Initial V2 commit

2026-04-22 21:59:56 +03:00
commit 4706404488
53 changed files with 4392 additions and 0 deletions
--- a/routes/api.php
+++ b/routes/api.php
@@ -0,0 +1,153 @@
+<?php
+
+use Illuminate\Support\Facades\Route;
+use App\Http\Controllers\AuthController;
+use App\Http\Controllers\RideController;
+use App\Http\Controllers\TrackingController;
+use App\Http\Controllers\ProfileController;
+use App\Http\Controllers\WalletController;
+use App\Http\Controllers\RatingController;
+use App\Http\Controllers\PromoController;
+use App\Http\Controllers\OtpController;
+use App\Http\Controllers\UploadController;
+use App\Http\Controllers\PlaceController;
+use App\Http\Controllers\NotificationController;
+
+/*
+|--------------------------------------------------------------------------
+| Intaleq V2 API Routes
+|--------------------------------------------------------------------------
+|
+| All routes are prefixed with /v2 and use JSON responses.
+| Public routes: auth endpoints only.
+| Protected routes: require JWT + HMAC middleware.
+|
+*/
+
+// ══════════════════════════════════════════════
+// PUBLIC — Authentication (no middleware)
+// ══════════════════════════════════════════════
+Route::prefix('v2/auth')->group(function () {
+    // Passenger
+    Route::post('/passenger/login', [AuthController::class, 'passengerLogin']);
+    Route::post('/passenger/register', [AuthController::class, 'passengerRegister']);
+    Route::post('/passenger/wallet-login', [AuthController::class, 'passengerWalletLogin']);
+
+    // Driver
+    Route::post('/driver/login', [AuthController::class, 'driverLogin']);
+    Route::post('/driver/register', [AuthController::class, 'driverRegister']);
+    Route::post('/driver/wallet-login', [AuthController::class, 'driverWalletLogin']);
+
+    // Admin & Service
+    Route::post('/admin/login', [AuthController::class, 'adminLogin']);
+});
+
+// OTP (public, but rate-limited)
+Route::prefix('v2/otp')->middleware('throttle:10,1')->group(function () {
+    Route::post('/send', [OtpController::class, 'send']);
+    Route::post('/verify', [OtpController::class, 'verify']);
+    Route::post('/email/send', [OtpController::class, 'sendEmail']);
+    Route::post('/email/verify', [OtpController::class, 'verifyEmail']);
+    Route::get('/check-phone', [OtpController::class, 'checkPhone']);
+});
+
+// ══════════════════════════════════════════════
+// PROTECTED — Require JWT + HMAC
+// ══════════════════════════════════════════════
+Route::prefix('v2')->middleware(['hmac.auth', 'jwt.auth'])->group(function () {
+
+    // ── Rides ──
+    Route::post('/rides', [RideController::class, 'store']);
+    Route::get('/rides', [RideController::class, 'index']);
+    Route::get('/rides/active', [RideController::class, 'active']);
+    Route::get('/rides/{id}', [RideController::class, 'show']);
+    Route::post('/rides/{id}/accept', [RideController::class, 'accept']);
+    Route::post('/rides/{id}/arrive', [RideController::class, 'arrive']);
+    Route::post('/rides/{id}/start', [RideController::class, 'start']);
+    Route::post('/rides/{id}/finish', [RideController::class, 'finish']);
+    Route::post('/rides/{id}/cancel/passenger', [RideController::class, 'cancelByPassenger']);
+    Route::post('/rides/{id}/cancel/driver', [RideController::class, 'cancelByDriver']);
+    Route::post('/rides/{id}/retry', [RideController::class, 'retrySearch']);
+    Route::put('/rides/{id}', [RideController::class, 'update']);
+
+    // ── Tracking ──
+    Route::get('/tracking/driver/{rideId}', [TrackingController::class, 'driverLocation']);
+    Route::get('/tracking/heatmap', [TrackingController::class, 'heatmap']);
+    Route::get('/tracking/captain-stats', [TrackingController::class, 'captainStats']);
+
+    // ── Profile ──
+    Route::get('/profile/passenger', [ProfileController::class, 'passenger']);
+    Route::get('/profile/driver', [ProfileController::class, 'driver']);
+    Route::put('/profile/passenger', [ProfileController::class, 'updatePassenger']);
+    Route::put('/profile/driver/email', [ProfileController::class, 'updateDriverEmail']);
+
+    // ── Wallet ──
+    Route::get('/wallet/passenger', [WalletController::class, 'index']);
+    Route::get('/wallet/passenger/balance', [WalletController::class, 'balance']);
+    Route::post('/wallet/passenger', [WalletController::class, 'addFunds']);
+    Route::put('/wallet/passenger', [WalletController::class, 'update']);
+    Route::get('/wallet/passenger/transactions', [WalletController::class, 'transactions']);
+    Route::post('/wallet/passenger/token', [WalletController::class, 'addToken']);
+
+    // ── Ratings ──
+    Route::post('/ratings/driver', [RatingController::class, 'rateDriver']);
+    Route::post('/ratings/passenger', [RatingController::class, 'ratePassenger']);
+    Route::post('/ratings/app', [RatingController::class, 'rateApp']);
+    Route::get('/ratings/driver/{id}', [RatingController::class, 'driverRating']);
+    Route::get('/ratings/passenger/{id}', [RatingController::class, 'passengerRating']);
+
+    // ── Promos ──
+    Route::get('/promos', [PromoController::class, 'index']);
+    Route::get('/promos/check', [PromoController::class, 'check']);
+    Route::post('/promos', [PromoController::class, 'store']);
+    Route::put('/promos/{id}', [PromoController::class, 'update']);
+    Route::delete('/promos/{id}', [PromoController::class, 'destroy']);
+
+    // ── Uploads ──
+    Route::post('/uploads/card-image', [UploadController::class, 'cardImage']);
+    Route::post('/uploads/profile-image', [UploadController::class, 'profileImage']);
+    Route::post('/uploads/document', [UploadController::class, 'document']);
+    Route::post('/uploads/id-front', [UploadController::class, 'idFront']);
+    Route::post('/uploads/id-back', [UploadController::class, 'idBack']);
+    Route::post('/uploads/audio', [UploadController::class, 'audio']);
+
+    // ── Places ──
+    Route::get('/places/search', [PlaceController::class, 'search']);
+    Route::post('/places', [PlaceController::class, 'store']);
+
+    // ── Notifications ──
+    Route::get('/notifications', [NotificationController::class, 'index']);
+    Route::put('/notifications/{id}/read', [NotificationController::class, 'markRead']);
+});
+
+// ══════════════════════════════════════════════
+// PUBLIC Tracking (special — uses hash auth like V1)
+// ══════════════════════════════════════════════
+Route::get('v2/tracking/public/{rideId}', [TrackingController::class, 'publicTrack']);
+
+// ══════════════════════════════════════════════
+// ADMIN ROUTES (require admin JWT)
+// ══════════════════════════════════════════════
+Route::prefix('v2/admin')->middleware(['hmac.auth', 'jwt.auth', 'admin'])->group(function () {
+    // Driver management
+    Route::get('/drivers', [Admin\DriverManagementController::class, 'index']);
+    Route::get('/drivers/search', [Admin\DriverManagementController::class, 'search']);
+    Route::post('/drivers/{id}/activate', [Admin\DriverManagementController::class, 'activate']);
+    Route::post('/drivers/{id}/deactivate', [Admin\DriverManagementController::class, 'deactivate']);
+    Route::post('/drivers/{id}/add-car', [Admin\DriverManagementController::class, 'addCar']);
+    Route::post('/drivers/{id}/notes', [Admin\DriverManagementController::class, 'addNote']);
+
+    // Passenger management
+    Route::get('/passengers', [Admin\PassengerManagementController::class, 'index']);
+    Route::get('/passengers/search', [Admin\PassengerManagementController::class, 'search']);
+
+    // Ride management
+    Route::get('/rides', [Admin\RideManagementController::class, 'index']);
+    Route::get('/rides/{id}', [Admin\RideManagementController::class, 'show']);
+
+    // Stats
+    Route::get('/stats/overview', [Admin\StatsController::class, 'overview']);
+    Route::get('/stats/rides', [Admin\StatsController::class, 'rides']);
+    Route::get('/stats/drivers-monthly', [Admin\StatsController::class, 'driversMonthly']);
+    Route::get('/stats/employees', [Admin\StatsController::class, 'employees']);
+});