group(function () { Route::post('/login', [AuthController::class, 'login']); Route::post('/signup', [AuthController::class, 'signUp']); Route::post('/verify-otp', [AuthController::class, 'verifyOtp']); Route::post('/resend-otp', [AuthController::class, 'resendOtp']); Route::post('/forgot-password', [AuthController::class, 'forgotPassword']); }); // Mock WANI router for local testing Route::get('/mock-router/redirect_url', [MockRouterController::class, 'redirectUrl']); Route::get('/mock-router/payment', [MockRouterController::class, 'paymentPage']); // Trigger WANI registry sync via URL (protected by secret key) Route::get('/admin/wani-sync', function (Request $request) { if ($request->query('key') !== 'pmwani2026sync') { return response()->json(['message' => 'Unauthorized'], 401); } \Illuminate\Support\Facades\Artisan::call('wani:sync'); return response()->json([ 'status' => true, 'message' => 'Sync complete', 'output' => \Illuminate\Support\Facades\Artisan::output(), ]); }); // PM-WANI Token Exchange (called by PDO Captive Portal) Route::post('/wani/authenticate', [WaniAuthController::class, 'authenticate']); Route::get('/wani/verify-profile-token', [WaniAuthController::class, 'verifyProfileToken']); Route::get('/wani/public-key', [WaniAuthController::class, 'publicKey']); // Partner APIs (rate limited: 30 requests/min per IP) Route::middleware('throttle:30,1')->group(function () { Route::post('/verify-token', [WaniAuthController::class, 'verifyToken']); Route::post('/partner/login-with-token', [WaniAuthController::class, 'partnerLogin']); }); // Public provider discovery (no auth required) Route::get('/providers', [ProviderController::class, 'index']); Route::get('/nearby-providers', [ProviderController::class, 'nearby']); Route::get('/providers/search', [ProviderController::class, 'search']); Route::get('/providers/lookup', [ProviderController::class, 'lookup']); // Protected routes Route::middleware('auth.token')->group(function () { // Profile Route::get('/profile', [ProfileController::class, 'show']); Route::post('/profile/update', [ProfileController::class, 'update']); Route::post('/profile/image', [ProfileController::class, 'uploadImage']); Route::post('/change-password', [AuthController::class, 'changePassword']); Route::post('/logout', [AuthController::class, 'logout']); Route::post('/complete-profile', [ProfileController::class, 'complete']); // Home Route::get('/home', [HomeController::class, 'accountDetails']); // Referral Route::get('/referral/stats', [AuthController::class, 'referralStats']); // Routers Route::get('/routers/nearby', [RouterController::class, 'nearby']); Route::get('/routers/list', [RouterController::class, 'index']); // Internet Plans Route::get('/internet-plans', [InternetPlanController::class, 'index']); Route::get('/checkout-details', [CheckoutController::class, 'show']); // Payments Route::post('/payment/initial', [PaymentController::class, 'initial']); Route::post('/payment/verify', [PaymentController::class, 'verify']); Route::post('/payment/petals/verify', [PaymentController::class, 'petalsVerify']); // Petals Route::get('/petals/plans', [PetalsPlanController::class, 'index']); Route::get('/petals/balance', [PetalsTransactionController::class, 'balance']); Route::get('/petals/history', [PetalsTransactionController::class, 'history']); Route::post('/petals/add', [PetalsTransactionController::class, 'add']); Route::post('/petals/buy', [PetalsTransactionController::class, 'buy']); Route::post('/petals/gift', [PetalsTransactionController::class, 'gift']); // Sessions Route::get('/wifi-sessions', [WifiSessionController::class, 'index']); // Transaction History Route::get('/transaction-history', [TransactionHistoryController::class, 'index']); // Notifications Route::get('/notifications', [NotificationController::class, 'index']); Route::get('/notification/readall', [NotificationController::class, 'readAll']); // Banners Route::get('/getBanner', [BannerController::class, 'index']); // Challenges Route::get('/challenge', [ChallengeController::class, 'index']); // Surveys Route::get('/surveys', [SurveyController::class, 'index']); Route::post('/surveys/{id}/submit', [SurveyController::class, 'submit']); }); /* |-------------------------------------------------------------------------- | PM-WANI XML API (v1) — Phase 1: infrastructure only |-------------------------------------------------------------------------- | Separate from JSON API. Mobile app is unaffected. | All routes here return application/xml. */ Route::prefix('wani/v1')->middleware('parse.xml')->group(function () { Route::get('/ping', function () { return XmlResponder::make( ['Status' => 'OK', 'Version' => 'v1', 'Timestamp' => now()->toIso8601String()], 'Pong' ); }); // Phase 2: Central Registry — PDOA list Route::middleware('throttle:60,1')->group(function () { Route::get('/registry/pdoa-list', [RegistryController::class, 'pdoaList']); }); // Phase 3: Hotspot Discovery — nearby hotspots XML Route::middleware('throttle:60,1')->group(function () { Route::get('/hotspots', [HotspotController::class, 'nearby']); }); // Phase 4: Auth Flow — token issue + validate (PM-WANI spec, random opaque tokens) Route::middleware('throttle:10,1')->group(function () { Route::post('/auth/initiate', [WaniXmlAuthController::class, 'initiate']); Route::post('/auth/validate', [WaniXmlAuthController::class, 'validateToken']); }); });