161 lines
9.9 KiB
PHP

<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\Api\WorkerAuthController;
use App\Http\Controllers\Api\WorkerProfileController;
use App\Http\Controllers\Api\WorkerMessageController;
use App\Http\Controllers\Api\WorkerAnnouncementController;
use App\Http\Controllers\Api\EmployerAuthController;
use App\Http\Controllers\Api\EmployerMessageController;
use App\Http\Controllers\Api\EmployerAnnouncementController;
use App\Http\Controllers\Api\EmployerProfileController;
use App\Http\Controllers\Api\EmployerReviewController;
use App\Http\Controllers\Api\SponsorAuthController;
use App\Http\Controllers\Api\SponsorController;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your mobile app. These
| routes are loaded by bootstrap/app.php and are automatically prefixed
| with "api/" and assigned the stateless api middleware.
|
*/
// Handle CORS preflight requests for all API routes
Route::options('/{any}', function () {
return response('', 204);
})->where('any', '.*');
// Unprotected Worker Mobile Auth Endpoints
Route::get('/workers/config', [WorkerAuthController::class, 'config']);
Route::get('/workers/skills', [WorkerAuthController::class, 'skills']);
Route::get('/nationalities', [WorkerAuthController::class, 'nationalities']);
Route::get('/preferred-locations', [WorkerAuthController::class, 'preferredLocations']);
Route::get('/preferred-locations/areas', [WorkerAuthController::class, 'preferredLocationAreas']);
Route::get('/preferred-locations/{location}/areas', [WorkerAuthController::class, 'preferredLocationAreas']);
Route::get('/languages', [WorkerAuthController::class, 'languages']);
Route::post('/workers/send-otp', [WorkerAuthController::class, 'sendOtp']);
Route::post('/workers/verify-otp', [WorkerAuthController::class, 'verifyOtp']);
Route::post('/workers/setup-profile', [WorkerAuthController::class, 'setupProfile']);
Route::post('/workers/register', [WorkerAuthController::class, 'register']);
Route::post('/workers/login', [WorkerAuthController::class, 'login']);
// Unprotected Employer Mobile Auth Endpoints
Route::post('/employers/register', [EmployerAuthController::class, 'register']);
Route::post('/employers/verify', [EmployerAuthController::class, 'verify']);
Route::post('/employers/register/emirates-front', [EmployerAuthController::class, 'uploadEmiratesIdFront']);
Route::post('/employers/register/emirates-back', [EmployerAuthController::class, 'uploadEmiratesIdBack']);
Route::post('/employers/payment', [EmployerAuthController::class, 'payment']);
Route::post('/employers/password', [EmployerAuthController::class, 'password']);
Route::get('/employers/plans', [EmployerAuthController::class, 'plans']);
Route::post('/employers/login', [EmployerAuthController::class, 'login']);
Route::post('/employers/forgot-password', [EmployerAuthController::class, 'forgotPassword']);
Route::post('/employers/reset-password', [EmployerAuthController::class, 'resetPassword']);
// Sponsor Mobile Auth Endpoints (unprotected)
Route::post('/sponsors/register', [SponsorAuthController::class, 'register']);
Route::post('/sponsors/register/emirates-front', [SponsorAuthController::class, 'uploadEmiratesIdFront']);
Route::post('/sponsors/register/emirates-back', [SponsorAuthController::class, 'uploadEmiratesIdBack']);
Route::post('/sponsors/register/license', [SponsorAuthController::class, 'uploadLicense']);
Route::post('/sponsors/login', [EmployerAuthController::class, 'login']);
// Protected Worker Mobile Endpoints (Token Authenticated via Bearer Token)
Route::middleware(['auth.worker'])->group(function () {
// Profile Management
Route::get('/workers/profile', [WorkerProfileController::class, 'getProfile']);
Route::post('/workers/profile/update', [WorkerProfileController::class, 'updateProfile']);
Route::post('/workers/go-live', [WorkerProfileController::class, 'goLive']);
Route::post('/workers/profile/toggle-availability', [WorkerProfileController::class, 'toggleAvailability']);
Route::post('/workers/profile/mark-hired', [WorkerProfileController::class, 'markHired']);
Route::get('/workers/dashboard/views', [WorkerProfileController::class, 'getProfileViews']);
Route::get('/workers/dashboard', [WorkerProfileController::class, 'getDashboard']);
// Job Offers Management
Route::get('/workers/offers', [WorkerProfileController::class, 'getOffers']);
Route::post('/workers/offers/{id}/respond', [WorkerProfileController::class, 'respondToOffer']);
// Messaging Management
Route::get('/workers/conversations', [WorkerMessageController::class, 'getConversations']);
Route::get('/workers/conversations/{id}/messages', [WorkerMessageController::class, 'getMessages']);
Route::post('/workers/conversations/{id}/messages', [WorkerMessageController::class, 'sendMessage']);
// Announcement Management
Route::get('/workers/announcements', [WorkerAnnouncementController::class, 'getAnnouncements']);
Route::get('/workers/announcements/new', [WorkerAnnouncementController::class, 'getNewAnnouncements']);
Route::post('/workers/announcements/{id}/view', [WorkerAnnouncementController::class, 'markAnnouncementViewed']);
// Report Management
Route::post('/workers/report', [\App\Http\Controllers\Api\ReportController::class, 'reportFromWorker']);
Route::get('/workers/report-reasons', [\App\Http\Controllers\Api\ReportController::class, 'getReasonsForWorker']);
// Support Ticket Management (Worker)
Route::get('/workers/tickets', [\App\Http\Controllers\Api\SupportTicketController::class, 'getTicketsForWorker']);
Route::post('/workers/tickets', [\App\Http\Controllers\Api\SupportTicketController::class, 'createTicketFromWorker']);
Route::post('/workers/tickets/{id}/reply', [\App\Http\Controllers\Api\SupportTicketController::class, 'replyToTicketFromWorker']);
Route::get('/workers/tickets/{id}', [\App\Http\Controllers\Api\SupportTicketController::class, 'getTicketDetail']);
});
// Protected Employer Mobile Endpoints (Token Authenticated via Bearer Token)
Route::middleware(['auth.employer'])->group(function () {
// Profile & Dashboard Management
Route::get('/employers/profile', [EmployerProfileController::class, 'getProfile']);
Route::post('/employers/profile/update', [EmployerProfileController::class, 'updateProfile']);
Route::get('/employers/dashboard', [EmployerProfileController::class, 'getDashboard']);
// Messaging Management
Route::get('/employers/conversations', [EmployerMessageController::class, 'getConversations']);
Route::get('/employers/conversations/{id}/messages', [EmployerMessageController::class, 'getMessages']);
Route::post('/employers/conversations/{id}/messages', [EmployerMessageController::class, 'sendMessage']);
Route::post('/employers/conversations/start', [EmployerMessageController::class, 'startConversation']);
// Announcement Management
Route::get('/employers/announcements', [EmployerAnnouncementController::class, 'getAnnouncements']);
Route::post('/employers/announcements', [EmployerAnnouncementController::class, 'createAnnouncement']);
Route::delete('/employers/announcements/{id}', [EmployerAnnouncementController::class, 'deleteAnnouncement']);
// Worker and Candidate Pipeline Management
Route::get('/employers/workers', [\App\Http\Controllers\Api\EmployerWorkerController::class, 'getWorkers']);
Route::get('/employers/workers/{id}', [\App\Http\Controllers\Api\EmployerWorkerController::class, 'getWorkerDetail']);
Route::get('/employers/candidates', [\App\Http\Controllers\Api\EmployerWorkerController::class, 'getCandidates']);
Route::post('/employers/candidates/{id}/hire', [\App\Http\Controllers\Api\EmployerWorkerController::class, 'hireCandidate']);
Route::post('/employers/candidates/hire', [\App\Http\Controllers\Api\EmployerWorkerController::class, 'hireCandidate']);
// Shortlist Management
Route::get('/employers/shortlist', [\App\Http\Controllers\Api\EmployerWorkerController::class, 'getShortlist']);
Route::post('/employers/shortlist', [\App\Http\Controllers\Api\EmployerWorkerController::class, 'toggleShortlist']);
// Payment History Management
Route::get('/employers/payments', [\App\Http\Controllers\Api\EmployerPaymentController::class, 'getPayments']);
// Review Management
Route::get('/employers/reviews', [EmployerReviewController::class, 'getReviews']);
Route::post('/employers/reviews', [EmployerReviewController::class, 'addReview']);
Route::put('/employers/reviews/{id}', [EmployerReviewController::class, 'editReview']);
// Report Management
Route::post('/employers/report', [\App\Http\Controllers\Api\ReportController::class, 'reportFromEmployer']);
Route::get('/employers/report-reasons', [\App\Http\Controllers\Api\ReportController::class, 'getReasonsForEmployer']);
// Support Ticket Management (Employer)
Route::get('/employers/tickets', [\App\Http\Controllers\Api\SupportTicketController::class, 'getTicketsForEmployer']);
Route::post('/employers/tickets', [\App\Http\Controllers\Api\SupportTicketController::class, 'createTicketFromEmployer']);
Route::post('/employers/tickets/{id}/reply', [\App\Http\Controllers\Api\SupportTicketController::class, 'replyToTicketFromEmployer']);
Route::get('/employers/tickets/{id}', [\App\Http\Controllers\Api\SupportTicketController::class, 'getTicketDetail']);
});
// Protected Sponsor Mobile Endpoints (Token Authenticated via Bearer Token)
// Sponsors can ONLY access: dashboard and charity events. No payments, no worker browsing.
Route::middleware(['auth.sponsor'])->group(function () {
Route::get('/sponsors/profile', [SponsorController::class, 'getProfile']);
Route::get('/sponsors/dashboard', [SponsorController::class, 'getDashboard']);
Route::get('/sponsors/charity-events', [SponsorController::class, 'getCharityEvents']);
Route::post('/sponsors/charity-events', [SponsorController::class, 'postCharityEvent']);
});