gitmedia/presseportale
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
presseportale/routes/auth.php
Kevin Adametz 068a5a4b49 WS-6: Google-Login via Laravel Socialite 
- Socialite installiert; oauth_provider/oauth_provider_id an users (Migration).
- GoogleController (redirect/callback) + SocialAuthService: De-Dup über E-Mail,
  neuer User aktiv + verifiziert + customer (Verifizierung über den Google-
  Kanal), offener Selbst-Registrierer wird onboardet, deaktivierter Account wird
  NICHT reaktiviert. Abschluss über die gemeinsame LoginRedirect-Logik
  (rollengerecht, 403-sicher).
- Routen /auth/google/redirect + /auth/google/callback (guest), "Mit Google
  anmelden/registrieren"-Buttons auf Login und Register.
- config/services.php google + .env.example-Keys; Sicherheits-/Deployment-Doku
  ergänzt (Keys, Redirect-URI, Migration).

Tests: neuer User, De-Dup bestehender User, deaktivierter Account blockiert,
unverifizierter Registrierer onboardet, fehlgeschlagener Callback.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-06-16 10:39:19 +00:00

82 lines
3.3 KiB
PHP
Raw Blame History

<?php
use App\Http\Controllers\Auth\GoogleController;
use App\Http\Controllers\Auth\MagicLinkConsumeController;
use App\Http\Controllers\Auth\VerifyEmailController;
use Illuminate\Support\Facades\Route;
use Laravel\Fortify\Http\Controllers\AuthenticatedSessionController;
use Livewire\Volt\Volt;
// Fortify-Routen für Authentifizierung mit Livewire
Route::group(['middleware' => config('fortify.middleware', ['web'])], function () {
// Login mit Livewire
Volt::route('/login', 'auth.login')
->middleware(['guest:'.config('fortify.guard')])
->name('login');
Route::get('/magic-login/{token}', MagicLinkConsumeController::class)
->middleware(['guest:'.config('fortify.guard')])
->name('magic-links.consume');
// Magic-Link-Zugang für Pressekontakte ohne Account (WS-2)
Volt::route('/pressekontakt-zugang', 'auth.contact-access')
->middleware(['guest:'.config('fortify.guard')])
->name('contact-access.request');
// Google-Login (WS-6)
Route::get('/auth/google/redirect', [GoogleController::class, 'redirect'])
->middleware(['guest:'.config('fortify.guard')])
->name('oauth.google.redirect');
Route::get('/auth/google/callback', [GoogleController::class, 'callback'])
->middleware(['guest:'.config('fortify.guard')])
->name('oauth.google.callback');
// Registrierung mit Livewire
Volt::route('/register', 'auth.register')
->middleware(['guest:'.config('fortify.guard')])
->name('register');
// Passwort vergessen mit Livewire
Volt::route('/forgot-password', 'auth.forgot-password')
->middleware(['guest:'.config('fortify.guard')])
->name('password.request');
// Passwort zurücksetzen mit Livewire
Volt::route('/reset-password/{token}', 'auth.reset-password')
->middleware(['guest:'.config('fortify.guard')])
->name('password.reset');
// E-Mail-Verifizierung: Notice-/Danke-Seite (Volt)
Volt::route('/verify-email', 'auth.verify-email')
->middleware(['auth:'.config('fortify.guard')])
->name('verification.notice');
// Signierter Bestätigungslink aus der Verifizierungsmail
Route::get('/verify-email/{id}/{hash}', VerifyEmailController::class)
->middleware(['auth:'.config('fortify.guard'), 'signed', 'throttle:6,1'])
->name('verification.verify');
// Bestätigungsmail erneut anfordern
Route::post('/email/verification-notification', function () {
request()->user()->sendEmailVerificationNotification();
return back()->with('status', 'verification-link-sent');
})->middleware(['auth:'.config('fortify.guard'), 'throttle:6,1'])
->name('verification.send');
// 2FA-Challenge-Seite (Volt-Frontend für Fortifys two-factor-challenge);
// der eigentliche POST geht an Fortifys Controller.
Volt::route('/two-factor-challenge', 'auth.two-factor-challenge')
->middleware(['guest:'.config('fortify.guard')])
->name('two-factor.challenge');
// Passwort bestätigen mit Livewire
Volt::route('/confirm-password', 'auth.confirm-password')
->middleware(['auth:'.config('fortify.guard')])
->name('password.confirm');
// Logout-Route
Route::post('/logout', [AuthenticatedSessionController::class, 'destroy'])
->name('logout1');
});
Reference in a new issue View git blame Copy permalink