Hamza/intaleq_v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Security hardening: fixed 13 vulnerabilities, added AI-powered SupportController (Gemini), and stabilized Flutter Complaint logic

Browse Source
This commit is contained in:
Hamza-Ayed
2026-04-24 22:55:56 +03:00
parent cc85fe1815
commit 540c5cc7ab
11 changed files with 292 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
routes/api.php
View File

@@ -29,6 +29,7 @@ use App\Http\Controllers\NotificationController;
use App\Http\Controllers\MiscController;
use App\Http\Controllers\InviteController;
use App\Http\Controllers\DriverDocController;
use App\Http\Controllers\SupportController;
/*
|--------------------------------------------------------------------------
@@ -68,9 +69,6 @@ Route::prefix('v2/auth')->group(function () {
// Admin Error Logging (public — accepts error reports from Flutter apps)
Route::post('v2/admin/errors', [MiscController::class, 'logClientError']);
Route::post('v2/notifications/token', [NotificationController::class, 'updateToken']);
Route::get('v2/notifications/token', [NotificationController::class, 'getToken']);
// OTP (public, but rate-limited)
Route::prefix('v2/otp')->middleware('throttle:10,1')->group(function () {
Route::post('/send', [OtpController::class, 'send']);
@@ -150,6 +148,7 @@ Route::prefix('v2')->middleware(['hmac.auth', 'jwt.auth'])->group(function () {
Route::get('/notifications', [NotificationController::class, 'index']);
Route::post('/notifications/update', [NotificationController::class, 'updateNotification']);
Route::get('/notifications/token', [NotificationController::class, 'getToken']);
Route::post('/notifications/token', [NotificationController::class, 'updateToken']);
Route::put('/notifications/{id}/read', [NotificationController::class, 'markRead']);
// ── Misc ──
@@ -173,6 +172,9 @@ Route::prefix('v2')->middleware(['hmac.auth', 'jwt.auth'])->group(function () {
Route::get('/driver/registration-car', [DriverDocController::class, 'getCarReg']);
Route::post('/driver/registration-car', [DriverDocController::class, 'storeCarReg']);
Route::post('/driver/scams', [DriverDocController::class, 'reportScam']);
// ── Support ──
Route::post('/support/complaints', [SupportController::class, 'storeComplaint']);
});
// ══════════════════════════════════════════════