117 lines
3.8 KiB
PHP
117 lines
3.8 KiB
PHP
<?php
|
|
|
|
use Inertia\Inertia;
|
|
use Illuminate\Http\Request;
|
|
use Illuminate\Support\Facades\Route;
|
|
use Illuminate\Support\Facades\Artisan;
|
|
use Illuminate\Support\Facades\Log;
|
|
use Illuminate\Support\Facades\Cache;
|
|
use App\Http\Controllers\InvoiceController;
|
|
use App\Http\Controllers\CustomerController;
|
|
use App\Http\Controllers\ProductController;
|
|
|
|
Route::middleware('auth')->group(function () {
|
|
|
|
// Dashboard
|
|
Route::get('/', function () {
|
|
return Inertia::render('Dashboard');
|
|
})->name('home');
|
|
|
|
Route::get('dashboard', function () {
|
|
return Inertia::render('Dashboard');
|
|
})->name('dashboard');
|
|
|
|
// CRM
|
|
Route::get('crm', function () {
|
|
return Inertia::render('CRM');
|
|
})->name('crm');
|
|
|
|
// Offers
|
|
Route::get('offers', function () {
|
|
return Inertia::render('Offers');
|
|
})->name('offers');
|
|
|
|
// Customers
|
|
Route::get('customers', [CustomerController::class, 'show'])->name('customers');
|
|
|
|
// Leads
|
|
Route::get('leads', function () {
|
|
return Inertia::render('Leads');
|
|
})->name('leads');
|
|
|
|
// Achievements
|
|
Route::get('achievements', function () {
|
|
return Inertia::render('Achievements');
|
|
})->name('achievements');
|
|
|
|
// Invoices
|
|
Route::get('invoices', [InvoiceController::class, 'show'])->name('invoices');
|
|
Route::get('invoices?action=new', [InvoiceController::class, 'show'])->name('newInvoice');
|
|
Route::get('invoice/{id}', [InvoiceController::class, 'preview'])->name('invoicePreview');
|
|
Route::get('invoice/{id}/pdf', [InvoiceController::class, 'exportPdf'])->name('invoiceExportPdf');
|
|
Route::get('invoice/{id}/xml', [InvoiceController::class, 'exportXml'])->name('invoiceExportXml');
|
|
|
|
// Products
|
|
Route::get('products', [ProductController::class, 'show'])->name('products');
|
|
|
|
|
|
|
|
Route::get('timesheets', function () {
|
|
return Inertia::render('Timesheets');
|
|
})->name('timesheets');
|
|
|
|
// Procedural Documentation
|
|
Route::get('proceduralDocumentation', function () {
|
|
return Inertia::render('ProceduralDocumentation');
|
|
})->name('proceduralDocumentation');
|
|
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Web cron route
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Example: GET /webcron?token=SECRET or set header X-WEBCron-Token: SECRET
|
|
| Configure secret in .env as WEBCRON_SECRET (optional). If no secret is set,
|
|
| the route is open (not recommended in production).
|
|
|
|
|
*/
|
|
Route::get('/webcron', function (Request $request) {
|
|
// only allow if scheduling method is webcron
|
|
$method = \App\Models\Setting::where('key', 'app.schedule_method')->value('value') ?? 'internal';
|
|
if ($method !== 'webcron') {
|
|
return response('Not Found', 404);
|
|
}
|
|
|
|
$secret = env('WEBCRON_SECRET', null);
|
|
|
|
// basic token protection
|
|
if ($secret) {
|
|
$token = $request->query('token') ?? $request->header('X-WEBCron-Token');
|
|
if (!$token || !hash_equals((string)$secret, (string)$token)) {
|
|
return response('Forbidden', 403);
|
|
}
|
|
}
|
|
|
|
// quick throttle to avoid abuse (server-side)
|
|
$cacheKey = 'caramel_webcron_last_run';
|
|
if (\Illuminate\Support\Facades\Cache::has($cacheKey)) {
|
|
return response('Throttled', 429);
|
|
}
|
|
Cache::put($cacheKey, true, 55);
|
|
|
|
try {
|
|
Log::info('Triggering scheduler via /webcron route');
|
|
Artisan::call('schedule:run');
|
|
return response('OK', 200);
|
|
} catch (\Throwable $e) {
|
|
Log::error('Error running scheduler: ' . $e->getMessage());
|
|
return response('Error', 500);
|
|
}
|
|
});
|
|
});
|
|
|
|
|
|
require __DIR__ . '/settings.php';
|
|
require __DIR__ . '/auth.php';
|