Move generic ApiRoutes to a whitelisted routeprovider file
This commit is contained in:
Nico Stapelbroek
@@ -15,8 +15,9 @@ use Barryvdh\Cors\HandleCors;
|
||||
use CachetHQ\Cachet\Http\Middleware\Acceptable;
|
||||
use CachetHQ\Cachet\Http\Middleware\Authenticate;
|
||||
use CachetHQ\Cachet\Http\Middleware\Timezone;
|
||||
use CachetHQ\Cachet\Http\Routes\ApiSystemRoutes;
|
||||
use CachetHQ\Cachet\Http\Routes\AuthRoutes;
|
||||
use CachetHQ\Cachet\Http\Routes\Setup\ApiRoutes;
|
||||
use CachetHQ\Cachet\Http\Routes\Setup\ApiRoutes as ApiSetupRoutes;
|
||||
use CachetHQ\Cachet\Http\Routes\SetupRoutes;
|
||||
use Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse;
|
||||
use Illuminate\Cookie\Middleware\EncryptCookies;
|
||||
@@ -52,7 +53,12 @@ class RouteServiceProvider extends ServiceProvider
|
||||
*
|
||||
* @var string[]
|
||||
*/
|
||||
protected $whitelistedAuthRoutes = [AuthRoutes::class, SetupRoutes::class, ApiRoutes::class];
|
||||
protected $whitelistedAuthRoutes = [
|
||||
AuthRoutes::class,
|
||||
SetupRoutes::class,
|
||||
ApiSystemRoutes::class,
|
||||
ApiSetupRoutes::class
|
||||
];
|
||||
|
||||
/**
|
||||
* Define the route model bindings, pattern filters, etc.
|
||||
|
||||
@@ -41,10 +41,6 @@ class ApiRoutes
|
||||
'prefix' => 'api/v1',
|
||||
], function (Registrar $router) {
|
||||
$router->group(['middleware' => ['auth.api']], function (Registrar $router) {
|
||||
$router->get('ping', 'GeneralController@ping');
|
||||
$router->get('version', 'GeneralController@version');
|
||||
$router->get('status', 'GeneralController@status');
|
||||
|
||||
$router->get('components', 'ComponentController@index');
|
||||
$router->get('components/groups', 'ComponentGroupController@index');
|
||||
$router->get('components/groups/{component_group}', 'ComponentGroupController@show');
|
||||
|
||||
50
app/Http/Routes/ApiSystemRoutes.php
Normal file
50
app/Http/Routes/ApiSystemRoutes.php
Normal file
@@ -0,0 +1,50 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of Cachet.
|
||||
*
|
||||
* (c) Alt Three Services Limited
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace CachetHQ\Cachet\Http\Routes;
|
||||
|
||||
use Illuminate\Contracts\Routing\Registrar;
|
||||
|
||||
/**
|
||||
* This is the api routes class.
|
||||
*
|
||||
* @author James Brooks <james@alt-three.com>
|
||||
*/
|
||||
class ApiSystemRoutes
|
||||
{
|
||||
/**
|
||||
* Defines if these routes are for the browser.
|
||||
*
|
||||
* @var bool
|
||||
*/
|
||||
public static $browser = false;
|
||||
|
||||
/**
|
||||
* Define the api routes for the system status, ping and version.
|
||||
*
|
||||
* @param \Illuminate\Contracts\Routing\Registrar $router
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function map(Registrar $router)
|
||||
{
|
||||
$router->group([
|
||||
'namespace' => 'Api',
|
||||
'prefix' => 'api/v1',
|
||||
], function (Registrar $router) {
|
||||
$router->group(['middleware' => ['auth.api']], function (Registrar $router) {
|
||||
$router->get('ping', 'GeneralController@ping');
|
||||
$router->get('version', 'GeneralController@version');
|
||||
$router->get('status', 'GeneralController@status');
|
||||
});
|
||||
});
|
||||
}
|
||||
}
|
||||
@@ -16,9 +16,6 @@ $(function () {
|
||||
beforeSend: function (xhr) {
|
||||
xhr.setRequestHeader('Accept', 'application/json');
|
||||
// xhr.setRequestHeader('Content-Type', 'application/json; charset=utf-8');
|
||||
if (typeof window.apiKey !== 'undefined') {
|
||||
xhr.setRequestHeader('X-Cachet-Token', window.apiKey);
|
||||
}
|
||||
},
|
||||
statusCode: {
|
||||
401: function () {
|
||||
|
||||
@@ -62,7 +62,4 @@
|
||||
</body>
|
||||
@yield('js')
|
||||
<script src="{{ mix('dist/js/all.js') }}"></script>
|
||||
<script type="text/javascript">
|
||||
window.apiKey = "{{ auth()->user()->api_key }}";
|
||||
</script>
|
||||
</html>
|
||||
|
||||
Reference in New Issue
Block a user