 | ])->save(); 53 | 54 | event(new PasswordReset($user)); 55 | } 56 | ); 57 | 58 | // If the password was successfully reset, we will redirect the user back to 59 | // the application's home authenticated view. If there is an error we can 60 | // redirect them back to where they came from with their error message. 61 | if ($status == Password::PASSWORD_RESET) { 62 | return redirect()->route('login')->with('status', __($status)); 63 | } 64 | 65 | throw ValidationException::withMessages([ 66 | 'email' => [trans($status)], 67 | ]); 68 | } 69 | } 70 | -------------------------------------------------------------------------------- /app/Http/Controllers/Auth/PasswordController.php: -------------------------------------------------------------------------------- 1 | validate([ 19 | 'current_password' => ['required', 'current_password'], 20 | 'password' => ['required', Password::defaults(), 'confirmed'], 21 | ]); 22 | 23 | $request->user()->update([ 24 | 'password' => Hash::make($validated['password']), 25 | ]); 26 | 27 | return back(); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /app/Http/Controllers/Auth/PasswordResetLinkController.php: -------------------------------------------------------------------------------- 1 | session('status'), 22 | ]); 23 | } 24 | 25 | /** 26 | * Handle an incoming password reset link request. 27 | * 28 | * @throws \Illuminate\Validation\ValidationException 29 | */ 30 | public function store(Request $request): RedirectResponse 31 | { 32 | $request->validate([ 33 | 'email' => 'required|email', 34 | ]); 35 | 36 | // We will send the password reset link to this user. Once we have attempted 37 | // to send the link, we will examine the response then see the message we 38 | // need to show to the user. Finally, we'll send out a proper response. 39 | $status = Password::sendResetLink( 40 | $request->only('email') 41 | ); 42 | 43 | if ($status == Password::RESET_LINK_SENT) { 44 | return back()->with('status', __($status)); 45 | } 46 | 47 | throw ValidationException::withMessages([ 48 | 'email' => [trans($status)], 49 | ]); 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /app/Http/Controllers/Auth/RegisteredUserController.php: -------------------------------------------------------------------------------- 1 | validate([ 35 | 'name' => 'required|string|max:255', 36 | 'email' => 'required|string|email|max:255|unique:'.User::class, 37 | 'password' => ['required', 'confirmed', Rules\Password::defaults()], 38 | ]); 39 | 40 | $user = User::create([ 41 | 'name' => $request->name, 42 | 'email' => $request->email, 43 | 'password' => Hash::make($request->password), 44 | ]); 45 | 46 | event(new Registered($user)); 47 | 48 | Auth::login($user); 49 | 50 | return redirect(RouteServiceProvider::HOME); 51 | } 52 | } 53 | -------------------------------------------------------------------------------- /app/Http/Controllers/Auth/VerifyEmailController.php: -------------------------------------------------------------------------------- 1 | user()->hasVerifiedEmail()) { 19 | return redirect()->intended(RouteServiceProvider::HOME.'?verified=1'); 20 | } 21 | 22 | if ($request->user()->markEmailAsVerified()) { 23 | event(new Verified($request->user())); 24 | } 25 | 26 | return redirect()->intended(RouteServiceProvider::HOME.'?verified=1'); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /app/Http/Controllers/Controller.php: -------------------------------------------------------------------------------- 1 | PermissionResource::collection(Permission::all()) 21 | ]); 22 | } 23 | /** 24 | * Show the form for creating a new resource. 25 | */ 26 | public function create(): Response 27 | { 28 | return Inertia::render('Admin/Permissions/Create'); 29 | } 30 | /** 31 | * Store a newly created resource in storage. 32 | */ 33 | public function store(CreatePermissionRequest $request): RedirectResponse 34 | { 35 | Permission::create($request->validated()); 36 | return to_route('permissions.index'); 37 | } 38 | /** 39 | * Show the form for editing the specified resource. 40 | */ 41 | public function edit(Permission $permission): Response 42 | { 43 | return Inertia::render('Admin/Permissions/Edit', [ 44 | 'permission' => new PermissionResource($permission) 45 | ]); 46 | } 47 | /** 48 | * Update the specified resource in storage. 49 | */ 50 | public function update(CreatePermissionRequest $request, Permission $permission): RedirectResponse 51 | { 52 | $permission->update($request->validated()); 53 | 54 | return to_route('permissions.index'); 55 | } 56 | /** 57 | * Remove the specified resource from storage. 58 | */ 59 | public function destroy(Permission $permission): RedirectResponse 60 | { 61 | $permission->delete(); 62 | return back(); 63 | } 64 | } 65 | -------------------------------------------------------------------------------- /app/Http/Controllers/PostController.php: -------------------------------------------------------------------------------- 1 | PostResource::collection($posts) 21 | ]); 22 | } 23 | 24 | public function create(): Response 25 | { 26 | $this->authorize('create', Post::class); 27 | return Inertia::render('Admin/Posts/Create'); 28 | } 29 | 30 | public function store(CreatePostRequest $request): RedirectResponse 31 | { 32 | $this->authorize('create', Post::class); 33 | Post::create($request->validated()); 34 | 35 | return to_route('posts.index'); 36 | } 37 | 38 | public function edit(Post $post): Response 39 | { 40 | $this->authorize('update', $post); 41 | return Inertia::render('Admin/Posts/Edit', [ 42 | 'post' => new PostResource($post) 43 | ]); 44 | } 45 | 46 | public function update(CreatePostRequest $request, Post $post): RedirectResponse 47 | { 48 | $this->authorize('update', $post); 49 | $post->update($request->validated()); 50 | 51 | return to_route('posts.index'); 52 | } 53 | 54 | public function destroy(Post $post): RedirectResponse 55 | { 56 | $this->authorize('delete', $post); 57 | $post->delete(); 58 | return back(); 59 | } 60 | } 61 | -------------------------------------------------------------------------------- /app/Http/Controllers/ProfileController.php: -------------------------------------------------------------------------------- 1 | $request->user() instanceof MustVerifyEmail, 23 | 'status' => session('status'), 24 | ]); 25 | } 26 | 27 | /** 28 | * Update the user's profile information. 29 | */ 30 | public function update(ProfileUpdateRequest $request): RedirectResponse 31 | { 32 | $request->user()->fill($request->validated()); 33 | 34 | if ($request->user()->isDirty('email')) { 35 | $request->user()->email_verified_at = null; 36 | } 37 | 38 | $request->user()->save(); 39 | 40 | return Redirect::route('profile.edit'); 41 | } 42 | 43 | /** 44 | * Delete the user's account. 45 | */ 46 | public function destroy(Request $request): RedirectResponse 47 | { 48 | $request->validate([ 49 | 'password' => ['required', 'current-password'], 50 | ]); 51 | 52 | $user = $request->user(); 53 | 54 | Auth::logout(); 55 | 56 | $user->delete(); 57 | 58 | $request->session()->invalidate(); 59 | $request->session()->regenerateToken(); 60 | 61 | return Redirect::to('/'); 62 | } 63 | } 64 | -------------------------------------------------------------------------------- /app/Http/Controllers/RemoveRoleFromUserController.php: -------------------------------------------------------------------------------- 1 | removeRole($role); 17 | return back(); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /app/Http/Controllers/RevokePermissionFromRoleController.php: -------------------------------------------------------------------------------- 1 | revokePermissionTo($permission); 17 | return back(); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /app/Http/Controllers/RevokePermissionFromUserController.php: -------------------------------------------------------------------------------- 1 | revokePermissionTo($permission); 17 | return back(); 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /app/Http/Controllers/RoleController.php: -------------------------------------------------------------------------------- 1 | RoleResource::collection(Role::all()) 23 | ]); 24 | } 25 | 26 | /** 27 | * Show the form for creating a new resource. 28 | */ 29 | public function create(): Response 30 | { 31 | return Inertia::render('Admin/Roles/Create', [ 32 | 'permissions' => PermissionResource::collection(Permission::all()) 33 | ]); 34 | } 35 | 36 | /** 37 | * Store a newly created resource in storage. 38 | */ 39 | public function store(CreateRoleRequest $request) 40 | { 41 | $role = Role::create(['name' => $request->name]); 42 | if ($request->has('permissions')) { 43 | $role->syncPermissions($request->input('permissions.*.name')); 44 | } 45 | return to_route('roles.index'); 46 | } 47 | 48 | /** 49 | * Show the form for editing the specified resource. 50 | */ 51 | public function edit(string $id) 52 | { 53 | $role = Role::findById($id); 54 | $role->load('permissions'); 55 | 56 | return Inertia::render('Admin/Roles/Edit', [ 57 | 'role' => new RoleResource($role), 58 | 'permissions' => PermissionResource::collection(Permission::all()) 59 | ]); 60 | } 61 | 62 | /** 63 | * Update the specified resource in storage. 64 | */ 65 | public function update(CreateRoleRequest $request, string $id) 66 | { 67 | $role = Role::findById($id); 68 | $role->update([ 69 | 'name' => $request->name 70 | ]); 71 | $role->syncPermissions($request->input('permissions.*.name')); 72 | return back(); 73 | } 74 | 75 | /** 76 | * Remove the specified resource from storage. 77 | */ 78 | public function destroy(string $id) 79 | { 80 | $role = Role::findById($id); 81 | $role->delete(); 82 | return back(); 83 | } 84 | } 85 | -------------------------------------------------------------------------------- /app/Http/Controllers/UserController.php: -------------------------------------------------------------------------------- 1 | UserResource::collection(User::all()) 28 | ]); 29 | } 30 | 31 | /** 32 | * Show the form for creating a new resource. 33 | */ 34 | public function create(): Response 35 | { 36 | return Inertia::render('Admin/Users/Create', [ 37 | 'roles' => RoleResource::collection(Role::all()), 38 | 'permissions' => PermissionResource::collection(Permission::all()) 39 | ]); 40 | } 41 | 42 | /** 43 | * Store a newly created resource in storage. 44 | */ 45 | public function store(Request $request): RedirectResponse 46 | { 47 | $request->validate([ 48 | 'name' => 'required|string|max:255', 49 | 'email' => 'required|string|email|max:255|unique:' . User::class, 50 | 'password' => ['required', 'confirmed', Rules\Password::defaults()], 51 | ]); 52 | 53 | $user = User::create([ 54 | 'name' => $request->name, 55 | 'email' => $request->email, 56 | 'password' => Hash::make($request->password), 57 | ]); 58 | $user->syncRoles($request->input('roles.*.name')); 59 | $user->syncPermissions($request->input('permissions.*.name')); 60 | return to_route('users.index'); 61 | } 62 | 63 | /** 64 | * Show the form for editing the specified resource. 65 | */ 66 | public function edit(User $user): Response 67 | { 68 | $user->load(['roles', 'permissions']); 69 | return Inertia::render('Admin/Users/Edit', [ 70 | 'user' => new UserResource($user), 71 | 'roles' => RoleResource::collection(Role::all()), 72 | 'permissions' => PermissionResource::collection(Permission::all()) 73 | ]); 74 | } 75 | 76 | /** 77 | * Update the specified resource in storage. 78 | */ 79 | public function update(Request $request, User $user): RedirectResponse 80 | { 81 | $request->validate([ 82 | 'name' => 'required|string|max:255', 83 | 'email' => 'required|string|email|max:255|' . Rule::unique('users', 'email')->ignore($user), 84 | 'roles' => ['sometimes', 'array'], 85 | 'permissions' => ['sometimes', 'array'] 86 | ]); 87 | 88 | $user->update([ 89 | 'name' => $request->name, 90 | 'email' => $request->email 91 | ]); 92 | 93 | $user->syncRoles($request->input('roles.*.name')); 94 | $user->syncPermissions($request->input('permissions.*.name')); 95 | 96 | return back(); 97 | } 98 | 99 | /** 100 | * Remove the specified resource from storage. 101 | */ 102 | public function destroy(User $user): RedirectResponse 103 | { 104 | $user->delete(); 105 | return to_route('users.index'); 106 | } 107 | } 108 | -------------------------------------------------------------------------------- /app/Http/Kernel.php: -------------------------------------------------------------------------------- 1 | 15 | */ 16 | protected $middleware = [ 17 | // \App\Http\Middleware\TrustHosts::class, 18 | \App\Http\Middleware\TrustProxies::class, 19 | \Illuminate\Http\Middleware\HandleCors::class, 20 | \App\Http\Middleware\PreventRequestsDuringMaintenance::class, 21 | \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class, 22 | \App\Http\Middleware\TrimStrings::class, 23 | \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class, 24 | ]; 25 | 26 | /** 27 | * The application's route middleware groups. 28 | * 29 | * @var array> 30 | */ 31 | protected $middlewareGroups = [ 32 | 'web' => [ 33 | \App\Http\Middleware\EncryptCookies::class, 34 | \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, 35 | \Illuminate\Session\Middleware\StartSession::class, 36 | \Illuminate\View\Middleware\ShareErrorsFromSession::class, 37 | \App\Http\Middleware\VerifyCsrfToken::class, 38 | \Illuminate\Routing\Middleware\SubstituteBindings::class, 39 | \App\Http\Middleware\HandleInertiaRequests::class, 40 | \Illuminate\Http\Middleware\AddLinkHeadersForPreloadedAssets::class, 41 | ], 42 | 43 | 'api' => [ 44 | // \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class, 45 | \Illuminate\Routing\Middleware\ThrottleRequests::class . ':api', 46 | \Illuminate\Routing\Middleware\SubstituteBindings::class, 47 | ], 48 | ]; 49 | 50 | /** 51 | * The application's middleware aliases. 52 | * 53 | * Aliases may be used to conveniently assign middleware to routes and groups. 54 | * 55 | * @var array 56 | */ 57 | protected $middlewareAliases = [ 58 | 'auth' => \App\Http\Middleware\Authenticate::class, 59 | 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 60 | 'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class, 61 | 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class, 62 | 'can' => \Illuminate\Auth\Middleware\Authorize::class, 63 | 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 64 | 'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class, 65 | 'signed' => \App\Http\Middleware\ValidateSignature::class, 66 | 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, 67 | 'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class, 68 | 'role' => \Spatie\Permission\Middlewares\RoleMiddleware::class, 69 | ]; 70 | } 71 | -------------------------------------------------------------------------------- /app/Http/Middleware/Authenticate.php: -------------------------------------------------------------------------------- 1 | expectsJson() ? null : route('login'); 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /app/Http/Middleware/EncryptCookies.php: -------------------------------------------------------------------------------- 1 | 13 | */ 14 | protected $except = [ 15 | // 16 | ]; 17 | } 18 | -------------------------------------------------------------------------------- /app/Http/Middleware/HandleInertiaRequests.php: -------------------------------------------------------------------------------- 1 | 31 | */ 32 | public function share(Request $request): array 33 | { 34 | return array_merge(parent::share($request), [ 35 | 'auth.user' => fn () => $request->user() 36 | ? new UserSharedResource($request->user()) 37 | : null, 38 | 'ziggy' => function () use ($request) { 39 | return array_merge((new Ziggy)->toArray(), [ 40 | 'location' => $request->url(), 41 | ]); 42 | }, 43 | ]); 44 | } 45 | } 46 | -------------------------------------------------------------------------------- /app/Http/Middleware/PreventRequestsDuringMaintenance.php: -------------------------------------------------------------------------------- 1 | 13 | */ 14 | protected $except = [ 15 | // 16 | ]; 17 | } 18 | -------------------------------------------------------------------------------- /app/Http/Middleware/RedirectIfAuthenticated.php: -------------------------------------------------------------------------------- 1 | check()) { 24 | return redirect(RouteServiceProvider::HOME); 25 | } 26 | } 27 | 28 | return $next($request); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /app/Http/Middleware/TrimStrings.php: -------------------------------------------------------------------------------- 1 | 13 | */ 14 | protected $except = [ 15 | 'current_password', 16 | 'password', 17 | 'password_confirmation', 18 | ]; 19 | } 20 | -------------------------------------------------------------------------------- /app/Http/Middleware/TrustHosts.php: -------------------------------------------------------------------------------- 1 | 13 | */ 14 | public function hosts(): array 15 | { 16 | return [ 17 | $this->allSubdomainsOfApplicationUrl(), 18 | ]; 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /app/Http/Middleware/TrustProxies.php: -------------------------------------------------------------------------------- 1 | |string|null 14 | */ 15 | protected $proxies; 16 | 17 | /** 18 | * The headers that should be used to detect proxies. 19 | * 20 | * @var int 21 | */ 22 | protected $headers = 23 | Request::HEADER_X_FORWARDED_FOR | 24 | Request::HEADER_X_FORWARDED_HOST | 25 | Request::HEADER_X_FORWARDED_PORT | 26 | Request::HEADER_X_FORWARDED_PROTO | 27 | Request::HEADER_X_FORWARDED_AWS_ELB; 28 | } 29 | -------------------------------------------------------------------------------- /app/Http/Middleware/ValidateSignature.php: -------------------------------------------------------------------------------- 1 | 13 | */ 14 | protected $except = [ 15 | // 'fbclid', 16 | // 'utm_campaign', 17 | // 'utm_content', 18 | // 'utm_medium', 19 | // 'utm_source', 20 | // 'utm_term', 21 | ]; 22 | } 23 | -------------------------------------------------------------------------------- /app/Http/Middleware/VerifyCsrfToken.php: -------------------------------------------------------------------------------- 1 | 13 | */ 14 | protected $except = [ 15 | // 16 | ]; 17 | } 18 | -------------------------------------------------------------------------------- /app/Http/Requests/Auth/LoginRequest.php: -------------------------------------------------------------------------------- 1 | 26 | */ 27 | public function rules(): array 28 | { 29 | return [ 30 | 'email' => ['required', 'string', 'email'], 31 | 'password' => ['required', 'string'], 32 | ]; 33 | } 34 | 35 | /** 36 | * Attempt to authenticate the request's credentials. 37 | * 38 | * @throws \Illuminate\Validation\ValidationException 39 | */ 40 | public function authenticate(): void 41 | { 42 | $this->ensureIsNotRateLimited(); 43 | 44 | if (! Auth::attempt($this->only('email', 'password'), $this->boolean('remember'))) { 45 | RateLimiter::hit($this->throttleKey()); 46 | 47 | throw ValidationException::withMessages([ 48 | 'email' => trans('auth.failed'), 49 | ]); 50 | } 51 | 52 | RateLimiter::clear($this->throttleKey()); 53 | } 54 | 55 | /** 56 | * Ensure the login request is not rate limited. 57 | * 58 | * @throws \Illuminate\Validation\ValidationException 59 | */ 60 | public function ensureIsNotRateLimited(): void 61 | { 62 | if (! RateLimiter::tooManyAttempts($this->throttleKey(), 5)) { 63 | return; 64 | } 65 | 66 | event(new Lockout($this)); 67 | 68 | $seconds = RateLimiter::availableIn($this->throttleKey()); 69 | 70 | throw ValidationException::withMessages([ 71 | 'email' => trans('auth.throttle', [ 72 | 'seconds' => $seconds, 73 | 'minutes' => ceil($seconds / 60), 74 | ]), 75 | ]); 76 | } 77 | 78 | /** 79 | * Get the rate limiting throttle key for the request. 80 | */ 81 | public function throttleKey(): string 82 | { 83 | return Str::transliterate(Str::lower($this->input('email')).'|'.$this->ip()); 84 | } 85 | } 86 | -------------------------------------------------------------------------------- /app/Http/Requests/CreatePermissionRequest.php: -------------------------------------------------------------------------------- 1 | 22 | */ 23 | public function rules(): array 24 | { 25 | return [ 26 | 'name' => ['required', 'string', 'max:100', Rule::unique('permissions', 'name')->ignore($this->permission)] 27 | ]; 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /app/Http/Requests/CreatePostRequest.php: -------------------------------------------------------------------------------- 1 | 21 | */ 22 | public function rules(): array 23 | { 24 | return [ 25 | 'title' => ['required', 'string', 'max:255'] 26 | ]; 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /app/Http/Requests/CreateRoleRequest.php: -------------------------------------------------------------------------------- 1 | 22 | */ 23 | public function rules(): array 24 | { 25 | return [ 26 | 'name' => ['required', 'string', 'max:30', Rule::unique('roles', 'name')->ignore($this->role)], 27 | 'permissions' => ['sometimes', 'array'] 28 | ]; 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /app/Http/Requests/ProfileUpdateRequest.php: -------------------------------------------------------------------------------- 1 | 15 | */ 16 | public function rules(): array 17 | { 18 | return [ 19 | 'name' => ['string', 'max:255'], 20 | 'email' => ['email', 'max:255', Rule::unique(User::class)->ignore($this->user()->id)], 21 | ]; 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /app/Http/Resources/PermissionResource.php: -------------------------------------------------------------------------------- 1 | 14 | */ 15 | public function toArray(Request $request): array 16 | { 17 | return [ 18 | 'id' => $this->id, 19 | 'name' => $this->name 20 | ]; 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /app/Http/Resources/PostResource.php: -------------------------------------------------------------------------------- 1 | 14 | */ 15 | public function toArray(Request $request): array 16 | { 17 | return [ 18 | 'id' => $this->id, 19 | 'title' => $this->title 20 | ]; 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /app/Http/Resources/RoleResource.php: -------------------------------------------------------------------------------- 1 | 14 | */ 15 | public function toArray(Request $request): array 16 | { 17 | return [ 18 | 'id' => $this->id, 19 | 'name' => $this->name, 20 | 'permissions' => PermissionResource::collection($this->whenLoaded('permissions')) 21 | ]; 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /app/Http/Resources/UserResource.php: -------------------------------------------------------------------------------- 1 | 14 | */ 15 | public function toArray(Request $request): array 16 | { 17 | return [ 18 | 'id' => $this->id, 19 | 'name' => $this->name, 20 | 'email' => $this->email, 21 | 'roles' => RoleResource::collection($this->whenLoaded('roles')), 22 | 'permissions' => PermissionResource::collection($this->whenLoaded('permissions')), 23 | ]; 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /app/Http/Resources/UserSharedResource.php: -------------------------------------------------------------------------------- 1 | 14 | */ 15 | public function toArray(Request $request): array 16 | { 17 | return [ 18 | 'id' => $this->id, 19 | 'name' => $this->name, 20 | 'email' => $this->email, 21 | 'roles' => $this->getRoleNames(), 22 | 'permissions' => $this->getAllPermissions()->pluck('name'), 23 | ]; 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /app/Models/Post.php: -------------------------------------------------------------------------------- 1 | 20 | */ 21 | protected $fillable = [ 22 | 'name', 23 | 'email', 24 | 'password', 25 | ]; 26 | 27 | /** 28 | * The attributes that should be hidden for serialization. 29 | * 30 | * @var array 31 | */ 32 | protected $hidden = [ 33 | 'password', 34 | 'remember_token', 35 | ]; 36 | 37 | /** 38 | * The attributes that should be cast. 39 | * 40 | * @var array 41 | */ 42 | protected $casts = [ 43 | 'email_verified_at' => 'datetime', 44 | ]; 45 | } 46 | -------------------------------------------------------------------------------- /app/Policies/PostPolicy.php: -------------------------------------------------------------------------------- 1 | hasPermissionTo('create post') ? true : false; 33 | } 34 | 35 | /** 36 | * Determine whether the user can update the model. 37 | */ 38 | public function update(User $user, Post $post): bool 39 | { 40 | return $user->hasPermissionTo('update post') ? true : false; 41 | } 42 | 43 | /** 44 | * Determine whether the user can delete the model. 45 | */ 46 | public function delete(User $user, Post $post): bool 47 | { 48 | return $user->hasPermissionTo('delete post') ? true : false; 49 | } 50 | 51 | /** 52 | * Determine whether the user can restore the model. 53 | */ 54 | public function restore(User $user, Post $post): bool 55 | { 56 | // 57 | } 58 | 59 | /** 60 | * Determine whether the user can permanently delete the model. 61 | */ 62 | public function forceDelete(User $user, Post $post): bool 63 | { 64 | // 65 | } 66 | } 67 | -------------------------------------------------------------------------------- /app/Providers/AppServiceProvider.php: -------------------------------------------------------------------------------- 1 | 14 | */ 15 | protected $policies = [ 16 | // 'App\Models\Model' => 'App\Policies\ModelPolicy', 17 | ]; 18 | 19 | /** 20 | * Register any authentication / authorization services. 21 | */ 22 | public function boot(): void 23 | { 24 | // 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /app/Providers/BroadcastServiceProvider.php: -------------------------------------------------------------------------------- 1 | > 16 | */ 17 | protected $listen = [ 18 | Registered::class => [ 19 | SendEmailVerificationNotification::class, 20 | ], 21 | ]; 22 | 23 | /** 24 | * Register any events for your application. 25 | */ 26 | public function boot(): void 27 | { 28 | // 29 | } 30 | 31 | /** 32 | * Determine if events and listeners should be automatically discovered. 33 | */ 34 | public function shouldDiscoverEvents(): bool 35 | { 36 | return false; 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /app/Providers/RouteServiceProvider.php: -------------------------------------------------------------------------------- 1 | configureRateLimiting(); 28 | 29 | $this->routes(function () { 30 | Route::middleware('api') 31 | ->prefix('api') 32 | ->group(base_path('routes/api.php')); 33 | 34 | Route::middleware('web') 35 | ->group(base_path('routes/web.php')); 36 | }); 37 | } 38 | 39 | /** 40 | * Configure the rate limiters for the application. 41 | */ 42 | protected function configureRateLimiting(): void 43 | { 44 | RateLimiter::for('api', function (Request $request) { 45 | return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip()); 46 | }); 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /artisan: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env php 2 | make(Illuminate\Contracts\Console\Kernel::class); 34 | 35 | $status = $kernel->handle( 36 | $input = new Symfony\Component\Console\Input\ArgvInput, 37 | new Symfony\Component\Console\Output\ConsoleOutput 38 | ); 39 | 40 | /* 41 | |-------------------------------------------------------------------------- 42 | | Shutdown The Application 43 | |-------------------------------------------------------------------------- 44 | | 45 | | Once Artisan has finished running, we will fire off the shutdown events 46 | | so that any final work may be done by the application before we shut 47 | | down the process. This is the last thing to happen to the request. 48 | | 49 | */ 50 | 51 | $kernel->terminate($input, $status); 52 | 53 | exit($status); 54 | -------------------------------------------------------------------------------- /bootstrap/app.php: -------------------------------------------------------------------------------- 1 | singleton( 30 | Illuminate\Contracts\Http\Kernel::class, 31 | App\Http\Kernel::class 32 | ); 33 | 34 | $app->singleton( 35 | Illuminate\Contracts\Console\Kernel::class, 36 | App\Console\Kernel::class 37 | ); 38 | 39 | $app->singleton( 40 | Illuminate\Contracts\Debug\ExceptionHandler::class, 41 | App\Exceptions\Handler::class 42 | ); 43 | 44 | /* 45 | |-------------------------------------------------------------------------- 46 | | Return The Application 47 | |-------------------------------------------------------------------------- 48 | | 49 | | This script returns the application instance. The instance is given to 50 | | the calling script so we can separate the building of the instances 51 | | from the actual running of the application and sending responses. 52 | | 53 | */ 54 | 55 | return $app; 56 | -------------------------------------------------------------------------------- /bootstrap/cache/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "laravel/laravel", 3 | "type": "project", 4 | "description": "The Laravel Framework.", 5 | "keywords": ["framework", "laravel"], 6 | "license": "MIT", 7 | "require": { 8 | "php": "^8.1", 9 | "guzzlehttp/guzzle": "^7.2", 10 | "inertiajs/inertia-laravel": "^0.6.8", 11 | "laravel/breeze": "^1.19", 12 | "laravel/framework": "^10.0", 13 | "laravel/sanctum": "^3.2", 14 | "laravel/tinker": "^2.8", 15 | "spatie/laravel-permission": "^5.9", 16 | "tightenco/ziggy": "^1.0" 17 | }, 18 | "require-dev": { 19 | "fakerphp/faker": "^1.9.1", 20 | "laravel/pint": "^1.0", 21 | "laravel/sail": "^1.18", 22 | "mockery/mockery": "^1.4.4", 23 | "nunomaduro/collision": "^6.4", 24 | "pestphp/pest": "^1.22", 25 | "pestphp/pest-plugin-laravel": "^1.2", 26 | "spatie/laravel-ignition": "^2.0" 27 | }, 28 | "autoload": { 29 | "psr-4": { 30 | "App\\": "app/", 31 | "Database\\Factories\\": "database/factories/", 32 | "Database\\Seeders\\": "database/seeders/" 33 | } 34 | }, 35 | "autoload-dev": { 36 | "psr-4": { 37 | "Tests\\": "tests/" 38 | } 39 | }, 40 | "scripts": { 41 | "post-autoload-dump": [ 42 | "Illuminate\\Foundation\\ComposerScripts::postAutoloadDump", 43 | "@php artisan package:discover --ansi" 44 | ], 45 | "post-update-cmd": [ 46 | "@php artisan vendor:publish --tag=laravel-assets --ansi --force" 47 | ], 48 | "post-root-package-install": [ 49 | "@php -r \"file_exists('.env') || copy('.env.example', '.env');\"" 50 | ], 51 | "post-create-project-cmd": [ 52 | "@php artisan key:generate --ansi" 53 | ] 54 | }, 55 | "extra": { 56 | "laravel": { 57 | "dont-discover": [] 58 | } 59 | }, 60 | "config": { 61 | "optimize-autoloader": true, 62 | "preferred-install": "dist", 63 | "sort-packages": true, 64 | "allow-plugins": { 65 | "pestphp/pest-plugin": true, 66 | "php-http/discovery": true 67 | } 68 | }, 69 | "minimum-stability": "stable", 70 | "prefer-stable": true 71 | } 72 | -------------------------------------------------------------------------------- /config/auth.php: -------------------------------------------------------------------------------- 1 | [ 17 | 'guard' => 'web', 18 | 'passwords' => 'users', 19 | ], 20 | 21 | /* 22 | |-------------------------------------------------------------------------- 23 | | Authentication Guards 24 | |-------------------------------------------------------------------------- 25 | | 26 | | Next, you may define every authentication guard for your application. 27 | | Of course, a great default configuration has been defined for you 28 | | here which uses session storage and the Eloquent user provider. 29 | | 30 | | All authentication drivers have a user provider. This defines how the 31 | | users are actually retrieved out of your database or other storage 32 | | mechanisms used by this application to persist your user's data. 33 | | 34 | | Supported: "session" 35 | | 36 | */ 37 | 38 | 'guards' => [ 39 | 'web' => [ 40 | 'driver' => 'session', 41 | 'provider' => 'users', 42 | ], 43 | ], 44 | 45 | /* 46 | |-------------------------------------------------------------------------- 47 | | User Providers 48 | |-------------------------------------------------------------------------- 49 | | 50 | | All authentication drivers have a user provider. This defines how the 51 | | users are actually retrieved out of your database or other storage 52 | | mechanisms used by this application to persist your user's data. 53 | | 54 | | If you have multiple user tables or models you may configure multiple 55 | | sources which represent each model / table. These sources may then 56 | | be assigned to any extra authentication guards you have defined. 57 | | 58 | | Supported: "database", "eloquent" 59 | | 60 | */ 61 | 62 | 'providers' => [ 63 | 'users' => [ 64 | 'driver' => 'eloquent', 65 | 'model' => App\Models\User::class, 66 | ], 67 | 68 | // 'users' => [ 69 | // 'driver' => 'database', 70 | // 'table' => 'users', 71 | // ], 72 | ], 73 | 74 | /* 75 | |-------------------------------------------------------------------------- 76 | | Resetting Passwords 77 | |-------------------------------------------------------------------------- 78 | | 79 | | You may specify multiple password reset configurations if you have more 80 | | than one user table or model in the application and you want to have 81 | | separate password reset settings based on the specific user types. 82 | | 83 | | The expire time is the number of minutes that each reset token will be 84 | | considered valid. This security feature keeps tokens short-lived so 85 | | they have less time to be guessed. You may change this as needed. 86 | | 87 | | The throttle setting is the number of seconds a user must wait before 88 | | generating more password reset tokens. This prevents the user from 89 | | quickly generating a very large amount of password reset tokens. 90 | | 91 | */ 92 | 93 | 'passwords' => [ 94 | 'users' => [ 95 | 'provider' => 'users', 96 | 'table' => 'password_reset_tokens', 97 | 'expire' => 60, 98 | 'throttle' => 60, 99 | ], 100 | ], 101 | 102 | /* 103 | |-------------------------------------------------------------------------- 104 | | Password Confirmation Timeout 105 | |-------------------------------------------------------------------------- 106 | | 107 | | Here you may define the amount of seconds before a password confirmation 108 | | times out and the user is prompted to re-enter their password via the 109 | | confirmation screen. By default, the timeout lasts for three hours. 110 | | 111 | */ 112 | 113 | 'password_timeout' => 10800, 114 | 115 | ]; 116 | -------------------------------------------------------------------------------- /config/broadcasting.php: -------------------------------------------------------------------------------- 1 | env('BROADCAST_DRIVER', 'null'), 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Broadcast Connections 23 | |-------------------------------------------------------------------------- 24 | | 25 | | Here you may define all of the broadcast connections that will be used 26 | | to broadcast events to other systems or over websockets. Samples of 27 | | each available type of connection are provided inside this array. 28 | | 29 | */ 30 | 31 | 'connections' => [ 32 | 33 | 'pusher' => [ 34 | 'driver' => 'pusher', 35 | 'key' => env('PUSHER_APP_KEY'), 36 | 'secret' => env('PUSHER_APP_SECRET'), 37 | 'app_id' => env('PUSHER_APP_ID'), 38 | 'options' => [ 39 | 'host' => env('PUSHER_HOST') ?: 'api-'.env('PUSHER_APP_CLUSTER', 'mt1').'.pusher.com', 40 | 'port' => env('PUSHER_PORT', 443), 41 | 'scheme' => env('PUSHER_SCHEME', 'https'), 42 | 'encrypted' => true, 43 | 'useTLS' => env('PUSHER_SCHEME', 'https') === 'https', 44 | ], 45 | 'client_options' => [ 46 | // Guzzle client options: https://docs.guzzlephp.org/en/stable/request-options.html 47 | ], 48 | ], 49 | 50 | 'ably' => [ 51 | 'driver' => 'ably', 52 | 'key' => env('ABLY_KEY'), 53 | ], 54 | 55 | 'redis' => [ 56 | 'driver' => 'redis', 57 | 'connection' => 'default', 58 | ], 59 | 60 | 'log' => [ 61 | 'driver' => 'log', 62 | ], 63 | 64 | 'null' => [ 65 | 'driver' => 'null', 66 | ], 67 | 68 | ], 69 | 70 | ]; 71 | -------------------------------------------------------------------------------- /config/cache.php: -------------------------------------------------------------------------------- 1 | env('CACHE_DRIVER', 'file'), 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Cache Stores 23 | |-------------------------------------------------------------------------- 24 | | 25 | | Here you may define all of the cache "stores" for your application as 26 | | well as their drivers. You may even define multiple stores for the 27 | | same cache driver to group types of items stored in your caches. 28 | | 29 | | Supported drivers: "apc", "array", "database", "file", 30 | | "memcached", "redis", "dynamodb", "octane", "null" 31 | | 32 | */ 33 | 34 | 'stores' => [ 35 | 36 | 'apc' => [ 37 | 'driver' => 'apc', 38 | ], 39 | 40 | 'array' => [ 41 | 'driver' => 'array', 42 | 'serialize' => false, 43 | ], 44 | 45 | 'database' => [ 46 | 'driver' => 'database', 47 | 'table' => 'cache', 48 | 'connection' => null, 49 | 'lock_connection' => null, 50 | ], 51 | 52 | 'file' => [ 53 | 'driver' => 'file', 54 | 'path' => storage_path('framework/cache/data'), 55 | ], 56 | 57 | 'memcached' => [ 58 | 'driver' => 'memcached', 59 | 'persistent_id' => env('MEMCACHED_PERSISTENT_ID'), 60 | 'sasl' => [ 61 | env('MEMCACHED_USERNAME'), 62 | env('MEMCACHED_PASSWORD'), 63 | ], 64 | 'options' => [ 65 | // Memcached::OPT_CONNECT_TIMEOUT => 2000, 66 | ], 67 | 'servers' => [ 68 | [ 69 | 'host' => env('MEMCACHED_HOST', '127.0.0.1'), 70 | 'port' => env('MEMCACHED_PORT', 11211), 71 | 'weight' => 100, 72 | ], 73 | ], 74 | ], 75 | 76 | 'redis' => [ 77 | 'driver' => 'redis', 78 | 'connection' => 'cache', 79 | 'lock_connection' => 'default', 80 | ], 81 | 82 | 'dynamodb' => [ 83 | 'driver' => 'dynamodb', 84 | 'key' => env('AWS_ACCESS_KEY_ID'), 85 | 'secret' => env('AWS_SECRET_ACCESS_KEY'), 86 | 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), 87 | 'table' => env('DYNAMODB_CACHE_TABLE', 'cache'), 88 | 'endpoint' => env('DYNAMODB_ENDPOINT'), 89 | ], 90 | 91 | 'octane' => [ 92 | 'driver' => 'octane', 93 | ], 94 | 95 | ], 96 | 97 | /* 98 | |-------------------------------------------------------------------------- 99 | | Cache Key Prefix 100 | |-------------------------------------------------------------------------- 101 | | 102 | | When utilizing the APC, database, memcached, Redis, or DynamoDB cache 103 | | stores there might be other applications using the same cache. For 104 | | that reason, you may prefix every cache key to avoid collisions. 105 | | 106 | */ 107 | 108 | 'prefix' => env('CACHE_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_cache_'), 109 | 110 | ]; 111 | -------------------------------------------------------------------------------- /config/cors.php: -------------------------------------------------------------------------------- 1 | ['api/*', 'sanctum/csrf-cookie'], 19 | 20 | 'allowed_methods' => ['*'], 21 | 22 | 'allowed_origins' => ['*'], 23 | 24 | 'allowed_origins_patterns' => [], 25 | 26 | 'allowed_headers' => ['*'], 27 | 28 | 'exposed_headers' => [], 29 | 30 | 'max_age' => 0, 31 | 32 | 'supports_credentials' => false, 33 | 34 | ]; 35 | -------------------------------------------------------------------------------- /config/filesystems.php: -------------------------------------------------------------------------------- 1 | env('FILESYSTEM_DISK', 'local'), 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Filesystem Disks 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Here you may configure as many filesystem "disks" as you wish, and you 24 | | may even configure multiple disks of the same driver. Defaults have 25 | | been set up for each driver as an example of the required values. 26 | | 27 | | Supported Drivers: "local", "ftp", "sftp", "s3" 28 | | 29 | */ 30 | 31 | 'disks' => [ 32 | 33 | 'local' => [ 34 | 'driver' => 'local', 35 | 'root' => storage_path('app'), 36 | 'throw' => false, 37 | ], 38 | 39 | 'public' => [ 40 | 'driver' => 'local', 41 | 'root' => storage_path('app/public'), 42 | 'url' => env('APP_URL').'/storage', 43 | 'visibility' => 'public', 44 | 'throw' => false, 45 | ], 46 | 47 | 's3' => [ 48 | 'driver' => 's3', 49 | 'key' => env('AWS_ACCESS_KEY_ID'), 50 | 'secret' => env('AWS_SECRET_ACCESS_KEY'), 51 | 'region' => env('AWS_DEFAULT_REGION'), 52 | 'bucket' => env('AWS_BUCKET'), 53 | 'url' => env('AWS_URL'), 54 | 'endpoint' => env('AWS_ENDPOINT'), 55 | 'use_path_style_endpoint' => env('AWS_USE_PATH_STYLE_ENDPOINT', false), 56 | 'throw' => false, 57 | ], 58 | 59 | ], 60 | 61 | /* 62 | |-------------------------------------------------------------------------- 63 | | Symbolic Links 64 | |-------------------------------------------------------------------------- 65 | | 66 | | Here you may configure the symbolic links that will be created when the 67 | | `storage:link` Artisan command is executed. The array keys should be 68 | | the locations of the links and the values should be their targets. 69 | | 70 | */ 71 | 72 | 'links' => [ 73 | public_path('storage') => storage_path('app/public'), 74 | ], 75 | 76 | ]; 77 | -------------------------------------------------------------------------------- /config/hashing.php: -------------------------------------------------------------------------------- 1 | 'bcrypt', 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Bcrypt Options 23 | |-------------------------------------------------------------------------- 24 | | 25 | | Here you may specify the configuration options that should be used when 26 | | passwords are hashed using the Bcrypt algorithm. This will allow you 27 | | to control the amount of time it takes to hash the given password. 28 | | 29 | */ 30 | 31 | 'bcrypt' => [ 32 | 'rounds' => env('BCRYPT_ROUNDS', 10), 33 | ], 34 | 35 | /* 36 | |-------------------------------------------------------------------------- 37 | | Argon Options 38 | |-------------------------------------------------------------------------- 39 | | 40 | | Here you may specify the configuration options that should be used when 41 | | passwords are hashed using the Argon algorithm. These will allow you 42 | | to control the amount of time it takes to hash the given password. 43 | | 44 | */ 45 | 46 | 'argon' => [ 47 | 'memory' => 65536, 48 | 'threads' => 1, 49 | 'time' => 4, 50 | ], 51 | 52 | ]; 53 | -------------------------------------------------------------------------------- /config/logging.php: -------------------------------------------------------------------------------- 1 | env('LOG_CHANNEL', 'stack'), 21 | 22 | /* 23 | |-------------------------------------------------------------------------- 24 | | Deprecations Log Channel 25 | |-------------------------------------------------------------------------- 26 | | 27 | | This option controls the log channel that should be used to log warnings 28 | | regarding deprecated PHP and library features. This allows you to get 29 | | your application ready for upcoming major versions of dependencies. 30 | | 31 | */ 32 | 33 | 'deprecations' => [ 34 | 'channel' => env('LOG_DEPRECATIONS_CHANNEL', 'null'), 35 | 'trace' => false, 36 | ], 37 | 38 | /* 39 | |-------------------------------------------------------------------------- 40 | | Log Channels 41 | |-------------------------------------------------------------------------- 42 | | 43 | | Here you may configure the log channels for your application. Out of 44 | | the box, Laravel uses the Monolog PHP logging library. This gives 45 | | you a variety of powerful log handlers / formatters to utilize. 46 | | 47 | | Available Drivers: "single", "daily", "slack", "syslog", 48 | | "errorlog", "monolog", 49 | | "custom", "stack" 50 | | 51 | */ 52 | 53 | 'channels' => [ 54 | 'stack' => [ 55 | 'driver' => 'stack', 56 | 'channels' => ['single'], 57 | 'ignore_exceptions' => false, 58 | ], 59 | 60 | 'single' => [ 61 | 'driver' => 'single', 62 | 'path' => storage_path('logs/laravel.log'), 63 | 'level' => env('LOG_LEVEL', 'debug'), 64 | ], 65 | 66 | 'daily' => [ 67 | 'driver' => 'daily', 68 | 'path' => storage_path('logs/laravel.log'), 69 | 'level' => env('LOG_LEVEL', 'debug'), 70 | 'days' => 14, 71 | ], 72 | 73 | 'slack' => [ 74 | 'driver' => 'slack', 75 | 'url' => env('LOG_SLACK_WEBHOOK_URL'), 76 | 'username' => 'Laravel Log', 77 | 'emoji' => ':boom:', 78 | 'level' => env('LOG_LEVEL', 'critical'), 79 | ], 80 | 81 | 'papertrail' => [ 82 | 'driver' => 'monolog', 83 | 'level' => env('LOG_LEVEL', 'debug'), 84 | 'handler' => env('LOG_PAPERTRAIL_HANDLER', SyslogUdpHandler::class), 85 | 'handler_with' => [ 86 | 'host' => env('PAPERTRAIL_URL'), 87 | 'port' => env('PAPERTRAIL_PORT'), 88 | 'connectionString' => 'tls://'.env('PAPERTRAIL_URL').':'.env('PAPERTRAIL_PORT'), 89 | ], 90 | ], 91 | 92 | 'stderr' => [ 93 | 'driver' => 'monolog', 94 | 'level' => env('LOG_LEVEL', 'debug'), 95 | 'handler' => StreamHandler::class, 96 | 'formatter' => env('LOG_STDERR_FORMATTER'), 97 | 'with' => [ 98 | 'stream' => 'php://stderr', 99 | ], 100 | ], 101 | 102 | 'syslog' => [ 103 | 'driver' => 'syslog', 104 | 'level' => env('LOG_LEVEL', 'debug'), 105 | ], 106 | 107 | 'errorlog' => [ 108 | 'driver' => 'errorlog', 109 | 'level' => env('LOG_LEVEL', 'debug'), 110 | ], 111 | 112 | 'null' => [ 113 | 'driver' => 'monolog', 114 | 'handler' => NullHandler::class, 115 | ], 116 | 117 | 'emergency' => [ 118 | 'path' => storage_path('logs/laravel.log'), 119 | ], 120 | ], 121 | 122 | ]; 123 | -------------------------------------------------------------------------------- /config/mail.php: -------------------------------------------------------------------------------- 1 | env('MAIL_MAILER', 'smtp'), 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Mailer Configurations 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Here you may configure all of the mailers used by your application plus 24 | | their respective settings. Several examples have been configured for 25 | | you and you are free to add your own as your application requires. 26 | | 27 | | Laravel supports a variety of mail "transport" drivers to be used while 28 | | sending an e-mail. You will specify which one you are using for your 29 | | mailers below. You are free to add additional mailers as required. 30 | | 31 | | Supported: "smtp", "sendmail", "mailgun", "ses", "ses-v2", 32 | | "postmark", "log", "array", "failover" 33 | | 34 | */ 35 | 36 | 'mailers' => [ 37 | 'smtp' => [ 38 | 'transport' => 'smtp', 39 | 'host' => env('MAIL_HOST', 'smtp.mailgun.org'), 40 | 'port' => env('MAIL_PORT', 587), 41 | 'encryption' => env('MAIL_ENCRYPTION', 'tls'), 42 | 'username' => env('MAIL_USERNAME'), 43 | 'password' => env('MAIL_PASSWORD'), 44 | 'timeout' => null, 45 | 'local_domain' => env('MAIL_EHLO_DOMAIN'), 46 | ], 47 | 48 | 'ses' => [ 49 | 'transport' => 'ses', 50 | ], 51 | 52 | 'mailgun' => [ 53 | 'transport' => 'mailgun', 54 | // 'client' => [ 55 | // 'timeout' => 5, 56 | // ], 57 | ], 58 | 59 | 'postmark' => [ 60 | 'transport' => 'postmark', 61 | // 'client' => [ 62 | // 'timeout' => 5, 63 | // ], 64 | ], 65 | 66 | 'sendmail' => [ 67 | 'transport' => 'sendmail', 68 | 'path' => env('MAIL_SENDMAIL_PATH', '/usr/sbin/sendmail -bs -i'), 69 | ], 70 | 71 | 'log' => [ 72 | 'transport' => 'log', 73 | 'channel' => env('MAIL_LOG_CHANNEL'), 74 | ], 75 | 76 | 'array' => [ 77 | 'transport' => 'array', 78 | ], 79 | 80 | 'failover' => [ 81 | 'transport' => 'failover', 82 | 'mailers' => [ 83 | 'smtp', 84 | 'log', 85 | ], 86 | ], 87 | ], 88 | 89 | /* 90 | |-------------------------------------------------------------------------- 91 | | Global "From" Address 92 | |-------------------------------------------------------------------------- 93 | | 94 | | You may wish for all e-mails sent by your application to be sent from 95 | | the same address. Here, you may specify a name and address that is 96 | | used globally for all e-mails that are sent by your application. 97 | | 98 | */ 99 | 100 | 'from' => [ 101 | 'address' => env('MAIL_FROM_ADDRESS', 'hello@example.com'), 102 | 'name' => env('MAIL_FROM_NAME', 'Example'), 103 | ], 104 | 105 | /* 106 | |-------------------------------------------------------------------------- 107 | | Markdown Mail Settings 108 | |-------------------------------------------------------------------------- 109 | | 110 | | If you are using Markdown based email rendering, you may configure your 111 | | theme and component paths here, allowing you to customize the design 112 | | of the emails. Or, you may simply stick with the Laravel defaults! 113 | | 114 | */ 115 | 116 | 'markdown' => [ 117 | 'theme' => 'default', 118 | 119 | 'paths' => [ 120 | resource_path('views/vendor/mail'), 121 | ], 122 | ], 123 | 124 | ]; 125 | -------------------------------------------------------------------------------- /config/queue.php: -------------------------------------------------------------------------------- 1 | env('QUEUE_CONNECTION', 'sync'), 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Queue Connections 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Here you may configure the connection information for each server that 24 | | is used by your application. A default configuration has been added 25 | | for each back-end shipped with Laravel. You are free to add more. 26 | | 27 | | Drivers: "sync", "database", "beanstalkd", "sqs", "redis", "null" 28 | | 29 | */ 30 | 31 | 'connections' => [ 32 | 33 | 'sync' => [ 34 | 'driver' => 'sync', 35 | ], 36 | 37 | 'database' => [ 38 | 'driver' => 'database', 39 | 'table' => 'jobs', 40 | 'queue' => 'default', 41 | 'retry_after' => 90, 42 | 'after_commit' => false, 43 | ], 44 | 45 | 'beanstalkd' => [ 46 | 'driver' => 'beanstalkd', 47 | 'host' => 'localhost', 48 | 'queue' => 'default', 49 | 'retry_after' => 90, 50 | 'block_for' => 0, 51 | 'after_commit' => false, 52 | ], 53 | 54 | 'sqs' => [ 55 | 'driver' => 'sqs', 56 | 'key' => env('AWS_ACCESS_KEY_ID'), 57 | 'secret' => env('AWS_SECRET_ACCESS_KEY'), 58 | 'prefix' => env('SQS_PREFIX', 'https://sqs.us-east-1.amazonaws.com/your-account-id'), 59 | 'queue' => env('SQS_QUEUE', 'default'), 60 | 'suffix' => env('SQS_SUFFIX'), 61 | 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), 62 | 'after_commit' => false, 63 | ], 64 | 65 | 'redis' => [ 66 | 'driver' => 'redis', 67 | 'connection' => 'default', 68 | 'queue' => env('REDIS_QUEUE', 'default'), 69 | 'retry_after' => 90, 70 | 'block_for' => null, 71 | 'after_commit' => false, 72 | ], 73 | 74 | ], 75 | 76 | /* 77 | |-------------------------------------------------------------------------- 78 | | Failed Queue Jobs 79 | |-------------------------------------------------------------------------- 80 | | 81 | | These options configure the behavior of failed queue job logging so you 82 | | can control which database and table are used to store the jobs that 83 | | have failed. You may change them to any database / table you wish. 84 | | 85 | */ 86 | 87 | 'failed' => [ 88 | 'driver' => env('QUEUE_FAILED_DRIVER', 'database-uuids'), 89 | 'database' => env('DB_CONNECTION', 'mysql'), 90 | 'table' => 'failed_jobs', 91 | ], 92 | 93 | ]; 94 | -------------------------------------------------------------------------------- /config/sanctum.php: -------------------------------------------------------------------------------- 1 | explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf( 19 | '%s%s', 20 | 'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1', 21 | Sanctum::currentApplicationUrlWithPort() 22 | ))), 23 | 24 | /* 25 | |-------------------------------------------------------------------------- 26 | | Sanctum Guards 27 | |-------------------------------------------------------------------------- 28 | | 29 | | This array contains the authentication guards that will be checked when 30 | | Sanctum is trying to authenticate a request. If none of these guards 31 | | are able to authenticate the request, Sanctum will use the bearer 32 | | token that's present on an incoming request for authentication. 33 | | 34 | */ 35 | 36 | 'guard' => ['web'], 37 | 38 | /* 39 | |-------------------------------------------------------------------------- 40 | | Expiration Minutes 41 | |-------------------------------------------------------------------------- 42 | | 43 | | This value controls the number of minutes until an issued token will be 44 | | considered expired. If this value is null, personal access tokens do 45 | | not expire. This won't tweak the lifetime of first-party sessions. 46 | | 47 | */ 48 | 49 | 'expiration' => null, 50 | 51 | /* 52 | |-------------------------------------------------------------------------- 53 | | Sanctum Middleware 54 | |-------------------------------------------------------------------------- 55 | | 56 | | When authenticating your first-party SPA with Sanctum you may need to 57 | | customize some of the middleware Sanctum uses while processing the 58 | | request. You may change the middleware listed below as required. 59 | | 60 | */ 61 | 62 | 'middleware' => [ 63 | 'verify_csrf_token' => App\Http\Middleware\VerifyCsrfToken::class, 64 | 'encrypt_cookies' => App\Http\Middleware\EncryptCookies::class, 65 | ], 66 | 67 | ]; 68 | -------------------------------------------------------------------------------- /config/services.php: -------------------------------------------------------------------------------- 1 | [ 18 | 'domain' => env('MAILGUN_DOMAIN'), 19 | 'secret' => env('MAILGUN_SECRET'), 20 | 'endpoint' => env('MAILGUN_ENDPOINT', 'api.mailgun.net'), 21 | 'scheme' => 'https', 22 | ], 23 | 24 | 'postmark' => [ 25 | 'token' => env('POSTMARK_TOKEN'), 26 | ], 27 | 28 | 'ses' => [ 29 | 'key' => env('AWS_ACCESS_KEY_ID'), 30 | 'secret' => env('AWS_SECRET_ACCESS_KEY'), 31 | 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), 32 | ], 33 | 34 | ]; 35 | -------------------------------------------------------------------------------- /config/view.php: -------------------------------------------------------------------------------- 1 | [ 17 | resource_path('views'), 18 | ], 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Compiled View Path 23 | |-------------------------------------------------------------------------- 24 | | 25 | | This option determines where all the compiled Blade templates will be 26 | | stored for your application. Typically, this is within the storage 27 | | directory. However, as usual, you are free to change this value. 28 | | 29 | */ 30 | 31 | 'compiled' => env( 32 | 'VIEW_COMPILED_PATH', 33 | realpath(storage_path('framework/views')) 34 | ), 35 | 36 | ]; 37 | -------------------------------------------------------------------------------- /database/.gitignore: -------------------------------------------------------------------------------- 1 | *.sqlite* 2 | -------------------------------------------------------------------------------- /database/factories/UserFactory.php: -------------------------------------------------------------------------------- 1 | 10 | */ 11 | class UserFactory extends Factory 12 | { 13 | /** 14 | * Define the model's default state. 15 | * 16 | * @return array 17 | */ 18 | public function definition(): array 19 | { 20 | return [ 21 | 'name' => fake()->name(), 22 | 'email' => fake()->unique()->safeEmail(), 23 | 'email_verified_at' => now(), 24 | 'password' => '$2y$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', // password 25 | 'remember_token' => Str::random(10), 26 | ]; 27 | } 28 | 29 | /** 30 | * Indicate that the model's email address should be unverified. 31 | */ 32 | public function unverified(): static 33 | { 34 | return $this->state(fn (array $attributes) => [ 35 | 'email_verified_at' => null, 36 | ]); 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /database/migrations/2014_10_12_000000_create_users_table.php: -------------------------------------------------------------------------------- 1 | id(); 16 | $table->string('name'); 17 | $table->string('email')->unique(); 18 | $table->timestamp('email_verified_at')->nullable(); 19 | $table->string('password'); 20 | $table->rememberToken(); 21 | $table->timestamps(); 22 | }); 23 | } 24 | 25 | /** 26 | * Reverse the migrations. 27 | */ 28 | public function down(): void 29 | { 30 | Schema::dropIfExists('users'); 31 | } 32 | }; 33 | -------------------------------------------------------------------------------- /database/migrations/2014_10_12_100000_create_password_reset_tokens_table.php: -------------------------------------------------------------------------------- 1 | string('email')->primary(); 16 | $table->string('token'); 17 | $table->timestamp('created_at')->nullable(); 18 | }); 19 | } 20 | 21 | /** 22 | * Reverse the migrations. 23 | */ 24 | public function down(): void 25 | { 26 | Schema::dropIfExists('password_reset_tokens'); 27 | } 28 | }; 29 | -------------------------------------------------------------------------------- /database/migrations/2019_08_19_000000_create_failed_jobs_table.php: -------------------------------------------------------------------------------- 1 | id(); 16 | $table->string('uuid')->unique(); 17 | $table->text('connection'); 18 | $table->text('queue'); 19 | $table->longText('payload'); 20 | $table->longText('exception'); 21 | $table->timestamp('failed_at')->useCurrent(); 22 | }); 23 | } 24 | 25 | /** 26 | * Reverse the migrations. 27 | */ 28 | public function down(): void 29 | { 30 | Schema::dropIfExists('failed_jobs'); 31 | } 32 | }; 33 | -------------------------------------------------------------------------------- /database/migrations/2019_12_14_000001_create_personal_access_tokens_table.php: -------------------------------------------------------------------------------- 1 | id(); 16 | $table->morphs('tokenable'); 17 | $table->string('name'); 18 | $table->string('token', 64)->unique(); 19 | $table->text('abilities')->nullable(); 20 | $table->timestamp('last_used_at')->nullable(); 21 | $table->timestamp('expires_at')->nullable(); 22 | $table->timestamps(); 23 | }); 24 | } 25 | 26 | /** 27 | * Reverse the migrations. 28 | */ 29 | public function down(): void 30 | { 31 | Schema::dropIfExists('personal_access_tokens'); 32 | } 33 | }; 34 | -------------------------------------------------------------------------------- /database/migrations/2023_03_15_132250_create_posts_table.php: -------------------------------------------------------------------------------- 1 | id(); 16 | $table->string('title'); 17 | $table->timestamps(); 18 | }); 19 | } 20 | 21 | /** 22 | * Reverse the migrations. 23 | */ 24 | public function down(): void 25 | { 26 | Schema::dropIfExists('posts'); 27 | } 28 | }; 29 | -------------------------------------------------------------------------------- /database/seeders/AdminSeeder.php: -------------------------------------------------------------------------------- 1 | 'admin', 19 | 'email' => 'admin@example.com', 20 | 'email_verified_at' => now(), 21 | 'password' => '$2y$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', // password 22 | 'remember_token' => Str::random(10), 23 | ])->assignRole('admin'); 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /database/seeders/DatabaseSeeder.php: -------------------------------------------------------------------------------- 1 | call(RoleSeeder::class); 16 | $this->call(AdminSeeder::class); 17 | 18 | // \App\Models\User::factory()->create([ 19 | // 'name' => 'Test User', 20 | // 'email' => 'test@example.com', 21 | // ]); 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /database/seeders/RoleSeeder.php: -------------------------------------------------------------------------------- 1 | 'admin']); 17 | Role::create(['name' => 'moderator']); 18 | Role::create(['name' => 'user']); 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /jsconfig.json: -------------------------------------------------------------------------------- 1 | { 2 | "compilerOptions": { 3 | "baseUrl": ".", 4 | "paths": { 5 | "@/*": ["resources/js/*"] 6 | } 7 | }, 8 | "exclude": ["node_modules", "public"] 9 | } 10 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "private": true, 3 | "scripts": { 4 | "dev": "vite", 5 | "build": "vite build" 6 | }, 7 | "devDependencies": { 8 | "@inertiajs/vue3": "^1.0.0", 9 | "@tailwindcss/forms": "^0.5.3", 10 | "@vitejs/plugin-vue": "^4.0.0", 11 | "autoprefixer": "^10.4.12", 12 | "axios": "^1.1.2", 13 | "laravel-vite-plugin": "^0.7.2", 14 | "postcss": "^8.4.18", 15 | "tailwindcss": "^3.2.1", 16 | "vite": "^4.0.0", 17 | "vue": "^3.2.41" 18 | }, 19 | "dependencies": { 20 | "vue-multiselect": "^3.0.0-beta.1" 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /phpunit.xml: -------------------------------------------------------------------------------- 1 | 2 | 7 | 8 | 9 | ./tests/Unit 10 | 11 | 12 | ./tests/Feature 13 | 14 | 15 | 16 | 17 | ./app 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | -------------------------------------------------------------------------------- /postcss.config.js: -------------------------------------------------------------------------------- 1 | module.exports = { 2 | plugins: { 3 | tailwindcss: {}, 4 | autoprefixer: {}, 5 | }, 6 | }; 7 | -------------------------------------------------------------------------------- /public/.htaccess: -------------------------------------------------------------------------------- 1 | 2 | 3 | Options -MultiViews -Indexes 4 | 5 | 6 | RewriteEngine On 7 | 8 | # Handle Authorization Header 9 | RewriteCond %{HTTP:Authorization} . 10 | RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] 11 | 12 | # Redirect Trailing Slashes If Not A Folder... 13 | RewriteCond %{REQUEST_FILENAME} !-d 14 | RewriteCond %{REQUEST_URI} (.+)/$ 15 | RewriteRule ^ %1 [L,R=301] 16 | 17 | # Send Requests To Front Controller... 18 | RewriteCond %{REQUEST_FILENAME} !-d 19 | RewriteCond %{REQUEST_FILENAME} !-f 20 | RewriteRule ^ index.php [L] 21 | 22 | -------------------------------------------------------------------------------- /public/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tonyxhepa/laravel-inertia-permissions/e6b23f7aa8c113831f552e4cb9e264d6b0eb802c/public/favicon.ico -------------------------------------------------------------------------------- /public/index.php: -------------------------------------------------------------------------------- 1 | make(Kernel::class); 50 | 51 | $response = $kernel->handle( 52 | $request = Request::capture() 53 | )->send(); 54 | 55 | $kernel->terminate($request, $response); 56 | -------------------------------------------------------------------------------- /public/robots.txt: -------------------------------------------------------------------------------- 1 | User-agent: * 2 | Disallow: 3 | -------------------------------------------------------------------------------- /resources/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tonyxhepa/laravel-inertia-permissions/e6b23f7aa8c113831f552e4cb9e264d6b0eb802c/resources/.DS_Store -------------------------------------------------------------------------------- /resources/css/app.css: -------------------------------------------------------------------------------- 1 | @tailwind base; 2 | @tailwind components; 3 | @tailwind utilities; 4 | -------------------------------------------------------------------------------- /resources/js/Components/ApplicationLogo.vue: -------------------------------------------------------------------------------- 1 | 8 | -------------------------------------------------------------------------------- /resources/js/Components/Checkbox.vue: -------------------------------------------------------------------------------- 1 | 26 | 27 | 35 | -------------------------------------------------------------------------------- /resources/js/Components/DangerButton.vue: -------------------------------------------------------------------------------- 1 | 9 | 10 | 18 | -------------------------------------------------------------------------------- /resources/js/Components/Dropdown.vue: -------------------------------------------------------------------------------- 1 | 43 | 44 | 75 | -------------------------------------------------------------------------------- /resources/js/Components/DropdownLink.vue: -------------------------------------------------------------------------------- 1 | 4 | 5 | 12 | -------------------------------------------------------------------------------- /resources/js/Components/InputError.vue: -------------------------------------------------------------------------------- 1 | 4 | 5 | 12 | -------------------------------------------------------------------------------- /resources/js/Components/InputLabel.vue: -------------------------------------------------------------------------------- 1 | 4 | 5 | 11 | -------------------------------------------------------------------------------- /resources/js/Components/Modal.vue: -------------------------------------------------------------------------------- 1 | 61 | 62 | 99 | -------------------------------------------------------------------------------- /resources/js/Components/NavLink.vue: -------------------------------------------------------------------------------- 1 | 13 | 14 | 19 | -------------------------------------------------------------------------------- /resources/js/Components/PrimaryButton.vue: -------------------------------------------------------------------------------- 1 | 9 | 10 | 18 | -------------------------------------------------------------------------------- /resources/js/Components/ResponsiveNavLink.vue: -------------------------------------------------------------------------------- 1 | 13 | 14 | 19 | -------------------------------------------------------------------------------- /resources/js/Components/SecondaryButton.vue: -------------------------------------------------------------------------------- 1 | 9 | 10 | 18 | -------------------------------------------------------------------------------- /resources/js/Components/SidebarLink.vue: -------------------------------------------------------------------------------- 1 | 13 | 14 | 19 | -------------------------------------------------------------------------------- /resources/js/Components/Table.vue: -------------------------------------------------------------------------------- 1 | 3 | -------------------------------------------------------------------------------- /resources/js/Components/TableDataCell.vue: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /resources/js/Components/TableHeaderCell.vue: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /resources/js/Components/TableRow.vue: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /resources/js/Components/TextInput.vue: -------------------------------------------------------------------------------- 1 | 18 | 19 | 27 | -------------------------------------------------------------------------------- /resources/js/Layouts/GuestLayout.vue: -------------------------------------------------------------------------------- 1 | 5 | 6 | 21 | -------------------------------------------------------------------------------- /resources/js/Pages/Admin/AdminIndex.vue: -------------------------------------------------------------------------------- 1 | 5 | 6 | 15 | -------------------------------------------------------------------------------- /resources/js/Pages/Admin/Permissions/Create.vue: -------------------------------------------------------------------------------- 1 | 13 | 14 | 48 | -------------------------------------------------------------------------------- /resources/js/Pages/Admin/Permissions/Edit.vue: -------------------------------------------------------------------------------- 1 | 20 | 21 | 65 | -------------------------------------------------------------------------------- /resources/js/Pages/Admin/Permissions/PermissionIndex.vue: -------------------------------------------------------------------------------- 1 | 33 | 34 | 88 | -------------------------------------------------------------------------------- /resources/js/Pages/Admin/Posts/Create.vue: -------------------------------------------------------------------------------- 1 | 16 | 17 | -------------------------------------------------------------------------------- /resources/js/Pages/Admin/Posts/Edit.vue: -------------------------------------------------------------------------------- 1 | 25 | 26 | -------------------------------------------------------------------------------- /resources/js/Pages/Admin/Roles/Create.vue: -------------------------------------------------------------------------------- 1 | 20 | 21 | 75 | -------------------------------------------------------------------------------- /resources/js/Pages/Admin/Roles/RoleIndex.vue: -------------------------------------------------------------------------------- 1 | 32 | 33 | 74 | -------------------------------------------------------------------------------- /resources/js/Pages/Admin/Users/Create.vue: -------------------------------------------------------------------------------- 1 | 30 | 31 | 146 | -------------------------------------------------------------------------------- /resources/js/Pages/Admin/Users/UserIndex.vue: -------------------------------------------------------------------------------- 1 | 33 | 34 | 86 | -------------------------------------------------------------------------------- /resources/js/Pages/Auth/ConfirmPassword.vue: -------------------------------------------------------------------------------- 1 | 19 | 20 | 51 | -------------------------------------------------------------------------------- /resources/js/Pages/Auth/ForgotPassword.vue: -------------------------------------------------------------------------------- 1 | 21 | 22 | 60 | -------------------------------------------------------------------------------- /resources/js/Pages/Auth/Login.vue: -------------------------------------------------------------------------------- 1 | 27 | 28 | 91 | -------------------------------------------------------------------------------- /resources/js/Pages/Auth/Register.vue: -------------------------------------------------------------------------------- 1 | 23 | 24 | 105 | -------------------------------------------------------------------------------- /resources/js/Pages/Auth/ResetPassword.vue: -------------------------------------------------------------------------------- 1 | 27 | 28 | 87 | -------------------------------------------------------------------------------- /resources/js/Pages/Auth/VerifyEmail.vue: -------------------------------------------------------------------------------- 1 | 19 | 20 | 50 | -------------------------------------------------------------------------------- /resources/js/Pages/Dashboard.vue: -------------------------------------------------------------------------------- 1 | 5 | 6 | 23 | -------------------------------------------------------------------------------- /resources/js/Pages/Profile/Edit.vue: -------------------------------------------------------------------------------- 1 | 13 | 14 | 43 | -------------------------------------------------------------------------------- /resources/js/Pages/Profile/Partials/DeleteUserForm.vue: -------------------------------------------------------------------------------- 1 | 39 | 40 | 95 | -------------------------------------------------------------------------------- /resources/js/Pages/Profile/Partials/UpdatePasswordForm.vue: -------------------------------------------------------------------------------- 1 | 35 | 36 | 101 | -------------------------------------------------------------------------------- /resources/js/Pages/Profile/Partials/UpdateProfileInformationForm.vue: -------------------------------------------------------------------------------- 1 | 20 | 21 | 94 | -------------------------------------------------------------------------------- /resources/js/app.js: -------------------------------------------------------------------------------- 1 | import './bootstrap'; 2 | import '../css/app.css'; 3 | 4 | import { createApp, h } from 'vue'; 5 | import { createInertiaApp } from '@inertiajs/vue3'; 6 | import { resolvePageComponent } from 'laravel-vite-plugin/inertia-helpers'; 7 | import { ZiggyVue } from '../../vendor/tightenco/ziggy/dist/vue.m'; 8 | 9 | const appName = window.document.getElementsByTagName('title')[0]?.innerText || 'Laravel'; 10 | 11 | createInertiaApp({ 12 | title: (title) => `${title} - ${appName}`, 13 | resolve: (name) => resolvePageComponent(`./Pages/${name}.vue`, import.meta.glob('./Pages/**/*.vue')), 14 | setup({ el, App, props, plugin }) { 15 | return createApp({ render: () => h(App, props) }) 16 | .use(plugin) 17 | .use(ZiggyVue, Ziggy) 18 | .mount(el); 19 | }, 20 | progress: { 21 | color: '#4B5563', 22 | }, 23 | }); 24 | -------------------------------------------------------------------------------- /resources/js/bootstrap.js: -------------------------------------------------------------------------------- 1 | /** 2 | * We'll load the axios HTTP library which allows us to easily issue requests 3 | * to our Laravel back-end. This library automatically handles sending the 4 | * CSRF token as a header based on the value of the "XSRF" token cookie. 5 | */ 6 | 7 | import axios from 'axios'; 8 | window.axios = axios; 9 | 10 | window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest'; 11 | 12 | /** 13 | * Echo exposes an expressive API for subscribing to channels and listening 14 | * for events that are broadcast by Laravel. Echo and event broadcasting 15 | * allows your team to easily build robust real-time web applications. 16 | */ 17 | 18 | // import Echo from 'laravel-echo'; 19 | 20 | // import Pusher from 'pusher-js'; 21 | // window.Pusher = Pusher; 22 | 23 | // window.Echo = new Echo({ 24 | // broadcaster: 'pusher', 25 | // key: import.meta.env.VITE_PUSHER_APP_KEY, 26 | // cluster: import.meta.env.VITE_PUSHER_APP_CLUSTER ?? 'mt1', 27 | // wsHost: import.meta.env.VITE_PUSHER_HOST ? import.meta.env.VITE_PUSHER_HOST : `ws-${import.meta.env.VITE_PUSHER_APP_CLUSTER}.pusher.com`, 28 | // wsPort: import.meta.env.VITE_PUSHER_PORT ?? 80, 29 | // wssPort: import.meta.env.VITE_PUSHER_PORT ?? 443, 30 | // forceTLS: (import.meta.env.VITE_PUSHER_SCHEME ?? 'https') === 'https', 31 | // enabledTransports: ['ws', 'wss'], 32 | // }); 33 | -------------------------------------------------------------------------------- /resources/js/composables/permissions.js: -------------------------------------------------------------------------------- 1 | import { usePage } from "@inertiajs/vue3"; 2 | 3 | export function usePermission() { 4 | const hasRole = (name) => usePage().props.auth.user.roles.includes(name); 5 | const hasPermission = (name) => 6 | usePage().props.auth.user.permissions.includes(name); 7 | 8 | return { hasRole, hasPermission }; 9 | } 10 | -------------------------------------------------------------------------------- /resources/views/app.blade.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | {{ config('app.name', 'Laravel') }} 8 | 9 | 10 | 11 | 12 | 13 | 14 | @routes 15 | @vite(['resources/js/app.js', "resources/js/Pages/{$page['component']}.vue"]) 16 | @inertiaHead 17 | 18 | 19 | @inertia 20 | 21 | 22 | -------------------------------------------------------------------------------- /routes/api.php: -------------------------------------------------------------------------------- 1 | get('/user', function (Request $request) { 18 | return $request->user(); 19 | }); 20 | -------------------------------------------------------------------------------- /routes/auth.php: -------------------------------------------------------------------------------- 1 | group(function () { 15 | Route::get('register', [RegisteredUserController::class, 'create']) 16 | ->name('register'); 17 | 18 | Route::post('register', [RegisteredUserController::class, 'store']); 19 | 20 | Route::get('login', [AuthenticatedSessionController::class, 'create']) 21 | ->name('login'); 22 | 23 | Route::post('login', [AuthenticatedSessionController::class, 'store']); 24 | 25 | Route::get('forgot-password', [PasswordResetLinkController::class, 'create']) 26 | ->name('password.request'); 27 | 28 | Route::post('forgot-password', [PasswordResetLinkController::class, 'store']) 29 | ->name('password.email'); 30 | 31 | Route::get('reset-password/{token}', [NewPasswordController::class, 'create']) 32 | ->name('password.reset'); 33 | 34 | Route::post('reset-password', [NewPasswordController::class, 'store']) 35 | ->name('password.store'); 36 | }); 37 | 38 | Route::middleware('auth')->group(function () { 39 | Route::get('verify-email', EmailVerificationPromptController::class) 40 | ->name('verification.notice'); 41 | 42 | Route::get('verify-email/{id}/{hash}', VerifyEmailController::class) 43 | ->middleware(['signed', 'throttle:6,1']) 44 | ->name('verification.verify'); 45 | 46 | Route::post('email/verification-notification', [EmailVerificationNotificationController::class, 'store']) 47 | ->middleware('throttle:6,1') 48 | ->name('verification.send'); 49 | 50 | Route::get('confirm-password', [ConfirmablePasswordController::class, 'show']) 51 | ->name('password.confirm'); 52 | 53 | Route::post('confirm-password', [ConfirmablePasswordController::class, 'store']); 54 | 55 | Route::put('password', [PasswordController::class, 'update'])->name('password.update'); 56 | 57 | Route::post('logout', [AuthenticatedSessionController::class, 'destroy']) 58 | ->name('logout'); 59 | }); 60 | -------------------------------------------------------------------------------- /routes/channels.php: -------------------------------------------------------------------------------- 1 | id === (int) $id; 18 | }); 19 | -------------------------------------------------------------------------------- /routes/console.php: -------------------------------------------------------------------------------- 1 | comment(Inspiring::quote()); 19 | })->purpose('Display an inspiring quote'); 20 | -------------------------------------------------------------------------------- /routes/web.php: -------------------------------------------------------------------------------- 1 | Route::has('login'), 22 | 'canRegister' => Route::has('register'), 23 | 'laravelVersion' => Application::VERSION, 24 | 'phpVersion' => PHP_VERSION, 25 | ]); 26 | }); 27 | 28 | Route::resource('/users', UserController::class); 29 | Route::resource('/roles', RoleController::class); 30 | Route::resource('/permissions', PermissionController::class); 31 | Route::resource('/posts', PostController::class); 32 | Route::delete('/roles/{role}/permissions/{permission}', RevokePermissionFromRoleController::class) 33 | ->name('roles.permissions.destroy'); 34 | Route::delete('/users/{user}/permissions/{permission}', RevokePermissionFromUserController::class) 35 | ->name('users.permissions.destroy'); 36 | Route::delete('/users/{user}/roles/{role}', RemoveRoleFromUserController::class) 37 | ->name('users.roles.destroy'); 38 | 39 | Route::get('/dashboard', function () { 40 | return Inertia::render('Dashboard'); 41 | })->middleware(['auth', 'verified'])->name('dashboard'); 42 | 43 | Route::middleware('auth')->group(function () { 44 | Route::get('/profile', [ProfileController::class, 'edit'])->name('profile.edit'); 45 | Route::patch('/profile', [ProfileController::class, 'update'])->name('profile.update'); 46 | Route::delete('/profile', [ProfileController::class, 'destroy'])->name('profile.destroy'); 47 | }); 48 | 49 | Route::middleware(['auth', 'role:admin'])->group(function () { 50 | Route::get('/admin', [AdminController::class, 'index'])->name('admin.index'); 51 | }); 52 | 53 | require __DIR__ . '/auth.php'; 54 | -------------------------------------------------------------------------------- /storage/app/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !public/ 3 | !.gitignore 4 | -------------------------------------------------------------------------------- /storage/app/public/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/framework/.gitignore: -------------------------------------------------------------------------------- 1 | compiled.php 2 | config.php 3 | down 4 | events.scanned.php 5 | maintenance.php 6 | routes.php 7 | routes.scanned.php 8 | schedule-* 9 | services.json 10 | -------------------------------------------------------------------------------- /storage/framework/cache/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !data/ 3 | !.gitignore 4 | -------------------------------------------------------------------------------- /storage/framework/cache/data/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/framework/sessions/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/framework/testing/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/framework/views/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/logs/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /tailwind.config.js: -------------------------------------------------------------------------------- 1 | const defaultTheme = require('tailwindcss/defaultTheme'); 2 | 3 | /** @type {import('tailwindcss').Config} */ 4 | module.exports = { 5 | content: [ 6 | './vendor/laravel/framework/src/Illuminate/Pagination/resources/views/*.blade.php', 7 | './storage/framework/views/*.php', 8 | './resources/views/**/*.blade.php', 9 | './resources/js/**/*.vue', 10 | ], 11 | 12 | theme: { 13 | extend: { 14 | fontFamily: { 15 | sans: ['Figtree', ...defaultTheme.fontFamily.sans], 16 | }, 17 | }, 18 | }, 19 | 20 | plugins: [require('@tailwindcss/forms')], 21 | }; 22 | -------------------------------------------------------------------------------- /tests/CreatesApplication.php: -------------------------------------------------------------------------------- 1 | make(Kernel::class)->bootstrap(); 18 | 19 | return $app; 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /tests/Feature/Auth/AuthenticationTest.php: -------------------------------------------------------------------------------- 1 | get('/login'); 8 | 9 | $response->assertStatus(200); 10 | }); 11 | 12 | test('users can authenticate using the login screen', function () { 13 | $user = User::factory()->create(); 14 | 15 | $response = $this->post('/login', [ 16 | 'email' => $user->email, 17 | 'password' => 'password', 18 | ]); 19 | 20 | $this->assertAuthenticated(); 21 | $response->assertRedirect(RouteServiceProvider::HOME); 22 | }); 23 | 24 | test('users can not authenticate with invalid password', function () { 25 | $user = User::factory()->create(); 26 | 27 | $this->post('/login', [ 28 | 'email' => $user->email, 29 | 'password' => 'wrong-password', 30 | ]); 31 | 32 | $this->assertGuest(); 33 | }); 34 | -------------------------------------------------------------------------------- /tests/Feature/Auth/EmailVerificationTest.php: -------------------------------------------------------------------------------- 1 | create([ 11 | 'email_verified_at' => null, 12 | ]); 13 | 14 | $response = $this->actingAs($user)->get('/verify-email'); 15 | 16 | $response->assertStatus(200); 17 | }); 18 | 19 | test('email can be verified', function () { 20 | $user = User::factory()->create([ 21 | 'email_verified_at' => null, 22 | ]); 23 | 24 | Event::fake(); 25 | 26 | $verificationUrl = URL::temporarySignedRoute( 27 | 'verification.verify', 28 | now()->addMinutes(60), 29 | ['id' => $user->id, 'hash' => sha1($user->email)] 30 | ); 31 | 32 | $response = $this->actingAs($user)->get($verificationUrl); 33 | 34 | Event::assertDispatched(Verified::class); 35 | expect($user->fresh()->hasVerifiedEmail())->toBeTrue(); 36 | $response->assertRedirect(RouteServiceProvider::HOME.'?verified=1'); 37 | }); 38 | 39 | test('email is not verified with invalid hash', function () { 40 | $user = User::factory()->create([ 41 | 'email_verified_at' => null, 42 | ]); 43 | 44 | $verificationUrl = URL::temporarySignedRoute( 45 | 'verification.verify', 46 | now()->addMinutes(60), 47 | ['id' => $user->id, 'hash' => sha1('wrong-email')] 48 | ); 49 | 50 | $this->actingAs($user)->get($verificationUrl); 51 | 52 | expect($user->fresh()->hasVerifiedEmail())->toBeFalse(); 53 | }); 54 | -------------------------------------------------------------------------------- /tests/Feature/Auth/PasswordConfirmationTest.php: -------------------------------------------------------------------------------- 1 | create(); 7 | 8 | $response = $this->actingAs($user)->get('/confirm-password'); 9 | 10 | $response->assertStatus(200); 11 | }); 12 | 13 | test('password can be confirmed', function () { 14 | $user = User::factory()->create(); 15 | 16 | $response = $this->actingAs($user)->post('/confirm-password', [ 17 | 'password' => 'password', 18 | ]); 19 | 20 | $response->assertRedirect(); 21 | $response->assertSessionHasNoErrors(); 22 | }); 23 | 24 | test('password is not confirmed with invalid password', function () { 25 | $user = User::factory()->create(); 26 | 27 | $response = $this->actingAs($user)->post('/confirm-password', [ 28 | 'password' => 'wrong-password', 29 | ]); 30 | 31 | $response->assertSessionHasErrors(); 32 | }); 33 | -------------------------------------------------------------------------------- /tests/Feature/Auth/PasswordResetTest.php: -------------------------------------------------------------------------------- 1 | get('/forgot-password'); 9 | 10 | $response->assertStatus(200); 11 | }); 12 | 13 | test('reset password link can be requested', function () { 14 | Notification::fake(); 15 | 16 | $user = User::factory()->create(); 17 | 18 | $this->post('/forgot-password', ['email' => $user->email]); 19 | 20 | Notification::assertSentTo($user, ResetPassword::class); 21 | }); 22 | 23 | test('reset password screen can be rendered', function () { 24 | Notification::fake(); 25 | 26 | $user = User::factory()->create(); 27 | 28 | $this->post('/forgot-password', ['email' => $user->email]); 29 | 30 | Notification::assertSentTo($user, ResetPassword::class, function ($notification) { 31 | $response = $this->get('/reset-password/'.$notification->token); 32 | 33 | $response->assertStatus(200); 34 | 35 | return true; 36 | }); 37 | }); 38 | 39 | test('password can be reset with valid token', function () { 40 | Notification::fake(); 41 | 42 | $user = User::factory()->create(); 43 | 44 | $this->post('/forgot-password', ['email' => $user->email]); 45 | 46 | Notification::assertSentTo($user, ResetPassword::class, function ($notification) use ($user) { 47 | $response = $this->post('/reset-password', [ 48 | 'token' => $notification->token, 49 | 'email' => $user->email, 50 | 'password' => 'password', 51 | 'password_confirmation' => 'password', 52 | ]); 53 | 54 | $response->assertSessionHasNoErrors(); 55 | 56 | return true; 57 | }); 58 | }); 59 | -------------------------------------------------------------------------------- /tests/Feature/Auth/PasswordUpdateTest.php: -------------------------------------------------------------------------------- 1 | create(); 17 | 18 | $response = $this 19 | ->actingAs($user) 20 | ->from('/profile') 21 | ->put('/password', [ 22 | 'current_password' => 'password', 23 | 'password' => 'new-password', 24 | 'password_confirmation' => 'new-password', 25 | ]); 26 | 27 | $response 28 | ->assertSessionHasNoErrors() 29 | ->assertRedirect('/profile'); 30 | 31 | $this->assertTrue(Hash::check('new-password', $user->refresh()->password)); 32 | } 33 | 34 | public function test_correct_password_must_be_provided_to_update_password(): void 35 | { 36 | $user = User::factory()->create(); 37 | 38 | $response = $this 39 | ->actingAs($user) 40 | ->from('/profile') 41 | ->put('/password', [ 42 | 'current_password' => 'wrong-password', 43 | 'password' => 'new-password', 44 | 'password_confirmation' => 'new-password', 45 | ]); 46 | 47 | $response 48 | ->assertSessionHasErrors('current_password') 49 | ->assertRedirect('/profile'); 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /tests/Feature/Auth/RegistrationTest.php: -------------------------------------------------------------------------------- 1 | get('/register'); 7 | 8 | $response->assertStatus(200); 9 | }); 10 | 11 | test('new users can register', function () { 12 | $response = $this->post('/register', [ 13 | 'name' => 'Test User', 14 | 'email' => 'test@example.com', 15 | 'password' => 'password', 16 | 'password_confirmation' => 'password', 17 | ]); 18 | 19 | $this->assertAuthenticated(); 20 | $response->assertRedirect(RouteServiceProvider::HOME); 21 | }); 22 | -------------------------------------------------------------------------------- /tests/Feature/ExampleTest.php: -------------------------------------------------------------------------------- 1 | get('/'); 5 | 6 | $response->assertStatus(200); 7 | }); 8 | -------------------------------------------------------------------------------- /tests/Feature/ProfileTest.php: -------------------------------------------------------------------------------- 1 | create(); 16 | 17 | $response = $this 18 | ->actingAs($user) 19 | ->get('/profile'); 20 | 21 | $response->assertOk(); 22 | } 23 | 24 | public function test_profile_information_can_be_updated(): void 25 | { 26 | $user = User::factory()->create(); 27 | 28 | $response = $this 29 | ->actingAs($user) 30 | ->patch('/profile', [ 31 | 'name' => 'Test User', 32 | 'email' => 'test@example.com', 33 | ]); 34 | 35 | $response 36 | ->assertSessionHasNoErrors() 37 | ->assertRedirect('/profile'); 38 | 39 | $user->refresh(); 40 | 41 | $this->assertSame('Test User', $user->name); 42 | $this->assertSame('test@example.com', $user->email); 43 | $this->assertNull($user->email_verified_at); 44 | } 45 | 46 | public function test_email_verification_status_is_unchanged_when_the_email_address_is_unchanged(): void 47 | { 48 | $user = User::factory()->create(); 49 | 50 | $response = $this 51 | ->actingAs($user) 52 | ->patch('/profile', [ 53 | 'name' => 'Test User', 54 | 'email' => $user->email, 55 | ]); 56 | 57 | $response 58 | ->assertSessionHasNoErrors() 59 | ->assertRedirect('/profile'); 60 | 61 | $this->assertNotNull($user->refresh()->email_verified_at); 62 | } 63 | 64 | public function test_user_can_delete_their_account(): void 65 | { 66 | $user = User::factory()->create(); 67 | 68 | $response = $this 69 | ->actingAs($user) 70 | ->delete('/profile', [ 71 | 'password' => 'password', 72 | ]); 73 | 74 | $response 75 | ->assertSessionHasNoErrors() 76 | ->assertRedirect('/'); 77 | 78 | $this->assertGuest(); 79 | $this->assertNull($user->fresh()); 80 | } 81 | 82 | public function test_correct_password_must_be_provided_to_delete_account(): void 83 | { 84 | $user = User::factory()->create(); 85 | 86 | $response = $this 87 | ->actingAs($user) 88 | ->from('/profile') 89 | ->delete('/profile', [ 90 | 'password' => 'wrong-password', 91 | ]); 92 | 93 | $response 94 | ->assertSessionHasErrors('password') 95 | ->assertRedirect('/profile'); 96 | 97 | $this->assertNotNull($user->fresh()); 98 | } 99 | } 100 | -------------------------------------------------------------------------------- /tests/Pest.php: -------------------------------------------------------------------------------- 1 | in('Feature'); 18 | 19 | /* 20 | |-------------------------------------------------------------------------- 21 | | Expectations 22 | |-------------------------------------------------------------------------- 23 | | 24 | | When you're writing tests, you often need to check that values meet certain conditions. The 25 | | "expect()" function gives you access to a set of "expectations" methods that you can use 26 | | to assert different things. Of course, you may extend the Expectation API at any time. 27 | | 28 | */ 29 | 30 | expect()->extend('toBeOne', function () { 31 | return $this->toBe(1); 32 | }); 33 | 34 | /* 35 | |-------------------------------------------------------------------------- 36 | | Functions 37 | |-------------------------------------------------------------------------- 38 | | 39 | | While Pest is very powerful out-of-the-box, you may have some testing code specific to your 40 | | project that you don't want to repeat in every file. Here you can also expose helpers as 41 | | global functions to help you to reduce the number of lines of code in your test files. 42 | | 43 | */ 44 | 45 | function something() 46 | { 47 | // .. 48 | } 49 | -------------------------------------------------------------------------------- /tests/TestCase.php: -------------------------------------------------------------------------------- 1 | toBeTrue(); 5 | }); 6 | -------------------------------------------------------------------------------- /vite.config.js: -------------------------------------------------------------------------------- 1 | import { defineConfig } from 'vite'; 2 | import laravel from 'laravel-vite-plugin'; 3 | import vue from '@vitejs/plugin-vue'; 4 | 5 | export default defineConfig({ 6 | plugins: [ 7 | laravel({ 8 | input: 'resources/js/app.js', 9 | refresh: true, 10 | }), 11 | vue({ 12 | template: { 13 | transformAssetUrls: { 14 | base: null, 15 | includeAbsolute: false, 16 | }, 17 | }, 18 | }), 19 | ], 20 | }); 21 | --------------------------------------------------------------------------------