aider create cursor fix 2

This commit is contained in:
Jethro Lin (aider) 2024-11-13 12:54:07 +08:00 committed by Jethro Lin
parent aef45866fb
commit c5dbe05383
92 changed files with 12038 additions and 319 deletions

57
.cursorrules Normal file
View file

@ -0,0 +1,57 @@
You are a highly skilled Laravel package developer tasked with creating a new package.
Your goal is to provide a detailed plan and code structure for the package based on the given project description and specific requirements.
1. Development Guidelines:  
- Use PHP 8.2+ features where appropriate  
- Follow Laravel conventions and best practices  
- Utilize the spatie/laravel-package-tools boilerplate as a starting point  
- Implement a default Pint configuration for code styling  
- Prefer using helpers over facades when possible  
- Focus on creating code that provides excellent developer experience (DX), better autocompletion,type safety, and comprehensive docblocks2.
Coding Standards and Conventions:  
- File names: Use kebab-case (e.g., my-class-file.php)  
- Class and Enum names: Use PascalCase (e.g., MyClass)  
- Method names: Use camelCase (e.g., myMethod)  
- Variable and Properties names: Use snake_case (e.g., my_variable)  
- Constants and Enum Cases names: Use SCREAMING_SNAKE_CASE (e.g., MY_CONSTANT)
Package Structure and File Organization:  
- Outline the directory structure for the package  
- Describe the purpose of each main directory and key files  
- Explain how the package will be integrated into a Laravel application
Testing and Documentation:  
- Provide an overview of the testing strategy (e.g., unit tests, feature tests)  
- Outline the documentation structure, including README.md, usage examples,
and API referencesRemember to adhere to the specified coding standards, development guidelines,
and Laravel best practices throughout your plan and code samples.
Ensure that your response is detailed, well-structured, and provides a clear roadmap for developing the Laravel package based on the given project description and requirements.
## 開發規範
1. **API 設計**
- 遵循 RESTful 原則,使用標準的 HTTP 方法GET、POST、PUT、DELETE
- 路由應清晰且語義化,例如:`/api/v1/users`、`/api/v1/products`。
2. **驗證機制**
- 所有受保護的路由必須在請求頭中包含有效的 `Authorization: Bearer <token>`。
- 在伺服器端驗證 Token 的有效性和完整性,並處理過期或無效的 Token。
3. **錯誤處理**
- 返回一致的錯誤響應格式,包含 `status`、`message` 和 `error` 詳細資訊。
- 對於未經授權的請求,返回 HTTP 狀態碼 `401 Unauthorized`。
- 對於無效的路由,返回 HTTP 狀態碼 `404 Not Found`。
4. **代碼風格**
- 使用PHP8 語法,保持代碼簡潔和可讀性。
- 變數和函數命名使用駝峰式命名法camelCase
- 每個模組應只負責單一功能遵循單一職責原則SRP
5. **資料庫操作**
- 使用 MYSQL 作為 MYSQL 的 ODM。
- 定義清晰的 Schema並使用驗證中間件確保資料完整性。
- 在進行資料庫操作時,處理可能的異常情況,並返回適當的錯誤訊息。
- 在開發過程中,遵循上述規範,確保代碼品質和專案一致性。

18
.editorconfig Normal file
View file

@ -0,0 +1,18 @@
root = true
[*]
charset = utf-8
end_of_line = lf
indent_size = 4
indent_style = space
insert_final_newline = true
trim_trailing_whitespace = true
[*.md]
trim_trailing_whitespace = false
[*.{yml,yaml}]
indent_size = 2
[docker-compose.yml]
indent_size = 4

66
.env.example Normal file
View file

@ -0,0 +1,66 @@
APP_NAME=Laravel
APP_ENV=local
APP_KEY=
APP_DEBUG=true
APP_TIMEZONE=UTC
APP_URL=http://localhost
APP_LOCALE=en
APP_FALLBACK_LOCALE=en
APP_FAKER_LOCALE=en_US
APP_MAINTENANCE_DRIVER=file
# APP_MAINTENANCE_STORE=database
PHP_CLI_SERVER_WORKERS=4
BCRYPT_ROUNDS=12
LOG_CHANNEL=stack
LOG_STACK=single
LOG_DEPRECATIONS_CHANNEL=null
LOG_LEVEL=debug
DB_CONNECTION=sqlite
# DB_HOST=127.0.0.1
# DB_PORT=3306
# DB_DATABASE=laravel
# DB_USERNAME=root
# DB_PASSWORD=
SESSION_DRIVER=database
SESSION_LIFETIME=120
SESSION_ENCRYPT=false
SESSION_PATH=/
SESSION_DOMAIN=null
BROADCAST_CONNECTION=log
FILESYSTEM_DISK=local
QUEUE_CONNECTION=database
CACHE_STORE=database
CACHE_PREFIX=
MEMCACHED_HOST=127.0.0.1
REDIS_CLIENT=phpredis
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
MAIL_MAILER=log
MAIL_HOST=127.0.0.1
MAIL_PORT=2525
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_ENCRYPTION=null
MAIL_FROM_ADDRESS="hello@example.com"
MAIL_FROM_NAME="${APP_NAME}"
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_DEFAULT_REGION=us-east-1
AWS_BUCKET=
AWS_USE_PATH_STYLE_ENDPOINT=false
VITE_APP_NAME="${APP_NAME}"

11
.gitattributes vendored Normal file
View file

@ -0,0 +1,11 @@
* text=auto eol=lf
*.blade.php diff=html
*.css diff=css
*.html diff=html
*.md diff=markdown
*.php diff=php
/.github export-ignore
CHANGELOG.md export-ignore
.styleci.yml export-ignore

View file

@ -1,20 +0,0 @@
<?php
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\Api\FrontendController;
use App\Http\Controllers\Api\BackendController;
use App\Http\Controllers\Admin\UserManagementController;
Route::middleware('auth:sanctum')->group(function () {
Route::get('/frontend', [FrontendController::class, 'index']);
Route::post('/frontend', [FrontendController::class, 'store']);
Route::get('/backend', [BackendController::class, 'index']);
Route::post('/backend', [BackendController::class, 'store']);
});
Route::middleware(['auth:sanctum', 'role:member'])->group(function () {
Route::get('/admin/users', [UserManagementController::class, 'index']);
Route::post('/admin/users/{user}/activate', [UserManagementController::class, 'activate']);
Route::post('/admin/users/{user}/deactivate', [UserManagementController::class, 'deactivate']);
});

View file

@ -1,18 +0,0 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class CheckUserActive
{
public function handle(Request $request, Closure $next)
{
if (!$request->user()->is_active) {
return redirect('/inactive');
}
return $next($request);
}
}

View file

@ -1,32 +0,0 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Models\User;
class UserManagementController extends Controller
{
public function index()
{
$users = User::all();
return view('admin.users.index', compact('users'));
}
public function activate(User $user)
{
$user->is_active = true;
$user->save();
return redirect()->route('admin.users.index');
}
public function deactivate(User $user)
{
$user->is_active = false;
$user->save();
return redirect()->route('admin.users.index');
}
}

View file

@ -1,15 +0,0 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
class Role extends Model
{
protected $fillable = ['name', 'permissions'];
public function users()
{
return $this->belongsToMany(User::class);
}
}

View file

@ -1,22 +0,0 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class StoreUserRequest extends FormRequest
{
public function authorize()
{
return true;
}
public function rules()
{
return [
'name' => 'required|string|max:255',
'email' => 'required|string|email|max:255|unique:users',
'password' => 'required|string|min:8|confirmed',
];
}
}

View file

@ -1,25 +0,0 @@
<?php
namespace Tests\Feature;
use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
use App\Models\User;
class UserManagementTest extends TestCase
{
use RefreshDatabase;
public function test_user_can_be_created()
{
$response = $this->post('/register', [
'name' => 'Test User',
'email' => 'test@example.com',
'password' => 'password',
'password_confirmation' => 'password',
]);
$response->assertRedirect('/home');
$this->assertCount(1, User::all());
}
}

View file

@ -1,72 +0,0 @@
# API Documentation
## Authentication
### POST /api/login
- **Description**: Authenticate a user and generate a token.
- **Request Body**: JSON object with `email` and `password`.
- **Response**: JSON object with the generated token.
### POST /api/logout
- **Description**: Logout the user and revoke the token.
- **Response**: JSON object with a success message.
### Obtaining an Admin Token
- **Description**: To obtain a token for an admin user, follow these steps:
1. **Ensure the Admin User Exists**: Make sure there is an admin user in the database. If not, create one using the following command:
```bash
php artisan tinker
$user = new App\Models\User;
$user->name = 'Admin User';
$user->email = 'admin@example.com';
$user->password = bcrypt('password');
$user->role = 'admin';
$user->save();
exit
```
2. **Authenticate the Admin User**: Use the `/api/login` endpoint to authenticate the admin user and obtain the token. Send a POST request with the admin user's credentials:
```bash
curl -X POST http://your-app-url/api/login -H "Content-Type: application/json" -d '{"email":"admin@example.com","password":"password"}'
```
3. **Response**: The response will include a JSON object with the generated token:
```json
{
"token": "your-generated-token"
}
```
## Admin Management
### GET /api/admin/users
- **Description**: Get a list of users (restricted to member users).
- **Response**: JSON object with a list of users.
### POST /api/admin/users/{user}/activate
- **Description**: Activate a user (restricted to member users).
- **Response**: JSON object with a success message.
### POST /api/admin/users/{user}/deactivate
- **Description**: Deactivate a user (restricted to member users).
- **Response**: JSON object with a success message.
## Frontend API
### GET /api/frontend
- **Description**: Get frontend data.
- **Response**: JSON object with a message.
### POST /api/frontend
- **Description**: Store frontend data.
- **Request Body**: JSON object with required fields.
- **Response**: JSON object with a success message.
## Backend API
### GET /api/backend
- **Description**: Get backend data.
- **Response**: JSON object with a message.
### POST /api/backend
- **Description**: Store backend data.
- **Request Body**: JSON object with required fields.
- **Response**: JSON object with a success message.

View file

@ -1,19 +0,0 @@
<?php
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class FrontendController extends Controller
{
public function index()
{
return response()->json(['message' => 'Frontend API']);
}
public function store(Request $request)
{
// Handle store request
}
}

View file

@ -1,19 +0,0 @@
<?php
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class BackendController extends Controller
{
public function index()
{
return response()->json(['message' => 'Backend API']);
}
public function store(Request $request)
{
// Handle store request
}
}

View file

@ -1,15 +0,0 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class CustomMiddleware
{
public function handle(Request $request, Closure $next)
{
// Custom middleware logic
return $next($request);
}
}

View file

@ -1 +0,0 @@
OPENAI_API_KEY=your-openai-api-key

View file

@ -1,24 +0,0 @@
<?php
namespace App\Services;
use OpenAI\Client;
class OpenAIService
{
protected $client;
public function __construct(Client $client)
{
$this->client = $client;
}
public function sendPrompt($prompt)
{
return $this->client->completions()->create([
'model' => 'text-davinci-003',
'prompt' => $prompt,
'max_tokens' => 150,
]);
}
}

View file

@ -1,9 +0,0 @@
$(document).ready(function() {
$.ajax({
url: '/api/frontend',
method: 'GET',
success: function(response) {
console.log(response);
}
});
});

View file

@ -1,26 +0,0 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Models\ApiConfig;
class ApiConfigController extends Controller
{
public function index()
{
$configs = ApiConfig::all();
return view('admin.api_config.index', compact('configs'));
}
public function store(Request $request)
{
$config = new ApiConfig();
$config->name = $request->name;
$config->value = $request->value;
$config->save();
return redirect()->route('admin.api_config.index');
}
}

View file

@ -0,0 +1,100 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Models\ApiProvider;
use Illuminate\Support\Facades\Validator;
class ApiConfigController extends Controller
{
/**
* Display a listing of API providers
*/
public function index(Request $request)
{
$query = ApiProvider::query();
if ($request->has('active')) {
$query->where('active', $request->boolean('active'));
}
return response()->json([
'data' => $query->get()
]);
}
/**
* Store a newly created API provider
*/
public function store(Request $request)
{
$validator = Validator::make($request->all(), [
'provider_id' => 'required|string|unique:api_providers',
'name' => 'required|string',
'api_key' => 'required|string',
'endpoint' => 'required|url'
]);
if ($validator->fails()) {
return response()->json([
'error' => 'Validation failed.',
'details' => $validator->errors()
], 400);
}
$provider = ApiProvider::create($request->all());
return response()->json([
'message' => 'API provider has been successfully added.',
'provider_id' => $provider->provider_id
], 201);
}
/**
* Remove the specified API provider
*/
public function destroy(string $provider_id)
{
$provider = ApiProvider::where('provider_id', $provider_id)->first();
if (!$provider) {
return response()->json([
'error' => 'API provider not found.'
], 404);
}
$provider->delete();
return response()->json([
'message' => 'API provider has been successfully removed.'
]);
}
/**
* Activate the specified API provider
*/
public function activate(string $provider_id)
{
$provider = ApiProvider::where('provider_id', $provider_id)->first();
if (!$provider) {
return response()->json([
'error' => '未找到 API 提供者。'
], 404);
}
// 將其他提供者設為非活躍
ApiProvider::where('provider_id', '!=', $provider_id)
->update(['active' => false]);
// 設定當前提供者為活躍
$provider->active = true;
$provider->save();
return response()->json([
'message' => sprintf("API 提供者 '%s' 現已成為活躍狀態。", $provider->name)
]);
}
}

View file

@ -0,0 +1,65 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class UserManagementController extends Controller
{
/**
* Display a listing of the resource.
*/
public function index()
{
//
}
/**
* Show the form for creating a new resource.
*/
public function create()
{
//
}
/**
* Store a newly created resource in storage.
*/
public function store(Request $request)
{
//
}
/**
* Display the specified resource.
*/
public function show(string $id)
{
//
}
/**
* Show the form for editing the specified resource.
*/
public function edit(string $id)
{
//
}
/**
* Update the specified resource in storage.
*/
public function update(Request $request, string $id)
{
//
}
/**
* Remove the specified resource from storage.
*/
public function destroy(string $id)
{
//
}
}

View file

@ -0,0 +1,71 @@
<?php
namespace App\Http\Controllers\Api\Admin;
use App\Http\Controllers\Controller;
use App\Http\Requests\ApiProviderRequest;
use App\Models\ApiProvider;
use Illuminate\Http\JsonResponse;
use App\Services\ApiResponseService;
class ApiConfigController extends Controller
{
/**
* 列出所有 API 提供者
*/
public function index(): JsonResponse
{
$providers = ApiProvider::select(['provider_id', 'name', 'endpoint', 'active'])
->get();
return ApiResponseService::success(['providers' => $providers]);
}
/**
* 新增 API 提供者
*/
public function store(ApiProviderRequest $request): JsonResponse
{
$provider = ApiProvider::create($request->validated());
return ApiResponseService::success(
[
'provider' => [
'provider_id' => $provider->provider_id,
'name' => $provider->name,
'endpoint' => $provider->endpoint,
'active' => $provider->active
]
],
'API 提供者新增成功',
201
);
}
/**
* 刪除指定的 API 提供者
*/
public function destroy(string $provider_id): JsonResponse
{
$provider = ApiProvider::findOrFail($provider_id);
$provider->delete();
return response()->json([
'message' => 'API 提供者已成功刪除'
]);
}
/**
* 設定指定的 API 提供者為活躍狀態
*/
public function activate(string $provider_id): JsonResponse
{
$provider = ApiProvider::findOrFail($provider_id);
$provider->active = true;
$provider->save();
return response()->json([
'message' => 'API 提供者已成功設定為活躍狀態'
]);
}
}

View file

@ -1,3 +1,5 @@
<?php
namespace App\Http\Middleware; namespace App\Http\Middleware;
use Closure; use Closure;

View file

@ -0,0 +1,45 @@
<?php
namespace App\Http\Controllers\Api\Frontend;
use App\Http\Controllers\Controller;
use App\Http\Requests\LoginRequest;
use App\Models\User;
use Illuminate\Http\JsonResponse;
use Illuminate\Support\Facades\Hash;
class LoginController extends Controller
{
public function login(LoginRequest $request): JsonResponse
{
$user = User::where('email', $request->email)->first();
if (!$user || !Hash::check($request->password, $user->password)) {
return response()->json([
'error' => '無效的憑證或帳戶未激活。'
], 401);
}
if ($user->status !== User::STATUS_ACTIVE) {
return response()->json([
'error' => '帳戶尚未激活。'
], 401);
}
$token = $user->createToken('auth_token')->plainTextToken;
return response()->json([
'token' => $token,
'expires_in' => config('sanctum.expiration') * 60 // 轉換為秒
]);
}
public function logout(): JsonResponse
{
auth()->user()->currentAccessToken()->delete();
return response()->json([
'message' => '已成功登出。'
]);
}
}

View file

@ -0,0 +1,47 @@
<?php
namespace App\Http\Controllers\Api\Frontend;
use App\Http\Controllers\Controller;
use App\Http\Requests\SendPromptRequest;
use App\Services\AiProviderService;
use Illuminate\Http\JsonResponse;
class PromptController extends Controller
{
private AiProviderService $ai_provider_service;
public function __construct(AiProviderService $ai_provider_service)
{
$this->ai_provider_service = $ai_provider_service;
}
/**
* 處理並發送提示到活躍的 AI 提供者
*
* @param SendPromptRequest $request
* @return JsonResponse
*/
public function sendPrompt(SendPromptRequest $request): JsonResponse
{
try {
$response = $this->ai_provider_service->processPrompt($request->prompt);
if (!$response['success']) {
return response()->json([
'error' => $response['error'] ?? '處理提示失敗。請稍後再試。'
], 500);
}
return response()->json([
'response' => $response['response']
], 200);
} catch (\Exception $e) {
return response()->json([
'error' => '處理提示失敗。請稍後再試。',
'details' => config('app.debug') ? $e->getMessage() : null
], 500);
}
}
}

View file

@ -0,0 +1,42 @@
<?php
namespace App\Http\Controllers\Api\Frontend;
use App\Models\User;
use Illuminate\Support\Str;
use Illuminate\Http\JsonResponse;
use App\Http\Controllers\Controller;
use App\Http\Requests\RegisterUserRequest;
use Illuminate\Support\Facades\Hash;
class RegisterController extends Controller
{
/**
* 處理用戶註冊請求
*
* @param RegisterUserRequest $request
* @return JsonResponse
*/
public function register(RegisterUserRequest $request): JsonResponse
{
try {
$user = User::create([
'username' => $request->username,
'email' => $request->email,
'password' => Hash::make($request->password),
'status' => User::STATUS_INACTIVE,
]);
return response()->json([
'message' => '用戶註冊成功。等待激活。',
'user_id' => $user->id
], 201);
} catch (\Exception $e) {
return response()->json([
'error' => '註冊失敗。',
'details' => $e->getMessage()
], 500);
}
}
}

View file

@ -0,0 +1,21 @@
<?php
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\Services\OpenAiService;
class PromptController extends Controller
{
protected $openAiService;
public function __construct(OpenAiService $openAiService)
{
$this->openAiService = $openAiService;
}
public function process()
{
// 處理邏輯
}
}

View file

@ -0,0 +1,8 @@
<?php
namespace App\Http\Controllers;
abstract class Controller
{
//
}

View file

@ -0,0 +1,34 @@
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
// ... other middleware
'rate.limit.prompts' => \App\Http\Middleware\RateLimitPrompts::class,
'check.status' => \App\Http\Middleware\CheckUserStatus::class,
'throttle.prompts' => \App\Http\Middleware\ThrottlePrompts::class,
];
/**
* The application's route middleware groups.
*
* @var array
*/
protected $middlewareGroups = [
'api' => [
\App\Http\Middleware\ApiLogger::class,
// ... other middleware
],
];
}

View file

@ -0,0 +1,50 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use Symfony\Component\HttpFoundation\Response;
class ApiLogger
{
public function handle(Request $request, Closure $next): Response
{
// Log the incoming request
$this->logRequest($request);
// Process the request
$response = $next($request);
// Log the response
$this->logResponse($request, $response);
return $response;
}
private function logRequest(Request $request): void
{
Log::channel('api')->info('API Request', [
'method' => $request->method(),
'url' => $request->fullUrl(),
'headers' => $request->headers->all(),
'body' => $request->all(),
'ip' => $request->ip(),
'user_id' => $request->user()?->id,
'timestamp' => now()->toIso8601String(),
]);
}
private function logResponse(Request $request, Response $response): void
{
Log::channel('api')->info('API Response', [
'url' => $request->fullUrl(),
'status' => $response->getStatusCode(),
'headers' => $response->headers->all(),
'body' => $response->getContent(),
'duration_ms' => round((microtime(true) - LARAVEL_START) * 1000),
'timestamp' => now()->toIso8601String(),
]);
}
}

View file

@ -0,0 +1,20 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class CheckUserActive
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
return $next($request);
}
}

View file

@ -0,0 +1,22 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use App\Models\User;
class CheckUserStatus
{
public function handle(Request $request, Closure $next)
{
if ($request->user() && $request->user()->status === User::STATUS_INACTIVE) {
return response()->json([
'error' => '帳戶尚未激活。',
'status' => 'inactive'
], 403);
}
return $next($request);
}
}

View file

@ -0,0 +1,20 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class CustomMiddleware
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
return $next($request);
}
}

View file

@ -0,0 +1,32 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Cache\RateLimiter;
use Symfony\Component\HttpFoundation\Response;
class RateLimitPrompts
{
protected $limiter;
public function __construct(RateLimiter $limiter)
{
$this->limiter = $limiter;
}
public function handle($request, Closure $next)
{
$key = 'prompts:' . $request->user()->id;
if ($this->limiter->tooManyAttempts($key, 60)) { // 60 attempts per minute
return response()->json([
'error' => 'Too many requests. Please try again later.'
], Response::HTTP_TOO_MANY_REQUESTS);
}
$this->limiter->hit($key);
return $next($request);
}
}

View file

@ -0,0 +1,34 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Cache\RateLimiter;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class ThrottlePrompts
{
protected RateLimiter $limiter;
public function __construct(RateLimiter $limiter)
{
$this->limiter = $limiter;
}
public function handle(Request $request, Closure $next): Response
{
$key = 'prompts:' . $request->user()->id;
if ($this->limiter->tooManyAttempts($key, 60)) { // 每分鐘 60 次
return response()->json([
'error' => '請求過於頻繁,請稍後再試。',
'retry_after' => $this->limiter->availableIn($key)
], 429);
}
$this->limiter->hit($key);
return $next($request);
}
}

View file

@ -0,0 +1,34 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Contracts\Validation\Validator;
use Illuminate\Http\Exceptions\HttpResponseException;
class ApiProviderRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
public function rules(): array
{
return [
'provider_id' => ['required', 'string', 'max:50', 'unique:api_providers,provider_id'],
'name' => ['required', 'string', 'max:255'],
'api_key' => ['required', 'string'],
'endpoint' => ['required', 'url'],
'active' => ['boolean']
];
}
protected function failedValidation(Validator $validator)
{
throw new HttpResponseException(response()->json([
'error' => '驗證失敗',
'messages' => $validator->errors()
], 422));
}
}

View file

@ -0,0 +1,31 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Contracts\Validation\Validator;
use Illuminate\Http\Exceptions\HttpResponseException;
class LoginRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
public function rules(): array
{
return [
'email' => ['required', 'email'],
'password' => ['required', 'string', 'min:8']
];
}
protected function failedValidation(Validator $validator)
{
throw new HttpResponseException(response()->json([
'error' => '驗證失敗',
'messages' => $validator->errors()
], 422));
}
}

View file

@ -0,0 +1,32 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class RegisterUserRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
public function rules(): array
{
return [
'username' => ['required', 'string', 'max:255', 'unique:users'],
'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
'password' => ['required', 'string', 'min:8'],
];
}
public function messages(): array
{
return [
'email.email' => '電子郵件地址格式不正確。',
'password.min' => '密碼至少需要 8 個字符。',
'username.unique' => '此用戶名已被使用。',
'email.unique' => '此電子郵件已被註冊。',
];
}
}

View file

@ -0,0 +1,28 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class SendPromptRequest extends FormRequest
{
public function authorize(): bool
{
return true; // 已通過 auth middleware 驗證
}
public function rules(): array
{
return [
'prompt' => ['required', 'string', 'max:4000'] // 設置合理的最大長度限制
];
}
public function messages(): array
{
return [
'prompt.required' => '提示內容不能為空。',
'prompt.max' => '提示內容超過最大允許長度。'
];
}
}

View file

@ -0,0 +1,28 @@
<?php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class StoreUserRequest extends FormRequest
{
/**
* Determine if the user is authorized to make this request.
*/
public function authorize(): bool
{
return false;
}
/**
* Get the validation rules that apply to the request.
*
* @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
*/
public function rules(): array
{
return [
//
];
}
}

View file

@ -0,0 +1,28 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
class ApiProvider extends Model
{
protected $primaryKey = 'provider_id';
public $incrementing = false;
protected $keyType = 'string';
protected $fillable = [
'provider_id',
'name',
'api_key',
'endpoint',
'active'
];
protected $casts = [
'active' => 'boolean'
];
protected $hidden = [
'api_key'
];
}

View file

@ -4,7 +4,7 @@
use Illuminate\Database\Eloquent\Model; use Illuminate\Database\Eloquent\Model;
class ApiConfig extends Model class Role extends Model
{ {
protected $fillable = ['name', 'value']; //
} }

26
app/Models/User.php Normal file
View file

@ -0,0 +1,26 @@
<?php
namespace App\Models;
use Laravel\Sanctum\HasApiTokens;
use Illuminate\Foundation\Auth\User as Authenticatable;
class User extends Authenticatable
{
use HasApiTokens;
public const STATUS_ACTIVE = 'active';
public const STATUS_INACTIVE = 'inactive';
protected $fillable = [
'username',
'email',
'password',
'status'
];
protected $hidden = [
'password',
'remember_token',
];
}

View file

@ -0,0 +1,24 @@
<?php
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
class AppServiceProvider extends ServiceProvider
{
/**
* Register any application services.
*/
public function register(): void
{
//
}
/**
* Bootstrap any application services.
*/
public function boot(): void
{
//
}
}

View file

@ -0,0 +1,77 @@
<?php
namespace App\Services;
use App\Models\ApiProvider;
use Illuminate\Support\Facades\Http;
use Illuminate\Support\Facades\Log;
class AiProviderService
{
/**
* 處理提示並獲取 AI 回應
*
* @param string $prompt
* @return array
*/
public function processPrompt(string $prompt): array
{
try {
$active_provider = $this->getActiveProvider();
if (!$active_provider) {
throw new \Exception('No active AI provider available.');
}
return $this->sendToProvider($active_provider, $prompt);
} catch (\Exception $e) {
Log::error('AI Provider Error', [
'error' => $e->getMessage(),
'prompt' => $prompt
]);
return [
'success' => false,
'error' => $e->getMessage()
];
}
}
/**
* 獲取當前活躍的 AI 提供者
*
* @return ApiProvider|null
*/
private function getActiveProvider(): ?ApiProvider
{
return ApiProvider::where('active', true)->first();
}
/**
* 向指定的 AI 提供者發送提示
*
* @param ApiProvider $provider
* @param string $prompt
* @return array
*/
private function sendToProvider(ApiProvider $provider, string $prompt): array
{
$response = Http::withHeaders([
'Authorization' => 'Bearer ' . $provider->api_key,
'Content-Type' => 'application/json',
])->post($provider->endpoint, [
'prompt' => $prompt,
'max_tokens' => 1000,
]);
if (!$response->successful()) {
throw new \Exception('AI provider request failed: ' . $response->body());
}
return [
'success' => true,
'response' => $response->json('choices.0.text') ?? $response->json('response')
];
}
}

View file

@ -0,0 +1,37 @@
<?php
namespace App\Services;
use Illuminate\Http\JsonResponse;
class ApiResponseService
{
/**
* 建立成功回應
*/
public static function success($data, string $message = null, int $code = 200): JsonResponse
{
return response()->json([
'status' => 'success',
'message' => $message,
'data' => $data
], $code);
}
/**
* 建立錯誤回應
*/
public static function error(string $message, int $code, $errors = null): JsonResponse
{
$response = [
'status' => 'error',
'message' => $message
];
if ($errors !== null) {
$response['errors'] = $errors;
}
return response()->json($response, $code);
}
}

View file

@ -0,0 +1,30 @@
<?php
namespace App\Services;
use OpenAI\Laravel\Facades\OpenAI;
class OpenAiService
{
public function processPrompt(string $prompt): array
{
try {
$result = OpenAI::chat()->create([
'model' => 'gpt-3.5-turbo',
'messages' => [
['role' => 'user', 'content' => $prompt],
],
]);
return [
'success' => true,
'response' => $result->choices[0]->message->content
];
} catch (\Exception $e) {
return [
'success' => false,
'error' => $e->getMessage()
];
}
}
}

15
artisan Executable file
View file

@ -0,0 +1,15 @@
#!/usr/bin/env php
<?php
use Symfony\Component\Console\Input\ArgvInput;
define('LARAVEL_START', microtime(true));
// Register the Composer autoloader...
require __DIR__.'/vendor/autoload.php';
// Bootstrap Laravel and handle the command...
$status = (require_once __DIR__.'/bootstrap/app.php')
->handleCommand(new ArgvInput);
exit($status);

18
bootstrap/app.php Normal file
View file

@ -0,0 +1,18 @@
<?php
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware) {
//
})
->withExceptions(function (Exceptions $exceptions) {
//
})->create();

5
bootstrap/providers.php Normal file
View file

@ -0,0 +1,5 @@
<?php
return [
App\Providers\AppServiceProvider::class,
];

72
composer.json Normal file
View file

@ -0,0 +1,72 @@
{
"name": "laravel/laravel",
"type": "project",
"description": "The skeleton application for the Laravel framework.",
"keywords": ["laravel", "framework"],
"license": "MIT",
"require": {
"php": "^8.2",
"laravel/framework": "^11.9",
"laravel/sanctum": "^4.0",
"laravel/tinker": "^2.9",
"openai-php/laravel": "^0.10.2"
},
"require-dev": {
"fakerphp/faker": "^1.23",
"laravel/pail": "^1.1",
"laravel/pint": "^1.13",
"laravel/sail": "^1.26",
"mockery/mockery": "^1.6",
"nunomaduro/collision": "^8.1",
"phpunit/phpunit": "^11.0.1"
},
"autoload": {
"psr-4": {
"App\\": "app/",
"Database\\Factories\\": "database/factories/",
"Database\\Seeders\\": "database/seeders/"
}
},
"autoload-dev": {
"psr-4": {
"Tests\\": "tests/"
}
},
"scripts": {
"post-autoload-dump": [
"Illuminate\\Foundation\\ComposerScripts::postAutoloadDump",
"@php artisan package:discover --ansi"
],
"post-update-cmd": [
"@php artisan vendor:publish --tag=laravel-assets --ansi --force"
],
"post-root-package-install": [
"@php -r \"file_exists('.env') || copy('.env.example', '.env');\""
],
"post-create-project-cmd": [
"@php artisan key:generate --ansi",
"@php -r \"file_exists('database/database.sqlite') || touch('database/database.sqlite');\"",
"@php artisan migrate --graceful --ansi"
],
"dev": [
"Composer\\Config::disableProcessTimeout",
"npx concurrently -c \"#93c5fd,#c4b5fd,#fb7185,#fdba74\" \"php artisan serve\" \"php artisan queue:listen --tries=1\" \"php artisan pail --timeout=0\" \"npm run dev\" --names=server,queue,logs,vite"
]
},
"extra": {
"laravel": {
"dont-discover": []
}
},
"config": {
"optimize-autoloader": true,
"preferred-install": "dist",
"sort-packages": true,
"allow-plugins": {
"pestphp/pest-plugin": true,
"php-http/discovery": true
}
},
"minimum-stability": "stable",
"prefer-stable": true
}

8225
composer.lock generated Normal file

File diff suppressed because it is too large Load diff

135
config/app.php Normal file
View file

@ -0,0 +1,135 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Application Name
|--------------------------------------------------------------------------
|
| This value is the name of your application, which will be used when the
| framework needs to place the application's name in a notification or
| other UI elements where an application name needs to be displayed.
|
*/
'name' => env('APP_NAME', 'Laravel'),
/*
|--------------------------------------------------------------------------
| Application Environment
|--------------------------------------------------------------------------
|
| This value determines the "environment" your application is currently
| running in. This may determine how you prefer to configure various
| services the application utilizes. Set this in your ".env" file.
|
*/
'env' => env('APP_ENV', 'production'),
/*
|--------------------------------------------------------------------------
| Application Debug Mode
|--------------------------------------------------------------------------
|
| When your application is in debug mode, detailed error messages with
| stack traces will be shown on every error that occurs within your
| application. If disabled, a simple generic error page is shown.
|
*/
'debug' => (bool) env('APP_DEBUG', false),
/*
|--------------------------------------------------------------------------
| Application URL
|--------------------------------------------------------------------------
|
| This URL is used by the console to properly generate URLs when using
| the Artisan command line tool. You should set this to the root of
| the application so that it's available within Artisan commands.
|
*/
'url' => env('APP_URL', 'http://localhost'),
/*
|--------------------------------------------------------------------------
| Application Timezone
|--------------------------------------------------------------------------
|
| Here you may specify the default timezone for your application, which
| will be used by the PHP date and date-time functions. The timezone
| is set to "UTC" by default as it is suitable for most use cases.
|
*/
'timezone' => env('APP_TIMEZONE', 'UTC'),
/*
|--------------------------------------------------------------------------
| Application Locale Configuration
|--------------------------------------------------------------------------
|
| The application locale determines the default locale that will be used
| by Laravel's translation / localization methods. This option can be
| set to any locale for which you plan to have translation strings.
|
*/
'locale' => env('APP_LOCALE', 'en'),
'fallback_locale' => env('APP_FALLBACK_LOCALE', 'en'),
'faker_locale' => env('APP_FAKER_LOCALE', 'en_US'),
/*
|--------------------------------------------------------------------------
| Encryption Key
|--------------------------------------------------------------------------
|
| This key is utilized by Laravel's encryption services and should be set
| to a random, 32 character string to ensure that all encrypted values
| are secure. You should do this prior to deploying the application.
|
*/
'cipher' => 'AES-256-CBC',
'key' => env('APP_KEY'),
'previous_keys' => [
...array_filter(
explode(',', env('APP_PREVIOUS_KEYS', ''))
),
],
/*
|--------------------------------------------------------------------------
| Maintenance Mode Driver
|--------------------------------------------------------------------------
|
| These configuration options determine the driver used to determine and
| manage Laravel's "maintenance mode" status. The "cache" driver will
| allow maintenance mode to be controlled across multiple machines.
|
| Supported drivers: "file", "cache"
|
*/
'maintenance' => [
'driver' => env('APP_MAINTENANCE_DRIVER', 'file'),
'store' => env('APP_MAINTENANCE_STORE', 'database'),
],
'api' => [
'prefix' => env('API_PREFIX', 'api'),
'version' => env('API_VERSION', 'v1'),
'throttle' => [
'max_attempts' => env('API_THROTTLE_MAX_ATTEMPTS', 60),
'decay_minutes' => env('API_THROTTLE_DECAY_MINUTES', 1),
],
],
];

119
config/auth.php Normal file
View file

@ -0,0 +1,119 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option defines the default authentication "guard" and password
| reset "broker" for your application. You may change these values
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => env('AUTH_GUARD', 'web'),
'passwords' => env('AUTH_PASSWORD_BROKER', 'users'),
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| which utilizes session storage plus the Eloquent user provider.
|
| All authentication guards have a user provider, which defines how the
| users are actually retrieved out of your database or other storage
| system used by the application. Typically, Eloquent is utilized.
|
| Supported: "session"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'sanctum',
'provider' => 'users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication guards have a user provider, which defines how the
| users are actually retrieved out of your database or other storage
| system used by the application. Typically, Eloquent is utilized.
|
| If you have multiple user tables or models you may configure multiple
| providers to represent the model / table. These providers may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => env('AUTH_MODEL', App\Models\User::class),
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| These configuration options specify the behavior of Laravel's password
| reset functionality, including the table utilized for token storage
| and the user provider that is invoked to actually retrieve users.
|
| The expiry time is the number of minutes that each reset token will be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
| The throttle setting is the number of seconds a user must wait before
| generating more password reset tokens. This prevents the user from
| quickly generating a very large amount of password reset tokens.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => env('AUTH_PASSWORD_RESET_TOKEN_TABLE', 'password_reset_tokens'),
'expire' => 60,
'throttle' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Password Confirmation Timeout
|--------------------------------------------------------------------------
|
| Here you may define the amount of seconds before a password confirmation
| window expires and users are asked to re-enter their password via the
| confirmation screen. By default, the timeout lasts for three hours.
|
*/
'password_timeout' => env('AUTH_PASSWORD_TIMEOUT', 10800),
];

108
config/cache.php Normal file
View file

@ -0,0 +1,108 @@
<?php
use Illuminate\Support\Str;
return [
/*
|--------------------------------------------------------------------------
| Default Cache Store
|--------------------------------------------------------------------------
|
| This option controls the default cache store that will be used by the
| framework. This connection is utilized if another isn't explicitly
| specified when running a cache operation inside the application.
|
*/
'default' => env('CACHE_STORE', 'database'),
/*
|--------------------------------------------------------------------------
| Cache Stores
|--------------------------------------------------------------------------
|
| Here you may define all of the cache "stores" for your application as
| well as their drivers. You may even define multiple stores for the
| same cache driver to group types of items stored in your caches.
|
| Supported drivers: "array", "database", "file", "memcached",
| "redis", "dynamodb", "octane", "null"
|
*/
'stores' => [
'array' => [
'driver' => 'array',
'serialize' => false,
],
'database' => [
'driver' => 'database',
'connection' => env('DB_CACHE_CONNECTION'),
'table' => env('DB_CACHE_TABLE', 'cache'),
'lock_connection' => env('DB_CACHE_LOCK_CONNECTION'),
'lock_table' => env('DB_CACHE_LOCK_TABLE'),
],
'file' => [
'driver' => 'file',
'path' => storage_path('framework/cache/data'),
'lock_path' => storage_path('framework/cache/data'),
],
'memcached' => [
'driver' => 'memcached',
'persistent_id' => env('MEMCACHED_PERSISTENT_ID'),
'sasl' => [
env('MEMCACHED_USERNAME'),
env('MEMCACHED_PASSWORD'),
],
'options' => [
// Memcached::OPT_CONNECT_TIMEOUT => 2000,
],
'servers' => [
[
'host' => env('MEMCACHED_HOST', '127.0.0.1'),
'port' => env('MEMCACHED_PORT', 11211),
'weight' => 100,
],
],
],
'redis' => [
'driver' => 'redis',
'connection' => env('REDIS_CACHE_CONNECTION', 'cache'),
'lock_connection' => env('REDIS_CACHE_LOCK_CONNECTION', 'default'),
],
'dynamodb' => [
'driver' => 'dynamodb',
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION', 'us-east-1'),
'table' => env('DYNAMODB_CACHE_TABLE', 'cache'),
'endpoint' => env('DYNAMODB_ENDPOINT'),
],
'octane' => [
'driver' => 'octane',
],
],
/*
|--------------------------------------------------------------------------
| Cache Key Prefix
|--------------------------------------------------------------------------
|
| When utilizing the APC, database, memcached, Redis, and DynamoDB cache
| stores, there might be other applications using the same cache. For
| that reason, you may prefix every cache key to avoid collisions.
|
*/
'prefix' => env('CACHE_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_cache_'),
];

173
config/database.php Normal file
View file

@ -0,0 +1,173 @@
<?php
use Illuminate\Support\Str;
return [
/*
|--------------------------------------------------------------------------
| Default Database Connection Name
|--------------------------------------------------------------------------
|
| Here you may specify which of the database connections below you wish
| to use as your default connection for database operations. This is
| the connection which will be utilized unless another connection
| is explicitly specified when you execute a query / statement.
|
*/
'default' => env('DB_CONNECTION', 'mysql'),
/*
|--------------------------------------------------------------------------
| Database Connections
|--------------------------------------------------------------------------
|
| Below are all of the database connections defined for your application.
| An example configuration is provided for each database system which
| is supported by Laravel. You're free to add / remove connections.
|
*/
'connections' => [
'sqlite' => [
'driver' => 'sqlite',
'url' => env('DB_URL'),
'database' => env('DB_DATABASE', database_path('database.sqlite')),
'prefix' => '',
'foreign_key_constraints' => env('DB_FOREIGN_KEYS', true),
'busy_timeout' => null,
'journal_mode' => null,
'synchronous' => null,
],
'mysql' => [
'driver' => 'mysql',
'url' => env('DB_URL'),
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '3306'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'unix_socket' => env('DB_SOCKET', ''),
'charset' => env('DB_CHARSET', 'utf8mb4'),
'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'),
'prefix' => '',
'prefix_indexes' => true,
'strict' => true,
'engine' => null,
'options' => extension_loaded('pdo_mysql') ? array_filter([
PDO::MYSQL_ATTR_SSL_CA => env('MYSQL_ATTR_SSL_CA'),
]) : [],
],
'mariadb' => [
'driver' => 'mariadb',
'url' => env('DB_URL'),
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '3306'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'unix_socket' => env('DB_SOCKET', ''),
'charset' => env('DB_CHARSET', 'utf8mb4'),
'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'),
'prefix' => '',
'prefix_indexes' => true,
'strict' => true,
'engine' => null,
'options' => extension_loaded('pdo_mysql') ? array_filter([
PDO::MYSQL_ATTR_SSL_CA => env('MYSQL_ATTR_SSL_CA'),
]) : [],
],
'pgsql' => [
'driver' => 'pgsql',
'url' => env('DB_URL'),
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '5432'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'charset' => env('DB_CHARSET', 'utf8'),
'prefix' => '',
'prefix_indexes' => true,
'search_path' => 'public',
'sslmode' => 'prefer',
],
'sqlsrv' => [
'driver' => 'sqlsrv',
'url' => env('DB_URL'),
'host' => env('DB_HOST', 'localhost'),
'port' => env('DB_PORT', '1433'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'charset' => env('DB_CHARSET', 'utf8'),
'prefix' => '',
'prefix_indexes' => true,
// 'encrypt' => env('DB_ENCRYPT', 'yes'),
// 'trust_server_certificate' => env('DB_TRUST_SERVER_CERTIFICATE', 'false'),
],
],
/*
|--------------------------------------------------------------------------
| Migration Repository Table
|--------------------------------------------------------------------------
|
| This table keeps track of all the migrations that have already run for
| your application. Using this information, we can determine which of
| the migrations on disk haven't actually been run on the database.
|
*/
'migrations' => [
'table' => 'migrations',
'update_date_on_publish' => true,
],
/*
|--------------------------------------------------------------------------
| Redis Databases
|--------------------------------------------------------------------------
|
| Redis is an open source, fast, and advanced key-value store that also
| provides a richer body of commands than a typical key-value system
| such as Memcached. You may define your connection settings here.
|
*/
'redis' => [
'client' => env('REDIS_CLIENT', 'phpredis'),
'options' => [
'cluster' => env('REDIS_CLUSTER', 'redis'),
'prefix' => env('REDIS_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_database_'),
],
'default' => [
'url' => env('REDIS_URL'),
'host' => env('REDIS_HOST', '127.0.0.1'),
'username' => env('REDIS_USERNAME'),
'password' => env('REDIS_PASSWORD'),
'port' => env('REDIS_PORT', '6379'),
'database' => env('REDIS_DB', '0'),
],
'cache' => [
'url' => env('REDIS_URL'),
'host' => env('REDIS_HOST', '127.0.0.1'),
'username' => env('REDIS_USERNAME'),
'password' => env('REDIS_PASSWORD'),
'port' => env('REDIS_PORT', '6379'),
'database' => env('REDIS_CACHE_DB', '1'),
],
],
];

77
config/filesystems.php Normal file
View file

@ -0,0 +1,77 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Default Filesystem Disk
|--------------------------------------------------------------------------
|
| Here you may specify the default filesystem disk that should be used
| by the framework. The "local" disk, as well as a variety of cloud
| based disks are available to your application for file storage.
|
*/
'default' => env('FILESYSTEM_DISK', 'local'),
/*
|--------------------------------------------------------------------------
| Filesystem Disks
|--------------------------------------------------------------------------
|
| Below you may configure as many filesystem disks as necessary, and you
| may even configure multiple disks for the same driver. Examples for
| most supported storage drivers are configured here for reference.
|
| Supported drivers: "local", "ftp", "sftp", "s3"
|
*/
'disks' => [
'local' => [
'driver' => 'local',
'root' => storage_path('app/private'),
'serve' => true,
'throw' => false,
],
'public' => [
'driver' => 'local',
'root' => storage_path('app/public'),
'url' => env('APP_URL').'/storage',
'visibility' => 'public',
'throw' => false,
],
's3' => [
'driver' => 's3',
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION'),
'bucket' => env('AWS_BUCKET'),
'url' => env('AWS_URL'),
'endpoint' => env('AWS_ENDPOINT'),
'use_path_style_endpoint' => env('AWS_USE_PATH_STYLE_ENDPOINT', false),
'throw' => false,
],
],
/*
|--------------------------------------------------------------------------
| Symbolic Links
|--------------------------------------------------------------------------
|
| Here you may configure the symbolic links that will be created when the
| `storage:link` Artisan command is executed. The array keys should be
| the locations of the links and the values should be their targets.
|
*/
'links' => [
public_path('storage') => storage_path('app/public'),
],
];

139
config/logging.php Normal file
View file

@ -0,0 +1,139 @@
<?php
use Monolog\Handler\NullHandler;
use Monolog\Handler\StreamHandler;
use Monolog\Handler\SyslogUdpHandler;
use Monolog\Processor\PsrLogMessageProcessor;
return [
/*
|--------------------------------------------------------------------------
| Default Log Channel
|--------------------------------------------------------------------------
|
| This option defines the default log channel that is utilized to write
| messages to your logs. The value provided here should match one of
| the channels present in the list of "channels" configured below.
|
*/
'default' => env('LOG_CHANNEL', 'stack'),
/*
|--------------------------------------------------------------------------
| Deprecations Log Channel
|--------------------------------------------------------------------------
|
| This option controls the log channel that should be used to log warnings
| regarding deprecated PHP and library features. This allows you to get
| your application ready for upcoming major versions of dependencies.
|
*/
'deprecations' => [
'channel' => env('LOG_DEPRECATIONS_CHANNEL', 'null'),
'trace' => env('LOG_DEPRECATIONS_TRACE', false),
],
/*
|--------------------------------------------------------------------------
| Log Channels
|--------------------------------------------------------------------------
|
| Here you may configure the log channels for your application. Laravel
| utilizes the Monolog PHP logging library, which includes a variety
| of powerful log handlers and formatters that you're free to use.
|
| Available drivers: "single", "daily", "slack", "syslog",
| "errorlog", "monolog", "custom", "stack"
|
*/
'channels' => [
'stack' => [
'driver' => 'stack',
'channels' => explode(',', env('LOG_STACK', 'single')),
'ignore_exceptions' => false,
],
'single' => [
'driver' => 'single',
'path' => storage_path('logs/laravel.log'),
'level' => env('LOG_LEVEL', 'debug'),
'replace_placeholders' => true,
],
'daily' => [
'driver' => 'daily',
'path' => storage_path('logs/laravel.log'),
'level' => env('LOG_LEVEL', 'debug'),
'days' => env('LOG_DAILY_DAYS', 14),
'replace_placeholders' => true,
],
'slack' => [
'driver' => 'slack',
'url' => env('LOG_SLACK_WEBHOOK_URL'),
'username' => env('LOG_SLACK_USERNAME', 'Laravel Log'),
'emoji' => env('LOG_SLACK_EMOJI', ':boom:'),
'level' => env('LOG_LEVEL', 'critical'),
'replace_placeholders' => true,
],
'papertrail' => [
'driver' => 'monolog',
'level' => env('LOG_LEVEL', 'debug'),
'handler' => env('LOG_PAPERTRAIL_HANDLER', SyslogUdpHandler::class),
'handler_with' => [
'host' => env('PAPERTRAIL_URL'),
'port' => env('PAPERTRAIL_PORT'),
'connectionString' => 'tls://'.env('PAPERTRAIL_URL').':'.env('PAPERTRAIL_PORT'),
],
'processors' => [PsrLogMessageProcessor::class],
],
'stderr' => [
'driver' => 'monolog',
'level' => env('LOG_LEVEL', 'debug'),
'handler' => StreamHandler::class,
'formatter' => env('LOG_STDERR_FORMATTER'),
'with' => [
'stream' => 'php://stderr',
],
'processors' => [PsrLogMessageProcessor::class],
],
'syslog' => [
'driver' => 'syslog',
'level' => env('LOG_LEVEL', 'debug'),
'facility' => env('LOG_SYSLOG_FACILITY', LOG_USER),
'replace_placeholders' => true,
],
'errorlog' => [
'driver' => 'errorlog',
'level' => env('LOG_LEVEL', 'debug'),
'replace_placeholders' => true,
],
'null' => [
'driver' => 'monolog',
'handler' => NullHandler::class,
],
'emergency' => [
'path' => storage_path('logs/laravel.log'),
],
'api' => [
'driver' => 'daily',
'path' => storage_path('logs/api/api.log'),
'level' => env('LOG_LEVEL', 'debug'),
'days' => 14,
],
],
];

116
config/mail.php Normal file
View file

@ -0,0 +1,116 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Default Mailer
|--------------------------------------------------------------------------
|
| This option controls the default mailer that is used to send all email
| messages unless another mailer is explicitly specified when sending
| the message. All additional mailers can be configured within the
| "mailers" array. Examples of each type of mailer are provided.
|
*/
'default' => env('MAIL_MAILER', 'log'),
/*
|--------------------------------------------------------------------------
| Mailer Configurations
|--------------------------------------------------------------------------
|
| Here you may configure all of the mailers used by your application plus
| their respective settings. Several examples have been configured for
| you and you are free to add your own as your application requires.
|
| Laravel supports a variety of mail "transport" drivers that can be used
| when delivering an email. You may specify which one you're using for
| your mailers below. You may also add additional mailers if needed.
|
| Supported: "smtp", "sendmail", "mailgun", "ses", "ses-v2",
| "postmark", "resend", "log", "array",
| "failover", "roundrobin"
|
*/
'mailers' => [
'smtp' => [
'transport' => 'smtp',
'url' => env('MAIL_URL'),
'host' => env('MAIL_HOST', '127.0.0.1'),
'port' => env('MAIL_PORT', 2525),
'encryption' => env('MAIL_ENCRYPTION', 'tls'),
'username' => env('MAIL_USERNAME'),
'password' => env('MAIL_PASSWORD'),
'timeout' => null,
'local_domain' => env('MAIL_EHLO_DOMAIN', parse_url(env('APP_URL', 'http://localhost'), PHP_URL_HOST)),
],
'ses' => [
'transport' => 'ses',
],
'postmark' => [
'transport' => 'postmark',
// 'message_stream_id' => env('POSTMARK_MESSAGE_STREAM_ID'),
// 'client' => [
// 'timeout' => 5,
// ],
],
'resend' => [
'transport' => 'resend',
],
'sendmail' => [
'transport' => 'sendmail',
'path' => env('MAIL_SENDMAIL_PATH', '/usr/sbin/sendmail -bs -i'),
],
'log' => [
'transport' => 'log',
'channel' => env('MAIL_LOG_CHANNEL'),
],
'array' => [
'transport' => 'array',
],
'failover' => [
'transport' => 'failover',
'mailers' => [
'smtp',
'log',
],
],
'roundrobin' => [
'transport' => 'roundrobin',
'mailers' => [
'ses',
'postmark',
],
],
],
/*
|--------------------------------------------------------------------------
| Global "From" Address
|--------------------------------------------------------------------------
|
| You may wish for all emails sent by your application to be sent from
| the same address. Here you may specify a name and address that is
| used globally for all emails that are sent by your application.
|
*/
'from' => [
'address' => env('MAIL_FROM_ADDRESS', 'hello@example.com'),
'name' => env('MAIL_FROM_NAME', 'Example'),
],
];

112
config/queue.php Normal file
View file

@ -0,0 +1,112 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Default Queue Connection Name
|--------------------------------------------------------------------------
|
| Laravel's queue supports a variety of backends via a single, unified
| API, giving you convenient access to each backend using identical
| syntax for each. The default queue connection is defined below.
|
*/
'default' => env('QUEUE_CONNECTION', 'database'),
/*
|--------------------------------------------------------------------------
| Queue Connections
|--------------------------------------------------------------------------
|
| Here you may configure the connection options for every queue backend
| used by your application. An example configuration is provided for
| each backend supported by Laravel. You're also free to add more.
|
| Drivers: "sync", "database", "beanstalkd", "sqs", "redis", "null"
|
*/
'connections' => [
'sync' => [
'driver' => 'sync',
],
'database' => [
'driver' => 'database',
'connection' => env('DB_QUEUE_CONNECTION'),
'table' => env('DB_QUEUE_TABLE', 'jobs'),
'queue' => env('DB_QUEUE', 'default'),
'retry_after' => (int) env('DB_QUEUE_RETRY_AFTER', 90),
'after_commit' => false,
],
'beanstalkd' => [
'driver' => 'beanstalkd',
'host' => env('BEANSTALKD_QUEUE_HOST', 'localhost'),
'queue' => env('BEANSTALKD_QUEUE', 'default'),
'retry_after' => (int) env('BEANSTALKD_QUEUE_RETRY_AFTER', 90),
'block_for' => 0,
'after_commit' => false,
],
'sqs' => [
'driver' => 'sqs',
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'prefix' => env('SQS_PREFIX', 'https://sqs.us-east-1.amazonaws.com/your-account-id'),
'queue' => env('SQS_QUEUE', 'default'),
'suffix' => env('SQS_SUFFIX'),
'region' => env('AWS_DEFAULT_REGION', 'us-east-1'),
'after_commit' => false,
],
'redis' => [
'driver' => 'redis',
'connection' => env('REDIS_QUEUE_CONNECTION', 'default'),
'queue' => env('REDIS_QUEUE', 'default'),
'retry_after' => (int) env('REDIS_QUEUE_RETRY_AFTER', 90),
'block_for' => null,
'after_commit' => false,
],
],
/*
|--------------------------------------------------------------------------
| Job Batching
|--------------------------------------------------------------------------
|
| The following options configure the database and table that store job
| batching information. These options can be updated to any database
| connection and table which has been defined by your application.
|
*/
'batching' => [
'database' => env('DB_CONNECTION', 'sqlite'),
'table' => 'job_batches',
],
/*
|--------------------------------------------------------------------------
| Failed Queue Jobs
|--------------------------------------------------------------------------
|
| These options configure the behavior of failed queue job logging so you
| can control how and where failed jobs are stored. Laravel ships with
| support for storing failed jobs in a simple file or in a database.
|
| Supported drivers: "database-uuids", "dynamodb", "file", "null"
|
*/
'failed' => [
'driver' => env('QUEUE_FAILED_DRIVER', 'database-uuids'),
'database' => env('DB_CONNECTION', 'sqlite'),
'table' => 'failed_jobs',
],
];

83
config/sanctum.php Normal file
View file

@ -0,0 +1,83 @@
<?php
use Laravel\Sanctum\Sanctum;
return [
/*
|--------------------------------------------------------------------------
| Stateful Domains
|--------------------------------------------------------------------------
|
| Requests from the following domains / hosts will receive stateful API
| authentication cookies. Typically, these should include your local
| and production domains which access your API via a frontend SPA.
|
*/
'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf(
'%s%s',
'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1',
Sanctum::currentApplicationUrlWithPort()
))),
/*
|--------------------------------------------------------------------------
| Sanctum Guards
|--------------------------------------------------------------------------
|
| This array contains the authentication guards that will be checked when
| Sanctum is trying to authenticate a request. If none of these guards
| are able to authenticate the request, Sanctum will use the bearer
| token that's present on an incoming request for authentication.
|
*/
'guard' => ['web'],
/*
|--------------------------------------------------------------------------
| Expiration Minutes
|--------------------------------------------------------------------------
|
| This value controls the number of minutes until an issued token will be
| considered expired. This will override any values set in the token's
| "expires_at" attribute, but first-party sessions are not affected.
|
*/
'expiration' => null,
/*
|--------------------------------------------------------------------------
| Token Prefix
|--------------------------------------------------------------------------
|
| Sanctum can prefix new tokens in order to take advantage of numerous
| security scanning initiatives maintained by open source platforms
| that notify developers if they commit tokens into repositories.
|
| See: https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning
|
*/
'token_prefix' => env('SANCTUM_TOKEN_PREFIX', ''),
/*
|--------------------------------------------------------------------------
| Sanctum Middleware
|--------------------------------------------------------------------------
|
| When authenticating your first-party SPA with Sanctum you may need to
| customize some of the middleware Sanctum uses while processing the
| request. You may change the middleware listed below as required.
|
*/
'middleware' => [
'authenticate_session' => Laravel\Sanctum\Http\Middleware\AuthenticateSession::class,
'encrypt_cookies' => Illuminate\Cookie\Middleware\EncryptCookies::class,
'validate_csrf_token' => Illuminate\Foundation\Http\Middleware\ValidateCsrfToken::class,
],
];

38
config/services.php Normal file
View file

@ -0,0 +1,38 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Third Party Services
|--------------------------------------------------------------------------
|
| This file is for storing the credentials for third party services such
| as Mailgun, Postmark, AWS and more. This file provides the de facto
| location for this type of information, allowing packages to have
| a conventional file to locate the various service credentials.
|
*/
'postmark' => [
'token' => env('POSTMARK_TOKEN'),
],
'ses' => [
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION', 'us-east-1'),
],
'resend' => [
'key' => env('RESEND_KEY'),
],
'slack' => [
'notifications' => [
'bot_user_oauth_token' => env('SLACK_BOT_USER_OAUTH_TOKEN'),
'channel' => env('SLACK_BOT_USER_DEFAULT_CHANNEL'),
],
],
];

217
config/session.php Normal file
View file

@ -0,0 +1,217 @@
<?php
use Illuminate\Support\Str;
return [
/*
|--------------------------------------------------------------------------
| Default Session Driver
|--------------------------------------------------------------------------
|
| This option determines the default session driver that is utilized for
| incoming requests. Laravel supports a variety of storage options to
| persist session data. Database storage is a great default choice.
|
| Supported: "file", "cookie", "database", "apc",
| "memcached", "redis", "dynamodb", "array"
|
*/
'driver' => env('SESSION_DRIVER', 'database'),
/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to expire immediately when the browser is closed then you may
| indicate that via the expire_on_close configuration option.
|
*/
'lifetime' => env('SESSION_LIFETIME', 120),
'expire_on_close' => env('SESSION_EXPIRE_ON_CLOSE', false),
/*
|--------------------------------------------------------------------------
| Session Encryption
|--------------------------------------------------------------------------
|
| This option allows you to easily specify that all of your session data
| should be encrypted before it's stored. All encryption is performed
| automatically by Laravel and you may use the session like normal.
|
*/
'encrypt' => env('SESSION_ENCRYPT', false),
/*
|--------------------------------------------------------------------------
| Session File Location
|--------------------------------------------------------------------------
|
| When utilizing the "file" session driver, the session files are placed
| on disk. The default storage location is defined here; however, you
| are free to provide another location where they should be stored.
|
*/
'files' => storage_path('framework/sessions'),
/*
|--------------------------------------------------------------------------
| Session Database Connection
|--------------------------------------------------------------------------
|
| When using the "database" or "redis" session drivers, you may specify a
| connection that should be used to manage these sessions. This should
| correspond to a connection in your database configuration options.
|
*/
'connection' => env('SESSION_CONNECTION'),
/*
|--------------------------------------------------------------------------
| Session Database Table
|--------------------------------------------------------------------------
|
| When using the "database" session driver, you may specify the table to
| be used to store sessions. Of course, a sensible default is defined
| for you; however, you're welcome to change this to another table.
|
*/
'table' => env('SESSION_TABLE', 'sessions'),
/*
|--------------------------------------------------------------------------
| Session Cache Store
|--------------------------------------------------------------------------
|
| When using one of the framework's cache driven session backends, you may
| define the cache store which should be used to store the session data
| between requests. This must match one of your defined cache stores.
|
| Affects: "apc", "dynamodb", "memcached", "redis"
|
*/
'store' => env('SESSION_STORE'),
/*
|--------------------------------------------------------------------------
| Session Sweeping Lottery
|--------------------------------------------------------------------------
|
| Some session drivers must manually sweep their storage location to get
| rid of old sessions from storage. Here are the chances that it will
| happen on a given request. By default, the odds are 2 out of 100.
|
*/
'lottery' => [2, 100],
/*
|--------------------------------------------------------------------------
| Session Cookie Name
|--------------------------------------------------------------------------
|
| Here you may change the name of the session cookie that is created by
| the framework. Typically, you should not need to change this value
| since doing so does not grant a meaningful security improvement.
|
*/
'cookie' => env(
'SESSION_COOKIE',
Str::slug(env('APP_NAME', 'laravel'), '_').'_session'
),
/*
|--------------------------------------------------------------------------
| Session Cookie Path
|--------------------------------------------------------------------------
|
| The session cookie path determines the path for which the cookie will
| be regarded as available. Typically, this will be the root path of
| your application, but you're free to change this when necessary.
|
*/
'path' => env('SESSION_PATH', '/'),
/*
|--------------------------------------------------------------------------
| Session Cookie Domain
|--------------------------------------------------------------------------
|
| This value determines the domain and subdomains the session cookie is
| available to. By default, the cookie will be available to the root
| domain and all subdomains. Typically, this shouldn't be changed.
|
*/
'domain' => env('SESSION_DOMAIN'),
/*
|--------------------------------------------------------------------------
| HTTPS Only Cookies
|--------------------------------------------------------------------------
|
| By setting this option to true, session cookies will only be sent back
| to the server if the browser has a HTTPS connection. This will keep
| the cookie from being sent to you when it can't be done securely.
|
*/
'secure' => env('SESSION_SECURE_COOKIE'),
/*
|--------------------------------------------------------------------------
| HTTP Access Only
|--------------------------------------------------------------------------
|
| Setting this value to true will prevent JavaScript from accessing the
| value of the cookie and the cookie will only be accessible through
| the HTTP protocol. It's unlikely you should disable this option.
|
*/
'http_only' => env('SESSION_HTTP_ONLY', true),
/*
|--------------------------------------------------------------------------
| Same-Site Cookies
|--------------------------------------------------------------------------
|
| This option determines how your cookies behave when cross-site requests
| take place, and can be used to mitigate CSRF attacks. By default, we
| will set this value to "lax" to permit secure cross-site requests.
|
| See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#samesitesamesite-value
|
| Supported: "lax", "strict", "none", null
|
*/
'same_site' => env('SESSION_SAME_SITE', 'lax'),
/*
|--------------------------------------------------------------------------
| Partitioned Cookies
|--------------------------------------------------------------------------
|
| Setting this value to true will tie the cookie to the top-level site for
| a cross-site context. Partitioned cookies are accepted by the browser
| when flagged "secure" and the Same-Site attribute is set to "none".
|
*/
'partitioned' => env('SESSION_PARTITIONED_COOKIE', false),
];

View file

@ -0,0 +1,44 @@
<?php
namespace Database\Factories;
use Illuminate\Database\Eloquent\Factories\Factory;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Str;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory<\App\Models\User>
*/
class UserFactory extends Factory
{
/**
* The current password being used by the factory.
*/
protected static ?string $password;
/**
* Define the model's default state.
*
* @return array<string, mixed>
*/
public function definition(): array
{
return [
'name' => fake()->name(),
'email' => fake()->unique()->safeEmail(),
'email_verified_at' => now(),
'password' => static::$password ??= Hash::make('password'),
'remember_token' => Str::random(10),
];
}
/**
* Indicate that the model's email address should be unverified.
*/
public function unverified(): static
{
return $this->state(fn (array $attributes) => [
'email_verified_at' => null,
]);
}
}

View file

@ -0,0 +1,49 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('users', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('email')->unique();
$table->timestamp('email_verified_at')->nullable();
$table->string('password');
$table->rememberToken();
$table->timestamps();
});
Schema::create('password_reset_tokens', function (Blueprint $table) {
$table->string('email')->primary();
$table->string('token');
$table->timestamp('created_at')->nullable();
});
Schema::create('sessions', function (Blueprint $table) {
$table->string('id')->primary();
$table->foreignId('user_id')->nullable()->index();
$table->string('ip_address', 45)->nullable();
$table->text('user_agent')->nullable();
$table->longText('payload');
$table->integer('last_activity')->index();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('users');
Schema::dropIfExists('password_reset_tokens');
Schema::dropIfExists('sessions');
}
};

View file

@ -0,0 +1,35 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('cache', function (Blueprint $table) {
$table->string('key')->primary();
$table->mediumText('value');
$table->integer('expiration');
});
Schema::create('cache_locks', function (Blueprint $table) {
$table->string('key')->primary();
$table->string('owner');
$table->integer('expiration');
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('cache');
Schema::dropIfExists('cache_locks');
}
};

View file

@ -0,0 +1,57 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('jobs', function (Blueprint $table) {
$table->id();
$table->string('queue')->index();
$table->longText('payload');
$table->unsignedTinyInteger('attempts');
$table->unsignedInteger('reserved_at')->nullable();
$table->unsignedInteger('available_at');
$table->unsignedInteger('created_at');
});
Schema::create('job_batches', function (Blueprint $table) {
$table->string('id')->primary();
$table->string('name');
$table->integer('total_jobs');
$table->integer('pending_jobs');
$table->integer('failed_jobs');
$table->longText('failed_job_ids');
$table->mediumText('options')->nullable();
$table->integer('cancelled_at')->nullable();
$table->integer('created_at');
$table->integer('finished_at')->nullable();
});
Schema::create('failed_jobs', function (Blueprint $table) {
$table->id();
$table->string('uuid')->unique();
$table->text('connection');
$table->text('queue');
$table->longText('payload');
$table->longText('exception');
$table->timestamp('failed_at')->useCurrent();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('jobs');
Schema::dropIfExists('job_batches');
Schema::dropIfExists('failed_jobs');
}
};

View file

@ -0,0 +1,23 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up(): void
{
Schema::table('users', function (Blueprint $table) {
$table->string('username')->unique()->after('id');
$table->string('status')->default('inactive')->after('password');
});
}
public function down(): void
{
Schema::table('users', function (Blueprint $table) {
$table->dropColumn(['username', 'status']);
});
}
};

View file

@ -0,0 +1,25 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
public function up()
{
Schema::create('api_providers', function (Blueprint $table) {
$table->string('provider_id')->primary();
$table->string('name');
$table->string('api_key');
$table->string('endpoint');
$table->boolean('active')->default(false);
$table->timestamps();
});
}
public function down()
{
Schema::dropIfExists('api_providers');
}
};

View file

@ -0,0 +1,27 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('roles', function (Blueprint $table) {
$table->id();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('roles');
}
};

View file

@ -0,0 +1,33 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('personal_access_tokens', function (Blueprint $table) {
$table->id();
$table->morphs('tokenable');
$table->string('name');
$table->string('token', 64)->unique();
$table->text('abilities')->nullable();
$table->timestamp('last_used_at')->nullable();
$table->timestamp('expires_at')->nullable();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('personal_access_tokens');
}
};

View file

@ -0,0 +1,33 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('personal_access_tokens', function (Blueprint $table) {
$table->id();
$table->morphs('tokenable');
$table->string('name');
$table->string('token', 64)->unique();
$table->text('abilities')->nullable();
$table->timestamp('last_used_at')->nullable();
$table->timestamp('expires_at')->nullable();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('personal_access_tokens');
}
};

View file

@ -0,0 +1,23 @@
<?php
namespace Database\Seeders;
use App\Models\User;
// use Illuminate\Database\Console\Seeds\WithoutModelEvents;
use Illuminate\Database\Seeder;
class DatabaseSeeder extends Seeder
{
/**
* Seed the application's database.
*/
public function run(): void
{
// User::factory(10)->create();
User::factory()->create([
'name' => 'Test User',
'email' => 'test@example.com',
]);
}
}

441
docs/api/README.md Normal file
View file

@ -0,0 +1,441 @@
# 項目 API 文件
## 目錄
1. [概述](#概述)
2. [認證](#認證)
3. [API 群組](#api-群組)
- [前端 API](#前端-api)
- [管理員 API](#管理員-api)
4. [端點](#端點)
- [前端 API 端點](#前端-api-端點)
- [1. 用戶註冊](#1-用戶註冊)
- [2. 發送提示](#2-發送提示)
- [管理員 API 端點](#管理員-api-端點)
- [1. 用戶管理](#1-用戶管理)
- [a. 列出用戶](#a-列出用戶)
- [b. 啟用用戶](#b-啟用用戶)
- [c. 停用用戶](#c-停用用戶)
- [2. API 提供者管理](#2-api-提供者管理)
- [a. 列出 API 提供者](#a-列出-api-提供者)
- [b. 添加 API 提供者](#b-添加-api-提供者)
- [c. 移除 API 提供者](#c-移除-api-提供者)
- [d. 選擇活躍的 API 提供者](#d-選擇活躍的-api-提供者)
5. [錯誤處理](#錯誤處理)
6. [安全性考量](#安全性考量)
7. [可擴展性](#可擴展性)
---
## 概述
本 API 旨在促進前端與後端系統之間的互動,包括用戶註冊、通過 AI 提供者處理提示以及管理用戶和 API 提供者的管理功能。後端基於 Laravel 構建,確保結構化和安全的框架。
## 認證
- **方法**: JSON Web Tokens (JWT)
- **流程**:
- 用戶通過登錄進行認證,獲取 JWT。
- 管理員單獨認證,也會獲取具有高級權限的 JWT。
- **使用方式**:
- 在所有受保護的端點中包含 JWT 在 `Authorization` 標頭中。
- 範例: `Authorization: Bearer <token>`
## API 群組
### 前端 API
設計用於終端用戶的互動,包括用戶註冊、認證和向 AI 提供者發送提示。
### 管理員 API
設計用於管理任務,如管理用戶帳戶和配置 AI API 提供者。
## 端點
### 前端 API 端點
#### 1. 用戶註冊
- **端點**: `/api/frontend/register`
- **方法**: `POST`
- **描述**: 註冊一個新用戶帳戶,初始狀態為「未激活」。
- **參數**:
- **請求體**:
- `username` (字串, 必填)
- `email` (字串, 必填, 有效的電子郵件格式)
- `password` (字串, 必填, 最少 8 個字符)
- **請求範例**:
```json
{
"username": "john_doe",
"email": "john@example.com",
"password": "SecurePass123"
}
```
- **回應**:
- **201 已創建**:
```json
{
"message": "用戶註冊成功。等待激活。",
"user_id": "12345"
}
```
- **400 錯誤的請求**:
```json
{
"error": "驗證失敗。",
"details": {
"email": "電子郵件地址格式不正確。"
}
}
```
#### 2. 發送提示
- **端點**: `/api/frontend/send-prompt`
- **方法**: `POST`
- **描述**: 通過中間件向選定的 AI 提供者發送用戶提示,並返回 AI 的回應。
- **認證**: 必需(用戶 JWT
- **參數**:
- **請求體**:
- `prompt` (字串, 必填)
- **請求範例**:
```json
{
"prompt": "解釋相對論理論。"
}
```
- **回應**:
- **200 成功**:
```json
{
"response": "相對論理論包括阿爾伯特·愛因斯坦的兩個相互關聯的理論:狹義相對論和廣義相對論..."
}
```
- **400 錯誤的請求**:
```json
{
"error": "提示內容不能為空。"
}
```
- **500 內部伺服器錯誤**:
```json
{
"error": "處理提示失敗。請稍後再試。"
}
```
### 管理員 API 端點
#### 1. 用戶管理
##### a. 列出用戶
- **端點**: `/api/admin/users`
- **方法**: `GET`
- **描述**: 獲取所有註冊用戶的列表。
- **認證**: 必需(管理員 JWT
- **參數**:
- **查詢參數**:
- `status` (字串, 選填, 根據用戶狀態篩選active/inactive)
- `page` (整數, 選填, 分頁)
- `per_page` (整數, 選填, 每頁項目數)
- **請求範例**:
```
GET /api/admin/users?status=active&page=1&per_page=20
```
- **回應**:
- **200 成功**:
```json
{
"current_page": 1,
"per_page": 20,
"total": 100,
"data": [
{
"user_id": "12345",
"username": "john_doe",
"email": "john@example.com",
"status": "active",
"registered_at": "2024-04-01T12:34:56Z"
}
// 更多用戶...
]
}
```
##### b. 啟用用戶
- **端點**: `/api/admin/users/{user_id}/activate`
- **方法**: `POST`
- **描述**: 啟用用戶帳戶。
- **認證**: 必需(管理員 JWT
- **參數**:
- **路徑參數**:
- `user_id` (字串, 必填)
- **請求範例**:
```
POST /api/admin/users/12345/activate
```
- **回應**:
- **200 成功**:
```json
{
"message": "用戶帳戶已成功啟用。"
}
```
- **404 未找到**:
```json
{
"error": "未找到用戶。"
}
```
##### c. 停用用戶
- **端點**: `/api/admin/users/{user_id}/deactivate`
- **方法**: `POST`
- **描述**: 停用用戶帳戶。
- **認證**: 必需(管理員 JWT
- **參數**:
- **路徑參數**:
- `user_id` (字串, 必填)
- **請求範例**:
```
POST /api/admin/users/12345/deactivate
```
- **回應**:
- **200 成功**:
```json
{
"message": "用戶帳戶已成功停用。"
}
```
- **404 未找到**:
```json
{
"error": "未找到用戶。"
}
```
#### 2. API 提供者管理
##### a. 列出 API 提供者
- **端點**: `/api/admin/api-providers`
- **方法**: `GET`
- **描述**: 獲取所有已配置的 AI API 提供者列表。
- **認證**: 必需(管理員 JWT
- **參數**:
- **查詢參數**:
- `active` (布林值, 選填, 根據活躍狀態篩選)
- **請求範例**:
```
GET /api/admin/api-providers?active=true
```
- **回應**:
- **200 成功**:
```json
{
"data": [
{
"provider_id": "openai",
"name": "OpenAI",
"active": true,
"config": {
"api_key": "sk-********",
"endpoint": "https://api.openai.com/v1/"
}
}
// 更多提供者...
]
}
```
##### b. 添加 API 提供者
- **端點**: `/api/admin/api-providers`
- **方法**: `POST`
- **描述**: 向系統中添加一個新的 AI API 提供者。
- **認證**: 必需(管理員 JWT
- **參數**:
- **請求體**:
- `provider_id` (字串, 必填, 唯一標識)
- `name` (字串, 必填)
- `api_key` (字串, 必填)
- `endpoint` (字串, 必填, 有效的 URL)
- **請求範例**:
```json
{
"provider_id": "newai",
"name": "新 AI 提供者",
"api_key": "new-api-key-12345",
"endpoint": "https://api.newai.com/v1/"
}
```
- **回應**:
- **201 已創建**:
```json
{
"message": "API 提供者已成功添加。",
"provider_id": "newai"
}
```
- **400 錯誤的請求**:
```json
{
"error": "驗證失敗。",
"details": {
"provider_id": "provider_id 已被使用。"
}
}
```
##### c. 移除 API 提供者
- **端點**: `/api/admin/api-providers/{provider_id}`
- **方法**: `DELETE`
- **描述**: 從系統中移除一個現有的 AI API 提供者。
- **認證**: 必需(管理員 JWT
- **參數**:
- **路徑參數**:
- `provider_id` (字串, 必填)
- **請求範例**:
```
DELETE /api/admin/api-providers/newai
```
- **回應**:
- **200 成功**:
```json
{
"message": "API 提供者已成功移除。"
}
```
- **404 未找到**:
```json
{
"error": "未找到 API 提供者。"
}
```
##### d. 選擇活躍的 API 提供者
- **端點**: `/api/admin/api-providers/{provider_id}/activate`
- **方法**: `POST`
- **描述**: 設定指定的 API 提供者為處理提示的活躍提供者。
- **認證**: 必需(管理員 JWT
- **參數**:
- **路徑參數**:
- `provider_id` (字串, 必填)
- **請求範例**:
```
POST /api/admin/api-providers/openai/activate
```
- **回應**:
- **200 成功**:
```json
{
"message": "API 提供者 'OpenAI' 現已成為活躍狀態。"
}
```
- **404 未找到**:
```json
{
"error": "未找到 API 提供者。"
}
```
### 前端 API 認證端點
*如果需要用戶登錄,應包括額外的端點。*
#### 3. 用戶登錄
- **端點**: `/api/frontend/login`
- **方法**: `POST`
- **描述**: 認證用戶並返回 JWT。
- **參數**:
- **請求體**:
- `email` (字串, 必填)
- `password` (字串, 必填)
- **請求範例**:
```json
{
"email": "john@example.com",
"password": "SecurePass123"
}
```
- **回應**:
- **200 成功**:
```json
{
"token": "jwt-token-string",
"expires_in": 3600
}
```
- **401 未授權**:
```json
{
"error": "無效的憑證或帳戶未激活。"
}
```
## 錯誤處理
所有錯誤回應遵循一致的結構,便於客戶端進行調試和處理。
- **格式**:
```json
{
"error": "詳細說明錯誤的消息。"
}
```

17
package.json Normal file
View file

@ -0,0 +1,17 @@
{
"private": true,
"type": "module",
"scripts": {
"build": "vite build",
"dev": "vite"
},
"devDependencies": {
"autoprefixer": "^10.4.20",
"axios": "^1.7.4",
"concurrently": "^9.0.1",
"laravel-vite-plugin": "^1.0",
"postcss": "^8.4.47",
"tailwindcss": "^3.4.13",
"vite": "^5.0"
}
}

33
phpunit.xml Normal file
View file

@ -0,0 +1,33 @@
<?xml version="1.0" encoding="UTF-8"?>
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="vendor/phpunit/phpunit/phpunit.xsd"
bootstrap="vendor/autoload.php"
colors="true"
>
<testsuites>
<testsuite name="Unit">
<directory>tests/Unit</directory>
</testsuite>
<testsuite name="Feature">
<directory>tests/Feature</directory>
</testsuite>
</testsuites>
<source>
<include>
<directory>app</directory>
</include>
</source>
<php>
<env name="APP_ENV" value="testing"/>
<env name="APP_MAINTENANCE_DRIVER" value="file"/>
<env name="BCRYPT_ROUNDS" value="4"/>
<env name="CACHE_STORE" value="array"/>
<!-- <env name="DB_CONNECTION" value="sqlite"/> -->
<!-- <env name="DB_DATABASE" value=":memory:"/> -->
<env name="MAIL_MAILER" value="array"/>
<env name="PULSE_ENABLED" value="false"/>
<env name="QUEUE_CONNECTION" value="sync"/>
<env name="SESSION_DRIVER" value="array"/>
<env name="TELESCOPE_ENABLED" value="false"/>
</php>
</phpunit>

6
postcss.config.js Normal file
View file

@ -0,0 +1,6 @@
export default {
plugins: {
tailwindcss: {},
autoprefixer: {},
},
};

21
public/.htaccess Normal file
View file

@ -0,0 +1,21 @@
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Send Requests To Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>

17
public/index.php Normal file
View file

@ -0,0 +1,17 @@
<?php
use Illuminate\Http\Request;
define('LARAVEL_START', microtime(true));
// Determine if the application is in maintenance mode...
if (file_exists($maintenance = __DIR__.'/../storage/framework/maintenance.php')) {
require $maintenance;
}
// Register the Composer autoloader...
require __DIR__.'/../vendor/autoload.php';
// Bootstrap Laravel and handle the request...
(require_once __DIR__.'/../bootstrap/app.php')
->handleRequest(Request::capture());

2
public/robots.txt Normal file
View file

@ -0,0 +1,2 @@
User-agent: *
Disallow:

3
resources/css/app.css Normal file
View file

@ -0,0 +1,3 @@
@tailwind base;
@tailwind components;
@tailwind utilities;

32
resources/js/app.js Normal file
View file

@ -0,0 +1,32 @@
import './bootstrap';
function sendPrompt(prompt) {
return $.ajax({
url: '/api/prompt',
method: 'POST',
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content'),
'Accept': 'application/json'
},
data: {
prompt: prompt
}
});
}
// Example usage
$('#prompt-form').on('submit', function(e) {
e.preventDefault();
const prompt = $('#prompt-input').val();
sendPrompt(prompt)
.then(response => {
if (response.success) {
$('#response-container').text(response.response);
}
})
.catch(error => {
console.error('Error:', error);
alert('An error occurred while processing your prompt');
});
});

4
resources/js/bootstrap.js vendored Normal file
View file

@ -0,0 +1,4 @@
import axios from 'axios';
window.axios = axios;
window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';

File diff suppressed because one or more lines are too long

52
routes/api.php Normal file
View file

@ -0,0 +1,52 @@
<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\Api\PromptController;
use App\Http\Controllers\Api\Admin\ApiConfigController;
use App\Http\Controllers\Api\Frontend\LoginController;
use App\Http\Controllers\Api\Frontend\RegisterController;
/*
|--------------------------------------------------------------------------
| API Routes
|--------------------------------------------------------------------------
|
| Here is where you can register API routes for your application. These
| routes are loaded by the RouteServiceProvider and all of them will
| be assigned to the "api" middleware group.
|
*/
Route::middleware(['auth:sanctum', 'rate.limit.prompts'])->group(function () {
Route::post('/prompt', [PromptController::class, 'process']);
});
// API 路由群組
Route::prefix('v1')->group(function () {
// 管理員 API 路由
Route::prefix('admin')
->middleware(['auth:sanctum', 'check.role:admin'])
->group(function () {
// API 提供者管理
Route::prefix('providers')->group(function () {
Route::get('/', [ApiConfigController::class, 'index']);
Route::post('/', [ApiConfigController::class, 'store']);
Route::delete('/{provider_id}', [ApiConfigController::class, 'destroy']);
Route::post('/{provider_id}/activate', [ApiConfigController::class, 'activate']);
});
});
});
// 前端 API 路由
Route::prefix('frontend')->group(function () {
// 公開路由
Route::post('/login', [LoginController::class, 'login']);
Route::post('/register', [RegisterController::class, 'register']);
// 需要認證的路由
Route::middleware(['auth:sanctum', 'check.status'])->group(function () {
Route::post('/logout', [LoginController::class, 'logout']);
Route::post('/send-prompt', [PromptController::class, 'sendPrompt'])
->middleware('throttle:prompts');
});
});

8
routes/console.php Normal file
View file

@ -0,0 +1,8 @@
<?php
use Illuminate\Foundation\Inspiring;
use Illuminate\Support\Facades\Artisan;
Artisan::command('inspire', function () {
$this->comment(Inspiring::quote());
})->purpose('Display an inspiring quote')->hourly();

7
routes/web.php Normal file
View file

@ -0,0 +1,7 @@
<?php
use Illuminate\Support\Facades\Route;
Route::get('/', function () {
return view('welcome');
});

20
tailwind.config.js Normal file
View file

@ -0,0 +1,20 @@
import defaultTheme from 'tailwindcss/defaultTheme';
/** @type {import('tailwindcss').Config} */
export default {
content: [
'./vendor/laravel/framework/src/Illuminate/Pagination/resources/views/*.blade.php',
'./storage/framework/views/*.php',
'./resources/**/*.blade.php',
'./resources/**/*.js',
'./resources/**/*.vue',
],
theme: {
extend: {
fontFamily: {
sans: ['Figtree', ...defaultTheme.fontFamily.sans],
},
},
},
plugins: [],
};

View file

@ -0,0 +1,19 @@
<?php
namespace Tests\Feature;
// use Illuminate\Foundation\Testing\RefreshDatabase;
use Tests\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic test example.
*/
public function test_the_application_returns_a_successful_response(): void
{
$response = $this->get('/');
$response->assertStatus(200);
}
}

10
tests/TestCase.php Normal file
View file

@ -0,0 +1,10 @@
<?php
namespace Tests;
use Illuminate\Foundation\Testing\TestCase as BaseTestCase;
abstract class TestCase extends BaseTestCase
{
//
}

View file

@ -0,0 +1,16 @@
<?php
namespace Tests\Unit;
use PHPUnit\Framework\TestCase;
class ExampleTest extends TestCase
{
/**
* A basic test example.
*/
public function test_that_true_is_true(): void
{
$this->assertTrue(true);
}
}

11
vite.config.js Normal file
View file

@ -0,0 +1,11 @@
import { defineConfig } from 'vite';
import laravel from 'laravel-vite-plugin';
export default defineConfig({
plugins: [
laravel({
input: ['resources/css/app.css', 'resources/js/app.js'],
refresh: true,
}),
],
});