bert.hausmans/event-uploader
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
bert.hausmans
2026-02-03 10:38:46 +01:00
commit eb304f4b14
144 changed files with 22605 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
.gitignore vendored Normal file
View File

@@ -0,0 +1,40 @@
# Environment and secrets
.env
.env.local
.env.*.local
# OS
.DS_Store
Thumbs.db
# Dependencies
node_modules/
vendor/
# Build outputs
dist/
dist-ssr/
public/build
public/hot
# IDE
.idea/
.vscode/*
!.vscode/extensions.json
*.suo
*.ntvs*
*.njsproj
*.sln
*.sw?
# Logs and cache
*.log
npm-debug.log*
.phpunit.result.cache
.phpunit.cache
# Laravel / API specific
api/storage/*.key
api/storage/pail
api/public/storage
api/auth.json

222
README.md Normal file
View File

@@ -0,0 +1,222 @@
# Event Video Upload Application
Web application for event organizers to collect video uploads from attendees. Admins create events with shareable URLs; attendees upload videos to Google Drive folders per event.
## Stack
- **Backend**: Laravel 12 (PHP 8.3+), MySQL 8.0+, Sanctum, Google Drive API v3, Queue (database)
- **Admin**: Vue 3 + TypeScript + Vite + Bootstrap 5
- **Upload**: Vue 3 + TypeScript + Vite + Tailwind CSS + Uppy
## Getting Started
1. **Clone and install**
- Backend: `cd api && composer install`
- Admin: `cd admin && npm install`
- Upload: `cd upload && npm install`
2. **Configure**
- Copy `api/.env.example` to `api/.env`
- Set MySQL (`DB_*`), `SANCTUM_STATEFUL_DOMAINS=localhost:5173,localhost:5174`, `SESSION_DOMAIN=localhost`
- Set Google OAuth: `GOOGLE_CLIENT_ID`, `GOOGLE_CLIENT_SECRET`, `GOOGLE_REDIRECT_URI`
- Run `php artisan key:generate` in `api/`
3. **Database**
- Create MySQL database (e.g. `event_uploader`)
- In `api/`: `php artisan migrate`
4. **Admin user**
- `cd api && php artisan make:admin --email=admin@example.com --password=secret`
5. **Run** (requires 4 separate terminal windows)
- API: `cd api && php artisan serve`
- **Queue Worker** (REQUIRED for uploads): `cd api && php artisan queue:work`
- Admin: `cd admin && npm run dev` (port 5173)
- Upload: `cd upload && npm run dev` (port 5174)
⚠️ **Important**: The queue worker MUST be running for file uploads to process to Google Drive. Without it, uploads will stay in "pending" status.
6. **Use**
- Open http://localhost:5173, log in, connect Google Drive, create an event, copy the upload URL
- Share the upload URL (http://localhost:5174/events/{slug}); attendees upload there
## MySQL: Docker vs Homebrew
| | **Docker** | **Homebrew** |
|---|---|---|
| **Setup** | Requires Docker Desktop. One `docker run` or `docker compose up`. | `brew install mysql` and create DB. |
| **Best for** | Same MySQL version everywhere; no system install; easy reset. | Quick local use; no Docker needed. |
| **Reset** | `docker compose down -v` for a clean DB. | Manual drop/recreate or reinstall. |
**Recommendation:** Use **Docker** if you already have it or want a reproducible setup; use **Homebrew** if you prefer a single local MySQL and no containers.
---
## Option A: MySQL with Docker
A `docker-compose.yml` in the project root runs only MySQL (API and frontends run on your machine).
1. **Start MySQL** (from project root):
```bash
docker compose up -d
```
Wait for the healthcheck (a few seconds), then continue.
2. **Configure the API** (`api/.env`):
```env
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=event_uploader
DB_USERNAME=root
DB_PASSWORD=secret
APP_URL=http://localhost:8000
SESSION_DOMAIN=localhost
SANCTUM_STATEFUL_DOMAINS=localhost:5173,localhost:5174
```
3. **Then:** `cd api && php artisan migrate && php artisan make:admin --email=admin@test.com --password=secret`, and run API, queue, admin, and upload (see step 4 in Option B).
**Stop:** `docker compose down`
**Stop and wipe DB:** `docker compose down -v`
---
## Option B: MySQL with Homebrew (macOS)
1. **Install MySQL** (if needed):
```bash
brew install mysql
brew services start mysql
```
Or run once: `mysql.server start`.
2. **Create the database and user** (optional; root with no password works for local):
```bash
mysql -u root -e "CREATE DATABASE IF NOT EXISTS event_uploader;"
```
If MySQL has a root password, use `-p` and enter it.
3. **Configure the API** (`api/.env`):
```env
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=event_uploader
DB_USERNAME=root
DB_PASSWORD=
APP_URL=http://localhost:8000
SESSION_DOMAIN=localhost
SANCTUM_STATEFUL_DOMAINS=localhost:5173,localhost:5174
```
Set `DB_PASSWORD` if your MySQL user has a password.
4. **Bootstrap and run** (from project root):
```bash
cd api && composer install && php artisan key:generate && php artisan migrate
php artisan make:admin --email=admin@test.com --password=secret
php artisan serve &
php artisan queue:work &
cd ../admin && npm install && npm run dev &
cd ../upload && npm install && npm run dev
```
Or run each in a separate terminal: API (port 8000), queue worker, admin (5173), upload (5174).
5. **Test the flow**:
- Open http://localhost:5173, log in as `admin@test.com` / `secret`.
- Create an event (Google Drive can be skipped at first; you can set it up later).
- Copy the upload URL and open it in another tab (e.g. http://localhost:5174/events/your-slug).
- Upload a small test file; the queue worker will process it (Google Drive upload will fail until OAuth is configured).
**Tip:** Keep the queue worker running in a dedicated terminal so uploads are processed. Without it, files stay in "pending" until the job runs.
## Start everything (one command)
From the project root:
```bash
./start.sh
```
Starts API (8000), queue worker, admin (5173), and upload (5174). Press **Ctrl+C** to stop all.
If you use Docker for MySQL:
```bash
./start.sh --with-docker
```
(Starts `docker compose up -d` first, then the four apps.)
**First time:** run `chmod +x start.sh` if the script is not executable.
## Development Commands
```bash
# Backend
cd api && composer install && php artisan migrate && php artisan serve
# Admin
cd admin && npm install && npm run dev
# Upload
cd upload && npm install && npm run dev
# Queue
cd api && php artisan queue:work
# Create admin
cd api && php artisan make:admin --email=admin@example.com --password=secret
# Tests
cd api && ./vendor/bin/pest
```
## Pushing to Gitea
This repo pushes to Gitea (1Password SSH key). One-time setup:
1. Run from project root: `./scripts/setup-gitea-ssh.sh` (creates `~/.ssh/gitea-1password-only`).
2. In 1Password: **Settings → Developer** → enable **Use the SSH agent**.
Then you can push from Cursor or run `./gitea-push.sh`. For commit signing and first-push tips, see [GITEA-SETUP.md](GITEA-SETUP.md).
## Project Structure
- `api/` Laravel API (auth, events, Google Drive, public upload)
- `admin/` Vue 3 admin SPA (events, uploads, Google Drive)
- `upload/` Vue 3 public upload SPA (event page, password gate, Uppy)
## Troubleshooting
### Uploads stuck in "pending" status
**Problem**: Files upload successfully but stay in "pending" status and never appear in Google Drive.
**Solution**: The queue worker is not running. Start it with:
```bash
cd api && php artisan queue:work
```
You can verify the queue worker is processing jobs by checking the logs or running:
```bash
cd api && php artisan queue:failed # Check for failed jobs
```
### 419 Page Expired error on upload
**Problem**: Getting a 419 error when uploading files from the public upload page.
**Solution**: This was fixed by excluding public upload endpoints from CSRF verification. Make sure your `api/bootstrap/app.php` includes the CSRF exception configuration.
### Google Drive callback fails with "Route [login] not defined"
**Problem**: After authorizing Google Drive, you get redirected to an error page.
**Solution**: This was fixed by moving the Google Drive callback route outside the `auth:sanctum` middleware group and using `web` middleware instead. The callback now handles authentication internally.
### No folders appear when selecting a Shared Drive
**Problem**: When you click on a Shared Drive, you see all folders from all drives instead of just that drive's folders.
**Solution**: This was fixed by updating the Google Drive API query to use `'{$driveId}' in parents` when listing root folders of a Shared Drive.

3
admin/.env.example Normal file
View File

@@ -0,0 +1,3 @@
VITE_API_URL=http://localhost:8000
VITE_APP_NAME="Event Video Uploader - Admin"
VITE_UPLOAD_APP_URL=http://localhost:5174

24
admin/.gitignore vendored Normal file
View File

@@ -0,0 +1,24 @@
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
lerna-debug.log*
node_modules
dist
dist-ssr
*.local
# Editor directories and files
.vscode/*
!.vscode/extensions.json
.idea
.DS_Store
*.suo
*.ntvs*
*.njsproj
*.sln
*.sw?

3
admin/.vscode/extensions.json vendored Normal file
View File

@@ -0,0 +1,3 @@
{
"recommendations": ["Vue.volar"]
}

5
admin/README.md Normal file
View File

@@ -0,0 +1,5 @@
# Vue 3 + TypeScript + Vite
This template should help get you started developing with Vue 3 and TypeScript in Vite. The template uses Vue 3 `<script setup>` SFCs, check out the [script setup docs](https://v3.vuejs.org/api/sfc-script-setup.html#sfc-script-setup) to learn more.
Learn more about the recommended Project Setup and IDE Support in the [Vue Docs TypeScript Guide](https://vuejs.org/guide/typescript/overview.html#project-setup).

16
admin/index.html Normal file
View File

@@ -0,0 +1,16 @@
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<link rel="icon" type="image/svg+xml" href="/vite.svg" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<link rel="preconnect" href="https://fonts.googleapis.com" />
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
<link href="https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@400;500;600;700&display=swap" rel="stylesheet" />
<title>Event Video Uploader Admin</title>
</head>
<body>
<div id="app"></div>
<script type="module" src="/src/main.ts"></script>
</body>
</html>

2403
admin/package-lock.json generated Normal file
View File

File diff suppressed because it is too large Load Diff

29
admin/package.json Normal file
View File

@@ -0,0 +1,29 @@
{
"name": "admin",
"private": true,
"version": "0.0.0",
"type": "module",
"scripts": {
"dev": "vite",
"build": "vue-tsc -b && vite build",
"preview": "vite preview"
},
"dependencies": {
"@vee-validate/zod": "^4.15.1",
"axios": "^1.13.4",
"bootstrap": "^5.3.8",
"pinia": "^3.0.4",
"vee-validate": "^4.15.1",
"vue": "^3.5.24",
"vue-router": "^5.0.2",
"zod": "^3.25.76"
},
"devDependencies": {
"@types/node": "^24.10.1",
"@vitejs/plugin-vue": "^6.0.1",
"@vue/tsconfig": "^0.8.1",
"typescript": "~5.9.3",
"vite": "^7.2.4",
"vue-tsc": "^3.1.4"
}
}

1
admin/public/vite.svg Normal file
View File

@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true" role="img" class="iconify iconify--logos" width="31.88" height="32" preserveAspectRatio="xMidYMid meet" viewBox="0 0 256 257"><defs><linearGradient id="IconifyId1813088fe1fbc01fb466" x1="-.828%" x2="57.636%" y1="7.652%" y2="78.411%"><stop offset="0%" stop-color="#41D1FF"></stop><stop offset="100%" stop-color="#BD34FE"></stop></linearGradient><linearGradient id="IconifyId1813088fe1fbc01fb467" x1="43.376%" x2="50.316%" y1="2.242%" y2="89.03%"><stop offset="0%" stop-color="#FFEA83"></stop><stop offset="8.333%" stop-color="#FFDD35"></stop><stop offset="100%" stop-color="#FFA800"></stop></linearGradient></defs><path fill="url(#IconifyId1813088fe1fbc01fb466)" d="M255.153 37.938L134.897 252.976c-2.483 4.44-8.862 4.466-11.382.048L.875 37.958c-2.746-4.814 1.371-10.646 6.827-9.67l120.385 21.517a6.537 6.537 0 0 0 2.322-.004l117.867-21.483c5.438-.991 9.574 4.796 6.877 9.62Z"></path><path fill="url(#IconifyId1813088fe1fbc01fb467)" d="M185.432.063L96.44 17.501a3.268 3.268 0 0 0-2.634 3.014l-5.474 92.456a3.268 3.268 0 0 0 3.997 3.378l24.777-5.718c2.318-.535 4.413 1.507 3.936 3.838l-7.361 36.047c-.495 2.426 1.782 4.5 4.151 3.78l15.304-4.649c2.372-.72 4.652 1.36 4.15 3.788l-11.698 56.621c-.732 3.542 3.979 5.473 5.943 2.437l1.313-2.028l72.516-144.72c1.215-2.423-.88-5.186-3.54-4.672l-25.505 4.922c-2.396.462-4.435-1.77-3.759-4.114l16.646-57.705c.677-2.35-1.37-4.583-3.769-4.113Z"></path></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

106
admin/src/App.vue Normal file
View File

@@ -0,0 +1,106 @@
<script setup lang="ts">
import { ref, onMounted } from 'vue'
import { useRouter } from 'vue-router'
const router = useRouter()
const notification = ref<{ type: 'success' | 'error'; message: string } | null>(null)
onMounted(() => {
const params = new URLSearchParams(window.location.search)
if (params.has('google_drive_connected')) {
notification.value = { type: 'success', message: 'Google Drive connected successfully!' }
// Clean up URL
window.history.replaceState({}, '', window.location.pathname)
setTimeout(() => (notification.value = null), 5000)
} else if (params.has('google_drive_error')) {
const error = params.get('google_drive_error')
let message = 'Failed to connect Google Drive.'
if (error === 'not_authenticated') {
message = 'Session expired. Please log in again and try connecting Google Drive.'
} else if (error === 'missing_code') {
message = 'Authorization code missing. Please try again.'
} else if (error === 'connection_failed') {
message = 'Failed to connect Google Drive. Please try again.'
}
notification.value = { type: 'error', message }
// Clean up URL
window.history.replaceState({}, '', window.location.pathname)
setTimeout(() => (notification.value = null), 8000)
}
})
</script>
<template>
<div
v-if="notification"
class="global-notification"
role="alert"
>
<div
class="notification-toast"
:class="notification.type === 'success' ? 'notification-success' : 'notification-error'"
>
{{ notification.message }}
<button type="button" class="notification-close" @click="notification = null" aria-label="Close">×</button>
</div>
</div>
<router-view />
</template>
<style scoped>
.global-notification {
position: fixed;
top: 1rem;
left: 50%;
transform: translateX(-50%);
z-index: 9999;
max-width: 420px;
width: calc(100% - 2rem);
}
.notification-toast {
display: flex;
align-items: center;
justify-content: space-between;
gap: 1rem;
padding: 0.875rem 1rem;
border-radius: var(--admin-radius);
font-size: 0.9375rem;
font-weight: 500;
box-shadow: var(--admin-shadow-lg);
border: 1px solid transparent;
}
.notification-success {
background: #ecfdf5;
color: #065f46;
border-color: #a7f3d0;
}
.notification-error {
background: #fef2f2;
color: #991b1b;
border-color: #fecaca;
}
.notification-close {
background: none;
border: none;
font-size: 1.25rem;
line-height: 1;
cursor: pointer;
opacity: 0.7;
padding: 0 0.25rem;
}
.notification-close:hover {
opacity: 1;
}
</style>
<style>
#app {
min-height: 100vh;
}
</style>

1
admin/src/assets/vue.svg Normal file
View File

@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true" role="img" class="iconify iconify--logos" width="37.07" height="36" preserveAspectRatio="xMidYMid meet" viewBox="0 0 256 198"><path fill="#41B883" d="M204.8 0H256L128 220.8L0 0h97.92L128 51.2L157.44 0h47.36Z"></path><path fill="#41B883" d="m0 0l128 220.8L256 0h-51.2L128 132.48L50.56 0H0Z"></path><path fill="#35495E" d="M50.56 0L128 133.12L204.8 0h-47.36L128 51.2L97.92 0H50.56Z"></path></svg>
Side by Side

After

Width:  |  Height:  |  Size: 496 B

193
admin/src/components/AdminLayout.vue Normal file
View File

@@ -0,0 +1,193 @@
<script setup lang="ts">
import { ref, computed, onMounted, onBeforeUnmount } from 'vue'
import { useRouter, useRoute } from 'vue-router'
import { useAuth } from '../composables/useAuth'
const router = useRouter()
const route = useRoute()
const { user, logout } = useAuth()
const isScrolled = ref(false)
function onScroll() {
isScrolled.value = window.scrollY > 0
}
onMounted(() => {
window.addEventListener('scroll', onScroll, { passive: true })
onScroll()
})
onBeforeUnmount(() => {
window.removeEventListener('scroll', onScroll)
})
const pageTitle = computed(() => {
const name = route.name?.toString() ?? ''
if (name === 'events') return 'Events'
if (name === 'event-create') return 'Create Event'
if (name === 'event-edit') return 'Edit Event'
if (name === 'event-uploads') return 'Event Uploads'
return 'Admin'
})
async function handleLogout() {
await logout()
router.push('/login')
}
</script>
<template>
<div class="admin-layout">
<aside class="admin-sidebar">
<div class="sidebar-brand">
<span class="brand-icon"></span>
<span class="brand-text">Event Uploader</span>
</div>
<nav class="sidebar-nav">
<router-link to="/" class="nav-item" :class="{ active: route.name === 'events' }">
<span class="nav-icon"></span>
<span>Events</span>
</router-link>
<router-link to="/events/create" class="nav-item" :class="{ active: route.name === 'event-create' }">
<span class="nav-icon">+</span>
<span>Create Event</span>
</router-link>
</nav>
<div class="sidebar-footer">
<a
href="#"
class="nav-item"
@click.prevent="handleLogout"
>
<span class="nav-icon"></span>
<span>Logout</span>
</a>
</div>
</aside>
<main class="admin-main">
<header class="main-header" :class="{ 'main-header--scrolled': isScrolled }">
<h1 class="page-title">{{ pageTitle }}</h1>
<div class="header-actions">
<span class="user-email">{{ user?.email }}</span>
</div>
</header>
<div class="main-content">
<router-view />
</div>
</main>
</div>
</template>
<style scoped>
.admin-layout {
display: flex;
min-height: 100vh;
background: var(--admin-bg);
}
.admin-sidebar {
width: 260px;
flex-shrink: 0;
background: var(--admin-sidebar-bg);
color: var(--admin-sidebar-text);
display: flex;
flex-direction: column;
border-right: 1px solid var(--admin-sidebar-border);
}
.sidebar-brand {
padding: 1.5rem 1.25rem;
display: flex;
align-items: center;
gap: 0.75rem;
border-bottom: 1px solid var(--admin-sidebar-border);
}
.brand-icon {
font-size: 1.5rem;
opacity: 0.9;
}
.brand-text {
font-weight: 600;
font-size: 1.1rem;
letter-spacing: -0.02em;
}
.sidebar-nav {
flex: 1;
padding: 1rem 0.75rem;
display: flex;
flex-direction: column;
gap: 0.25rem;
}
.nav-item {
display: flex;
align-items: center;
gap: 0.75rem;
padding: 0.625rem 1rem;
border-radius: var(--admin-radius);
color: var(--admin-sidebar-text-muted);
text-decoration: none;
font-size: 0.9375rem;
font-weight: 500;
transition: background 0.15s, color 0.15s;
}
.nav-item:hover {
background: var(--admin-sidebar-hover);
color: var(--admin-sidebar-text);
}
.nav-item.active {
background: var(--admin-sidebar-active);
color: var(--admin-primary);
}
.nav-icon {
font-size: 1rem;
width: 1.25rem;
text-align: center;
opacity: 0.8;
}
.sidebar-footer {
padding: 1rem 0.75rem;
border-top: 1px solid var(--admin-sidebar-border);
}
.main-header {
display: flex;
align-items: center;
justify-content: space-between;
padding: 1.25rem 1.5rem;
background: var(--admin-surface);
border-bottom: 1px solid var(--admin-border);
position: sticky;
top: 0;
z-index: 10;
transition: box-shadow 0.15s ease;
}
.main-header--scrolled {
box-shadow: var(--admin-shadow);
}
.page-title {
margin: 0;
font-size: 1.375rem;
font-weight: 600;
color: var(--admin-heading);
letter-spacing: -0.02em;
}
.user-email {
font-size: 0.875rem;
color: var(--admin-muted);
}
.main-content {
padding: var(--admin-space-8);
flex: 1;
}
</style>

14
admin/src/components/AdminLoading.vue Normal file
View File

@@ -0,0 +1,14 @@
<script setup lang="ts">
defineProps<{
message?: string
}>()
</script>
<template>
<div class="admin-card admin-card-body text-center py-5">
<div class="spinner-border text-primary" role="status" aria-label="Loading">
<span class="visually-hidden">Loading...</span>
</div>
<p class="mt-3 mb-0 text-muted">{{ message ?? 'Loading...' }}</p>
</div>
</template>

41
admin/src/components/HelloWorld.vue Normal file
View File

@@ -0,0 +1,41 @@
<script setup lang="ts">
import { ref } from 'vue'
defineProps<{ msg: string }>()
const count = ref(0)
</script>
<template>
<h1>{{ msg }}</h1>
<div class="card">
<button type="button" @click="count++">count is {{ count }}</button>
<p>
Edit
<code>components/HelloWorld.vue</code> to test HMR
</p>
</div>
<p>
Check out
<a href="https://vuejs.org/guide/quick-start.html#local" target="_blank"
>create-vue</a
>, the official Vue + Vite starter
</p>
<p>
Learn more about IDE Support for Vue in the
<a
href="https://vuejs.org/guide/scaling-up/tooling.html#ide-support"
target="_blank"
>Vue Docs Scaling up Guide</a
>.
</p>
<p class="read-the-docs">Click on the Vite and Vue logos to learn more</p>
</template>
<style scoped>
.read-the-docs {
color: #888;
}
</style>

68
admin/src/composables/useAuth.ts Normal file
View File

@@ -0,0 +1,68 @@
import { ref, computed } from 'vue'
import axios from 'axios'
import { api } from '../services/api'
import type { User } from '../types/user'
const user = ref<User | null>(null)
export function useAuth() {
const loading = ref(false)
const error = ref<string | null>(null)
const isAuthenticated = computed(() => !!user.value)
async function fetchUser() {
loading.value = true
error.value = null
try {
const { data } = await api.get<User>('/auth/user')
user.value = data
return data
} catch (e) {
user.value = null
throw e
} finally {
loading.value = false
}
}
async function login(email: string, password: string, remember = false) {
loading.value = true
error.value = null
try {
const csrfBase = import.meta.env.DEV ? '' : (import.meta.env.VITE_API_URL || '')
await axios.get(csrfBase + '/sanctum/csrf-cookie', { withCredentials: true })
const { data } = await api.post<{ user: User }>('/auth/login', {
email,
password,
remember,
})
user.value = data.user
return data.user
} catch (e: unknown) {
const err = e as { response?: { data?: { message?: string }; status?: number } }
error.value = err.response?.data?.message ?? 'Login failed'
throw e
} finally {
loading.value = false
}
}
async function logout() {
try {
await api.post('/auth/logout')
} finally {
user.value = null
}
}
return {
user: computed(() => user.value),
isAuthenticated,
loading,
error,
fetchUser,
login,
logout,
}
}

72
admin/src/composables/useEvents.ts Normal file
View File

@@ -0,0 +1,72 @@
import { ref } from 'vue'
import { api } from '../services/api'
import type { Event } from '../types/event'
interface PaginatedResponse<T> {
data: T[]
current_page: number
last_page: number
per_page: number
total: number
}
export function useEvents() {
const events = ref<Event[]>([])
const loading = ref(false)
const error = ref<string | null>(null)
const pagination = ref({ current_page: 1, last_page: 1, per_page: 15, total: 0 })
async function fetchEvents(page = 1) {
loading.value = true
error.value = null
try {
const { data } = await api.get<PaginatedResponse<Event>>('/admin/events', {
params: { page, per_page: 15 },
})
events.value = data.data
pagination.value = {
current_page: data.current_page,
last_page: data.last_page,
per_page: data.per_page,
total: data.total,
}
return data
} catch (e) {
error.value = 'Failed to load events'
throw e
} finally {
loading.value = false
}
}
async function createEvent(payload: Partial<Event>): Promise<Event> {
const { data } = await api.post<Event>('/admin/events', payload)
return data
}
async function updateEvent(id: number, payload: Partial<Event>): Promise<Event> {
const { data } = await api.put<Event>(`/admin/events/${id}`, payload)
return data
}
async function fetchEvent(id: number): Promise<Event> {
const { data } = await api.get<Event>(`/admin/events/${id}`)
return data
}
async function deleteEvent(id: number): Promise<void> {
await api.delete(`/admin/events/${id}`)
}
return {
events,
loading,
error,
pagination,
fetchEvents,
createEvent,
updateEvent,
fetchEvent,
deleteEvent,
}
}

85
admin/src/composables/useGoogleDrive.ts Normal file
View File

@@ -0,0 +1,85 @@
import { ref } from 'vue'
import { api } from '../services/api'
interface GoogleDriveStatus {
connected: boolean
account_email?: string
}
interface FolderItem {
id: string
name: string
}
interface SharedDrive {
id: string
name: string
type: 'shared_drive'
}
export function useGoogleDrive() {
const status = ref<GoogleDriveStatus | null>(null)
const loading = ref(false)
const error = ref<string | null>(null)
async function fetchStatus() {
loading.value = true
error.value = null
try {
const { data } = await api.get<GoogleDriveStatus>('/admin/google-drive/status')
status.value = data
return data
} catch (e) {
error.value = 'Failed to load Google Drive status'
throw e
} finally {
loading.value = false
}
}
async function getAuthUrl(): Promise<string> {
const { data } = await api.get<{ url: string }>('/admin/google-drive/auth-url')
return data.url
}
async function disconnect() {
await api.delete('/admin/google-drive/disconnect')
status.value = { connected: false }
}
async function listSharedDrives(): Promise<SharedDrive[]> {
const { data } = await api.get<{ data: SharedDrive[] }>('/admin/google-drive/shared-drives')
return data.data
}
async function listFolders(parentId?: string, driveId?: string): Promise<FolderItem[]> {
const params: Record<string, string> = {}
if (parentId) params.parent_id = parentId
if (driveId) params.drive_id = driveId
const { data } = await api.get<{ data: FolderItem[] }>('/admin/google-drive/folders', {
params,
})
return data.data
}
async function createFolder(name: string, parentId?: string, driveId?: string): Promise<FolderItem> {
const { data } = await api.post<{ data: FolderItem }>('/admin/google-drive/folders', {
name,
parent_id: parentId,
drive_id: driveId,
})
return data.data
}
return {
status,
loading,
error,
fetchStatus,
getAuthUrl,
disconnect,
listSharedDrives,
listFolders,
createFolder,
}
}

12
admin/src/main.ts Normal file
View File

@@ -0,0 +1,12 @@
import { createApp } from 'vue'
import { createPinia } from 'pinia'
import router from './router'
import 'bootstrap/dist/css/bootstrap.min.css'
import 'bootstrap'
import App from './App.vue'
import './style.css'
const app = createApp(App)
app.use(createPinia())
app.use(router)
app.mount('#app')

328
admin/src/pages/EventCreatePage.vue Normal file
View File

@@ -0,0 +1,328 @@
<script setup lang="ts">
import { ref, reactive, onMounted } from 'vue'
import { useRouter } from 'vue-router'
import { useEvents } from '../composables/useEvents'
import { useGoogleDrive } from '../composables/useGoogleDrive'
import type { EventFormData } from '../types/event'
const router = useRouter()
const { createEvent, loading: saving, error } = useEvents()
const { fetchStatus, getAuthUrl, listSharedDrives, listFolders, createFolder } = useGoogleDrive()
const driveConnected = ref(false)
const sharedDrives = ref<{ id: string; name: string; type: string }[]>([])
const folders = ref<{ id: string; name: string }[]>([])
const selectedDriveId = ref('')
const selectedDriveName = ref('')
const selectedFolderId = ref('')
const selectedFolderName = ref('')
const viewMode = ref<'my-drive' | 'shared-drives'>('my-drive')
const form = reactive<Partial<EventFormData>>({
name: '',
description: '',
slug: '',
google_drive_folder_id: '',
google_drive_folder_name: '',
is_active: true,
upload_start_at: '',
upload_end_at: '',
max_file_size_mb: 500,
allowed_extensions: ['mp4', 'mov', 'avi', 'mkv', 'webm'],
require_password: false,
upload_password: '',
})
const EXT_OPTIONS = ['mp4', 'mov', 'avi', 'mkv', 'webm', 'jpg', 'jpeg', 'png']
onMounted(async () => {
const s = await fetchStatus().catch(() => ({ connected: false }))
driveConnected.value = s?.connected ?? false
if (driveConnected.value) {
await loadMyDrive()
}
})
async function connectDrive() {
const url = await getAuthUrl()
window.location.href = url
}
async function loadMyDrive() {
viewMode.value = 'my-drive'
selectedDriveId.value = ''
selectedDriveName.value = ''
folders.value = await listFolders().catch(() => [])
}
async function loadSharedDrives() {
viewMode.value = 'shared-drives'
selectedDriveId.value = ''
selectedDriveName.value = ''
selectedFolderId.value = ''
selectedFolderName.value = ''
folders.value = []
sharedDrives.value = await listSharedDrives().catch(() => [])
}
function selectDrive(id: string, name: string) {
selectedDriveId.value = id
selectedDriveName.value = name
selectedFolderId.value = ''
selectedFolderName.value = ''
loadFoldersInDrive(id)
}
async function loadFoldersInDrive(driveId: string, parentId?: string) {
folders.value = await listFolders(parentId, driveId)
}
async function loadFolders(parentId?: string) {
if (selectedDriveId.value) {
folders.value = await listFolders(parentId, selectedDriveId.value)
} else {
folders.value = await listFolders(parentId)
}
}
function selectFolder(id: string, name: string) {
selectedFolderId.value = id
selectedFolderName.value = name
form.google_drive_folder_id = id
form.google_drive_folder_name = name
}
async function handleCreateFolder() {
const name = prompt('Folder name')
if (!name) return
const created = await createFolder(
name,
selectedFolderId.value || undefined,
selectedDriveId.value || undefined
)
await loadFolders(selectedFolderId.value || undefined)
selectFolder(created.id, created.name)
}
async function onSubmit() {
try {
const payload = {
...form,
google_drive_folder_id: form.google_drive_folder_id || null,
google_drive_folder_name: form.google_drive_folder_name || null,
upload_password: form.require_password ? form.upload_password : null,
}
const event = await createEvent(payload)
router.push({ name: 'event-uploads', params: { id: event.id } })
} catch (e) {
console.error(e)
}
}
</script>
<template>
<div class="admin-page admin-form-page">
<router-link to="/" class="back-link mb-4">
Back to Events
</router-link>
<div class="admin-card admin-card-body mb-4">
<h2 class="section-title mb-4">Event details</h2>
<form @submit.prevent="onSubmit" class="row g-3">
<div v-if="error" class="col-12 alert alert-danger py-2">{{ error }}</div>
<div class="col-12">
<label class="form-label">Name</label>
<input v-model="form.name" type="text" class="form-control" required placeholder="e.g. Summer Conference 2025" />
</div>
<div class="col-12">
<label class="form-label">Description</label>
<textarea v-model="form.description" class="form-control" rows="2" placeholder="Optional description for attendees"></textarea>
</div>
<div class="col-12">
<label class="form-label">URL slug <span class="text-muted">(optional, auto-generated from name)</span></label>
<input v-model="form.slug" type="text" class="form-control" placeholder="my-event" />
</div>
</form>
</div>
<div class="admin-card admin-card-body mb-4">
<h2 class="section-title mb-3">Google Drive folder</h2>
<p class="text-muted small mb-3">Uploads will be saved to the selected folder.</p>
<div v-if="!driveConnected" class="drive-connect-box p-4 rounded-3 bg-light border">
<p class="mb-3 text-muted small">Connect your Google account to choose a destination folder.</p>
<button type="button" class="btn btn-primary" @click="connectDrive">
Connect Google Drive
</button>
</div>
<div v-else>
<div class="d-flex flex-wrap gap-2 align-items-center mb-3">
<div class="btn-group btn-group-sm" role="group">
<button
type="button"
class="btn"
:class="viewMode === 'my-drive' ? 'btn-primary' : 'btn-outline-primary'"
@click="loadMyDrive"
>
My Drive
</button>
<button
type="button"
class="btn"
:class="viewMode === 'shared-drives' ? 'btn-primary' : 'btn-outline-primary'"
@click="loadSharedDrives"
>
Shared Drives
</button>
</div>
<button type="button" class="btn btn-sm btn-outline-secondary" @click="loadFolders()">
Refresh
</button>
<button
v-if="viewMode === 'my-drive' || selectedDriveId"
type="button"
class="btn btn-sm btn-outline-primary"
@click="handleCreateFolder"
>
Create folder
</button>
</div>
<div v-if="viewMode === 'shared-drives' && !selectedDriveId">
<ul class="folder-list list-group">
<li
v-for="d in sharedDrives"
:key="d.id"
class="list-group-item list-group-item-action"
@click="selectDrive(d.id, d.name)"
>
📁 {{ d.name }}
</li>
</ul>
<p v-if="sharedDrives.length === 0" class="text-muted small mt-2 mb-0">No shared drives found</p>
</div>
<div v-if="viewMode === 'my-drive' || selectedDriveId">
<p v-if="selectedDriveName" class="text-muted small mb-2">
📁 {{ selectedDriveName }}
<button type="button" class="btn btn-sm btn-link p-0 ms-2" @click="loadSharedDrives">(change)</button>
</p>
<ul class="folder-list list-group">
<li
v-for="f in folders"
:key="f.id"
class="list-group-item list-group-item-action"
:class="{ active: selectedFolderId === f.id }"
@click="selectFolder(f.id, f.name)"
>
{{ f.name }}
</li>
</ul>
<p v-if="selectedFolderName" class="mt-2 text-muted small mb-0">
Selected: <strong>{{ selectedFolderName }}</strong>
</p>
</div>
</div>
</div>
<div class="admin-card admin-card-body mb-4">
<h2 class="section-title mb-4">Settings</h2>
<div class="row g-3">
<div class="col-12 col-md-6">
<div class="form-check form-switch">
<input v-model="form.is_active" type="checkbox" class="form-check-input" id="is_active" />
<label class="form-check-label" for="is_active">Event is active (accepting uploads)</label>
</div>
</div>
<div class="col-12 col-md-6">
<label class="form-label">Max file size (MB)</label>
<input v-model.number="form.max_file_size_mb" type="number" class="form-control" min="1" max="2000" />
</div>
<div class="col-12 col-md-6">
<label class="form-label">Upload window start</label>
<input v-model="form.upload_start_at" type="datetime-local" class="form-control" />
</div>
<div class="col-12 col-md-6">
<label class="form-label">Upload window end</label>
<input v-model="form.upload_end_at" type="datetime-local" class="form-control" />
</div>
<div class="col-12">
<label class="form-label">Allowed file extensions</label>
<div class="d-flex flex-wrap gap-2">
<label v-for="ext in EXT_OPTIONS" :key="ext" class="form-check form-check-inline">
<input
type="checkbox"
class="form-check-input"
:value="ext"
:checked="form.allowed_extensions?.includes(ext)"
@change="(e: globalThis.Event) => {
const arr = form.allowed_extensions || []
const target = (e.target as HTMLInputElement)
if (target.checked) form.allowed_extensions = [...arr, ext]
else form.allowed_extensions = arr.filter(x => x !== ext)
}"
/>
<span class="form-check-label">.{{ ext }}</span>
</label>
</div>
</div>
<div class="col-12">
<div class="form-check form-switch mb-2">
<input v-model="form.require_password" type="checkbox" class="form-check-input" id="require_password" />
<label class="form-check-label" for="require_password">Require upload password</label>
</div>
<input
v-if="form.require_password"
v-model="form.upload_password"
type="text"
class="form-control"
placeholder="Password for attendees"
minlength="4"
style="max-width: 280px"
/>
</div>
</div>
</div>
<div class="admin-card admin-card-body">
<button type="submit" class="btn btn-primary btn-lg" :disabled="saving" @click="onSubmit">
{{ saving ? 'Creating...' : 'Create Event' }}
</button>
</div>
</div>
</template>
<style scoped>
.admin-form-page {
max-width: 720px;
}
.back-link {
color: var(--admin-muted);
text-decoration: none;
font-size: 0.9375rem;
font-weight: 500;
display: inline-block;
}
.back-link:hover {
color: var(--admin-primary);
}
.section-title {
font-size: 1.125rem;
font-weight: 600;
color: var(--admin-heading);
margin: 0;
}
.folder-list {
max-height: 220px;
overflow-y: auto;
border-radius: var(--admin-radius);
}
.drive-connect-box {
border-color: var(--admin-border) !important;
}
</style>

339
admin/src/pages/EventEditPage.vue Normal file
View File

@@ -0,0 +1,339 @@
<script setup lang="ts">
import { ref, reactive, onMounted, computed } from 'vue'
import { useRouter, useRoute } from 'vue-router'
import { useEvents } from '../composables/useEvents'
import { useGoogleDrive } from '../composables/useGoogleDrive'
import type { Event as EventType } from '../types/event'
const router = useRouter()
const route = useRoute()
const id = computed(() => Number(route.params.id))
const { fetchEvent, updateEvent, loading: saving, error } = useEvents()
const { fetchStatus, getAuthUrl, listSharedDrives, listFolders, createFolder } = useGoogleDrive()
const event = ref<EventType | null>(null)
const driveConnected = ref(false)
const sharedDrives = ref<{ id: string; name: string; type: string }[]>([])
const folders = ref<{ id: string; name: string }[]>([])
const selectedDriveId = ref('')
const selectedDriveName = ref('')
const selectedFolderId = ref('')
const selectedFolderName = ref('')
const viewMode = ref<'my-drive' | 'shared-drives'>('my-drive')
const form = reactive<Partial<EventType>>({
name: '',
description: '',
slug: '',
google_drive_folder_id: '',
google_drive_folder_name: '',
is_active: true,
upload_start_at: '',
upload_end_at: '',
max_file_size_mb: 500,
allowed_extensions: [],
require_password: false,
upload_password: '',
})
const EXT_OPTIONS = ['mp4', 'mov', 'avi', 'mkv', 'webm', 'jpg', 'jpeg', 'png']
onMounted(async () => {
event.value = await fetchEvent(id.value)
Object.assign(form, {
...event.value,
upload_start_at: event.value.upload_start_at
? new Date(event.value.upload_start_at).toISOString().slice(0, 16)
: '',
upload_end_at: event.value.upload_end_at
? new Date(event.value.upload_end_at).toISOString().slice(0, 16)
: '',
upload_password: '',
})
selectedFolderId.value = event.value.google_drive_folder_id || ''
selectedFolderName.value = event.value.google_drive_folder_name || ''
const s = await fetchStatus().catch(() => ({ connected: false }))
driveConnected.value = s?.connected ?? false
if (driveConnected.value) folders.value = await listFolders().catch(() => [])
})
async function connectDrive() {
const url = await getAuthUrl()
window.location.href = url
}
async function loadMyDrive() {
viewMode.value = 'my-drive'
selectedDriveId.value = ''
selectedDriveName.value = ''
folders.value = await listFolders().catch(() => [])
}
async function loadSharedDrives() {
viewMode.value = 'shared-drives'
selectedDriveId.value = ''
selectedFolderId.value = ''
selectedFolderName.value = ''
folders.value = []
sharedDrives.value = await listSharedDrives().catch(() => [])
}
function selectDrive(id: string, name: string) {
selectedDriveId.value = id
selectedDriveName.value = name
selectedFolderId.value = ''
selectedFolderName.value = ''
loadFoldersInDrive(id)
}
async function loadFoldersInDrive(driveId: string, parentId?: string) {
folders.value = await listFolders(parentId, driveId)
}
async function loadFolders(parentId?: string) {
if (selectedDriveId.value) {
folders.value = await listFolders(parentId, selectedDriveId.value)
} else {
folders.value = await listFolders(parentId)
}
}
function selectFolder(fid: string, name: string) {
selectedFolderId.value = fid
selectedFolderName.value = name
form.google_drive_folder_id = fid
form.google_drive_folder_name = name
}
async function handleCreateFolder() {
const name = prompt('Folder name')
if (!name) return
const created = await createFolder(
name,
selectedFolderId.value || undefined,
selectedDriveId.value || undefined
)
await loadFolders(selectedFolderId.value || undefined)
selectFolder(created.id, created.name)
}
async function onSubmit() {
try {
const payload = {
...form,
google_drive_folder_id: form.google_drive_folder_id || null,
google_drive_folder_name: form.google_drive_folder_name || null,
upload_password: form.require_password && form.upload_password ? form.upload_password : undefined,
}
await updateEvent(id.value, payload)
router.push('/')
} catch (e) {
console.error(e)
}
}
</script>
<template>
<div class="admin-page admin-form-page">
<router-link to="/" class="back-link mb-4">
Back to Events
</router-link>
<div v-if="event" class="admin-card admin-card-body mb-4">
<h2 class="section-title mb-4">Event details</h2>
<form @submit.prevent="onSubmit" class="row g-3">
<div v-if="error" class="col-12 alert alert-danger py-2">{{ error }}</div>
<div class="col-12">
<label class="form-label">Name</label>
<input v-model="form.name" type="text" class="form-control" required />
</div>
<div class="col-12">
<label class="form-label">Description</label>
<textarea v-model="form.description" class="form-control" rows="2"></textarea>
</div>
<div class="col-12">
<label class="form-label">URL slug</label>
<input v-model="form.slug" type="text" class="form-control" />
</div>
</form>
</div>
<div v-if="event" class="admin-card admin-card-body mb-4">
<h2 class="section-title mb-3">Google Drive folder</h2>
<div v-if="!driveConnected" class="drive-connect-box p-4 rounded-3 bg-light border">
<button type="button" class="btn btn-primary" @click="connectDrive">
Connect Google Drive
</button>
</div>
<div v-else>
<div class="d-flex flex-wrap gap-2 align-items-center mb-3">
<div class="btn-group btn-group-sm" role="group">
<button
type="button"
class="btn"
:class="viewMode === 'my-drive' ? 'btn-primary' : 'btn-outline-primary'"
@click="loadMyDrive"
>
My Drive
</button>
<button
type="button"
class="btn"
:class="viewMode === 'shared-drives' ? 'btn-primary' : 'btn-outline-primary'"
@click="loadSharedDrives"
>
Shared Drives
</button>
</div>
<button type="button" class="btn btn-sm btn-outline-secondary" @click="loadFolders()">
Refresh
</button>
<button
v-if="viewMode === 'my-drive' || selectedDriveId"
type="button"
class="btn btn-sm btn-outline-primary"
@click="handleCreateFolder"
>
Create folder
</button>
</div>
<div v-if="viewMode === 'shared-drives' && !selectedDriveId">
<ul class="folder-list list-group">
<li
v-for="d in sharedDrives"
:key="d.id"
class="list-group-item list-group-item-action"
@click="selectDrive(d.id, d.name)"
>
📁 {{ d.name }}
</li>
</ul>
<p v-if="sharedDrives.length === 0" class="text-muted small mt-2 mb-0">No shared drives found</p>
</div>
<div v-if="viewMode === 'my-drive' || selectedDriveId">
<p v-if="selectedDriveName" class="text-muted small mb-2">
📁 {{ selectedDriveName }}
<button type="button" class="btn btn-sm btn-link p-0 ms-2" @click="loadSharedDrives">(change)</button>
</p>
<ul class="folder-list list-group">
<li
v-for="f in folders"
:key="f.id"
class="list-group-item list-group-item-action"
:class="{ active: selectedFolderId === f.id }"
@click="selectFolder(f.id, f.name)"
>
{{ f.name }}
</li>
</ul>
<p v-if="selectedFolderName" class="mt-2 text-muted small mb-0">
Selected: <strong>{{ selectedFolderName }}</strong>
</p>
</div>
</div>
</div>
<div v-if="event" class="admin-card admin-card-body mb-4">
<h2 class="section-title mb-4">Settings</h2>
<div class="row g-3">
<div class="col-12 col-md-6">
<div class="form-check form-switch">
<input v-model="form.is_active" type="checkbox" class="form-check-input" id="is_active" />
<label class="form-check-label" for="is_active">Event is active</label>
</div>
</div>
<div class="col-12 col-md-6">
<label class="form-label">Max file size (MB)</label>
<input v-model.number="form.max_file_size_mb" type="number" class="form-control" min="1" max="2000" />
</div>
<div class="col-12 col-md-6">
<label class="form-label">Upload window start</label>
<input v-model="form.upload_start_at" type="datetime-local" class="form-control" />
</div>
<div class="col-12 col-md-6">
<label class="form-label">Upload window end</label>
<input v-model="form.upload_end_at" type="datetime-local" class="form-control" />
</div>
<div class="col-12">
<label class="form-label">Allowed extensions</label>
<div class="d-flex flex-wrap gap-2">
<label v-for="ext in EXT_OPTIONS" :key="ext" class="form-check form-check-inline">
<input
type="checkbox"
class="form-check-input"
:value="ext"
:checked="form.allowed_extensions?.includes(ext)"
@change="(e: globalThis.Event) => {
const arr = form.allowed_extensions || []
const target = (e.target as HTMLInputElement)
if (target.checked) form.allowed_extensions = [...arr, ext]
else form.allowed_extensions = arr.filter(x => x !== ext)
}"
/>
<span class="form-check-label">.{{ ext }}</span>
</label>
</div>
</div>
<div class="col-12">
<div class="form-check form-switch mb-2">
<input v-model="form.require_password" type="checkbox" class="form-check-input" id="require_password" />
<label class="form-check-label" for="require_password">Require upload password</label>
</div>
<input
v-if="form.require_password"
v-model="form.upload_password"
type="text"
class="form-control"
placeholder="New password (leave blank to keep)"
minlength="4"
style="max-width: 280px"
/>
</div>
</div>
</div>
<div v-if="event" class="admin-card admin-card-body">
<button type="submit" class="btn btn-primary btn-lg" :disabled="saving" @click="onSubmit">
{{ saving ? 'Saving...' : 'Save changes' }}
</button>
</div>
</div>
</template>
<style scoped>
.admin-form-page {
max-width: 720px;
}
.back-link {
color: var(--admin-muted);
text-decoration: none;
font-size: 0.9375rem;
font-weight: 500;
display: inline-block;
}
.back-link:hover {
color: var(--admin-primary);
}
.section-title {
font-size: 1.125rem;
font-weight: 600;
color: var(--admin-heading);
margin: 0;
}
.folder-list {
max-height: 220px;
overflow-y: auto;
border-radius: var(--admin-radius);
}
.drive-connect-box {
border-color: var(--admin-border) !important;
}
</style>

181
admin/src/pages/EventUploadsPage.vue Normal file
View File

@@ -0,0 +1,181 @@
<script setup lang="ts">
import { ref, onMounted, computed } from 'vue'
import { useRoute, useRouter } from 'vue-router'
import AdminLoading from '../components/AdminLoading.vue'
import { useEvents } from '../composables/useEvents'
import { api } from '../services/api'
import type { Event } from '../types/event'
import type { Upload } from '../types/upload'
const route = useRoute()
const router = useRouter()
const eventId = computed(() => Number(route.params.id))
const { fetchEvent } = useEvents()
const event = ref<Event | null>(null)
const uploads = ref<Upload[]>([])
const loading = ref(true)
onMounted(async () => {
event.value = await fetchEvent(eventId.value)
await loadUploads()
})
async function loadUploads() {
loading.value = true
const { data } = await api.get<{ data: Upload[] }>(`/admin/events/${eventId.value}/uploads`, {
params: { per_page: 100 },
})
uploads.value = data.data
loading.value = false
}
function copyUploadUrl() {
if (!event.value) return
const url = `${import.meta.env.VITE_UPLOAD_APP_URL || 'http://localhost:5174'}/events/${event.value.slug}`
navigator.clipboard.writeText(url)
alert('Upload URL copied to clipboard')
}
async function getDownloadUrl(upload: Upload) {
const { data } = await api.get<{ url: string }>(`/admin/uploads/${upload.id}/download-url`)
if (data.url) window.open(data.url, '_blank')
}
async function deleteUpload(upload: Upload) {
if (!confirm(`Delete "${upload.original_filename}"?`)) return
await api.delete(`/admin/uploads/${upload.id}`)
await loadUploads()
}
function statusBadge(status: string) {
const map: Record<string, string> = {
pending: 'secondary',
uploading: 'info',
completed: 'success',
failed: 'danger',
}
return map[status] || 'secondary'
}
</script>
<template>
<div class="admin-page">
<div class="d-flex flex-wrap align-items-center justify-content-between gap-3 mb-4">
<router-link to="/" class="back-link"> Back to Events</router-link>
<button class="btn btn-outline-primary" @click="copyUploadUrl">
Copy upload URL
</button>
</div>
<AdminLoading v-if="loading" message="Loading uploads..." />
<div v-else-if="uploads.length === 0" class="admin-card admin-card-body">
<div class="empty-state">
<span class="empty-icon"></span>
<h3 class="h5 mb-2">No uploads yet</h3>
<p class="text-muted mb-0">Share the upload URL with attendees to start receiving files.</p>
</div>
</div>
<div v-else class="admin-card overflow-hidden">
<div class="table-responsive">
<table class="table table-hover align-middle mb-0">
<thead>
<tr>
<th>Filename</th>
<th>Size</th>
<th>Status</th>
<th>Uploader</th>
<th>Date</th>
<th class="text-end">Actions</th>
</tr>
</thead>
<tbody>
<tr v-for="u in uploads" :key="u.id">
<td>
<span class="fw-medium text-dark">{{ u.original_filename }}</span>
</td>
<td>{{ (u.file_size / 1024 / 1024).toFixed(2) }} MB</td>
<td>
<span :class="'badge bg-' + statusBadge(u.status)">{{ u.status }}</span>
<span v-if="u.error_message" class="text-danger small ms-1" :title="u.error_message">!</span>
</td>
<td>{{ u.uploader_name || u.uploader_email || '' }}</td>
<td>{{ new Date(u.created_at).toLocaleString() }}</td>
<td class="text-end">
<div class="btn-group btn-group-sm">
<button
v-if="u.google_drive_web_link"
class="btn btn-outline-primary"
@click="window.open(u.google_drive_web_link!, '_blank')"
>
Open in Drive
</button>
<button
v-if="u.google_drive_file_id"
class="btn btn-outline-secondary"
@click="getDownloadUrl(u)"
>
Download
</button>
<button class="btn btn-outline-danger" @click="deleteUpload(u)">
Delete
</button>
</div>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</template>
<style scoped>
.admin-page {
max-width: 1200px;
}
.back-link {
color: var(--admin-muted);
text-decoration: none;
font-size: 0.9375rem;
font-weight: 500;
}
.back-link:hover {
color: var(--admin-primary);
}
.table th {
font-weight: 600;
font-size: 0.8125rem;
text-transform: uppercase;
letter-spacing: 0.04em;
color: var(--admin-muted);
padding: 1rem 1.25rem;
border-bottom: 1px solid var(--admin-border);
}
.table td {
padding: 1rem 1.25rem;
border-bottom: 1px solid var(--admin-border);
}
.table tbody tr:last-child td {
border-bottom: none;
}
.empty-state {
text-align: center;
padding: 1rem 0;
}
.empty-icon {
font-size: 2.5rem;
opacity: 0.3;
display: block;
margin-bottom: 0.5rem;
}
</style>

152
admin/src/pages/EventsListPage.vue Normal file
View File

@@ -0,0 +1,152 @@
<script setup lang="ts">
import { onMounted } from 'vue'
import { useRouter } from 'vue-router'
import AdminLoading from '../components/AdminLoading.vue'
import { useEvents } from '../composables/useEvents'
const router = useRouter()
const { events, loading, pagination, fetchEvents, deleteEvent } = useEvents()
onMounted(() => fetchEvents())
async function handleDelete(id: number, name: string) {
if (!confirm(`Delete event "${name}"? This will delete all uploads.`)) return
try {
await deleteEvent(id)
await fetchEvents(pagination.value.current_page)
} catch (e) {
alert('Failed to delete event')
}
}
function copyUploadUrl(slug: string) {
const url = `${import.meta.env.VITE_UPLOAD_APP_URL || 'http://localhost:5174'}/events/${slug}`
navigator.clipboard.writeText(url)
alert('Upload URL copied to clipboard')
}
</script>
<template>
<div class="admin-page">
<div class="d-flex justify-content-between align-items-center mb-4">
<p class="text-muted mb-0">Manage events and share upload links with attendees.</p>
<router-link to="/events/create" class="btn btn-primary">
Create Event
</router-link>
</div>
<AdminLoading v-if="loading" message="Loading events..." />
<div v-else-if="events.length === 0" class="admin-card admin-card-body">
<div class="empty-state">
<span class="empty-icon"></span>
<h3 class="h5 mb-2">No events yet</h3>
<p class="text-muted mb-4">Create your first event to get a shareable upload link.</p>
<router-link to="/events/create" class="btn btn-primary">Create Event</router-link>
</div>
</div>
<div v-else class="admin-card overflow-hidden">
<div class="table-responsive">
<table class="table table-hover align-middle mb-0">
<thead>
<tr>
<th>Name</th>
<th>Slug</th>
<th>Status</th>
<th>Uploads</th>
<th class="text-end">Actions</th>
</tr>
</thead>
<tbody>
<tr v-for="ev in events" :key="ev.id">
<td>
<span class="fw-medium text-dark">{{ ev.name }}</span>
</td>
<td><code class="slug">{{ ev.slug }}</code></td>
<td>
<span :class="ev.is_active ? 'badge bg-success' : 'badge bg-secondary'">
{{ ev.is_active ? 'Active' : 'Inactive' }}
</span>
</td>
<td>{{ ev.uploads_count ?? 0 }}</td>
<td class="text-end">
<div class="btn-group btn-group-sm">
<button
class="btn btn-outline-primary"
@click="copyUploadUrl(ev.slug)"
title="Copy upload URL"
>
Copy URL
</button>
<router-link
:to="{ name: 'event-uploads', params: { id: ev.id } }"
class="btn btn-outline-secondary"
>
Uploads
</router-link>
<router-link
:to="{ name: 'event-edit', params: { id: ev.id } }"
class="btn btn-outline-secondary"
>
Edit
</router-link>
<button
class="btn btn-outline-danger"
@click="handleDelete(ev.id, ev.name)"
>
Delete
</button>
</div>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
</template>
<style scoped>
.admin-page {
max-width: 1200px;
}
.table th {
font-weight: 600;
font-size: 0.8125rem;
text-transform: uppercase;
letter-spacing: 0.04em;
color: var(--admin-muted);
padding: 1rem 1.25rem;
border-bottom: 1px solid var(--admin-border);
}
.table td {
padding: 1rem 1.25rem;
border-bottom: 1px solid var(--admin-border);
}
.table tbody tr:last-child td {
border-bottom: none;
}
.slug {
font-size: 0.875rem;
background: var(--admin-bg);
padding: 0.25rem 0.5rem;
border-radius: 4px;
}
.empty-state {
text-align: center;
padding: 1rem 0;
}
.empty-icon {
font-size: 2.5rem;
opacity: 0.3;
display: block;
margin-bottom: 0.5rem;
}
</style>

114
admin/src/pages/LoginPage.vue Normal file
View File

@@ -0,0 +1,114 @@
<script setup lang="ts">
import { reactive } from 'vue'
import { useRouter, useRoute } from 'vue-router'
import { useAuth } from '../composables/useAuth'
const router = useRouter()
const route = useRoute()
const { login, loading, error } = useAuth()
const form = reactive({
email: '',
password: '',
remember: false,
})
async function onSubmit() {
try {
await login(form.email, form.password, form.remember)
const redirect = (route.query.redirect as string) || '/'
router.push(redirect)
} catch {
// error handled in composable
}
}
</script>
<template>
<div class="login-page">
<div class="login-card card shadow-sm">
<div class="card-body p-5">
<div class="login-header mb-4">
<span class="login-logo"></span>
<h1 class="h4 mb-1 mt-2">Event Video Uploader</h1>
<p class="text-muted small mb-0">Sign in to the admin dashboard</p>
</div>
<form @submit.prevent="onSubmit">
<div v-if="error" class="alert alert-danger py-2 mb-3" role="alert">
{{ error }}
</div>
<div class="mb-3">
<label for="email" class="form-label">Email</label>
<input
id="email"
v-model="form.email"
type="email"
class="form-control form-control-lg"
required
autocomplete="email"
placeholder="you@example.com"
/>
</div>
<div class="mb-3">
<label for="password" class="form-label">Password</label>
<input
id="password"
v-model="form.password"
type="password"
class="form-control form-control-lg"
required
autocomplete="current-password"
placeholder="••••••••"
/>
</div>
<div class="mb-4 form-check">
<input
id="remember"
v-model="form.remember"
type="checkbox"
class="form-check-input"
/>
<label class="form-check-label" for="remember">Remember me</label>
</div>
<button type="submit" class="btn btn-primary btn-lg w-100 py-2" :disabled="loading">
{{ loading ? 'Signing in...' : 'Sign in' }}
</button>
</form>
</div>
</div>
</div>
</template>
<style scoped>
.login-page {
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
padding: 2rem;
background: linear-gradient(160deg, #f1f5f9 0%, #e2e8f0 100%);
}
.login-card {
width: 100%;
max-width: 420px;
border-radius: var(--admin-radius-lg);
border: 1px solid var(--admin-border);
}
.login-header {
text-align: center;
}
.login-logo {
font-size: 2.5rem;
opacity: 0.9;
display: inline-block;
}
.login-header .h4 {
font-weight: 600;
color: var(--admin-heading);
letter-spacing: -0.02em;
}
</style>

60
admin/src/router/index.ts Normal file
View File

@@ -0,0 +1,60 @@
import { createRouter, createWebHistory } from 'vue-router'
import { useAuth } from '../composables/useAuth'
import AdminLayout from '../components/AdminLayout.vue'
const router = createRouter({
history: createWebHistory(),
routes: [
{
path: '/login',
name: 'login',
component: () => import('../pages/LoginPage.vue'),
meta: { public: true },
},
{
path: '/',
component: AdminLayout,
children: [
{
path: '',
name: 'events',
component: () => import('../pages/EventsListPage.vue'),
},
{
path: 'events/create',
name: 'event-create',
component: () => import('../pages/EventCreatePage.vue'),
},
{
path: 'events/:id/edit',
name: 'event-edit',
component: () => import('../pages/EventEditPage.vue'),
},
{
path: 'events/:id/uploads',
name: 'event-uploads',
component: () => import('../pages/EventUploadsPage.vue'),
},
],
},
],
})
router.beforeEach(async (to) => {
const { isAuthenticated, fetchUser } = useAuth()
if (to.name === 'login' && isAuthenticated.value) {
const redirect = (to.query.redirect as string) || '/'
return { path: redirect }
}
if (!to.meta.public) {
if (isAuthenticated.value) return true
try {
await fetchUser()
} catch {
return { name: 'login', query: { redirect: to.fullPath } }
}
}
return true
})
export default router

34
admin/src/services/api.ts Normal file
View File

@@ -0,0 +1,34 @@
import axios from 'axios'
const baseURL = import.meta.env.DEV
? '/api'
: (import.meta.env.VITE_API_URL ? `${import.meta.env.VITE_API_URL}/api` : '/api')
export const api = axios.create({
baseURL,
withCredentials: true,
headers: {
Accept: 'application/json',
'Content-Type': 'application/json',
},
})
api.interceptors.request.use((config) => {
const token = document.cookie
.split('; ')
.find((row) => row.startsWith('XSRF-TOKEN='))
if (token) {
config.headers['X-XSRF-TOKEN'] = decodeURIComponent(token.split('=')[1])
}
return config
})
api.interceptors.response.use(
(response) => response,
(error) => {
if (error.response?.status === 401 && !error.config?.url?.includes('/auth/')) {
window.location.href = '/login'
}
return Promise.reject(error)
}
)

144
admin/src/style.css Normal file
View File

@@ -0,0 +1,144 @@
/* Event Uploader Admin Professional theme */
@import "bootstrap/dist/css/bootstrap.min.css";
:root {
/* Colors */
--admin-bg: #f1f5f9;
--admin-surface: #ffffff;
--admin-border: #e2e8f0;
--admin-sidebar-bg: #1e293b;
--admin-sidebar-text: #f1f5f9;
--admin-sidebar-text-muted: #94a3b8;
--admin-sidebar-border: rgba(255, 255, 255, 0.06);
--admin-sidebar-hover: rgba(255, 255, 255, 0.08);
--admin-sidebar-active: rgba(99, 102, 241, 0.15);
--admin-primary: #6366f1;
--admin-primary-hover: #4f46e5;
--admin-heading: #0f172a;
--admin-body: #334155;
--admin-muted: #64748b;
/* Radius */
--admin-radius: 8px;
--admin-radius-lg: 12px;
/* Elevation aligned with Upload app */
--admin-shadow: 0 1px 3px rgba(0, 0, 0, 0.06);
--admin-shadow-md: 0 2px 4px rgba(0, 0, 0, 0.06), 0 1px 2px rgba(0, 0, 0, 0.04);
--admin-shadow-lg: 0 4px 6px -1px rgba(0, 0, 0, 0.08), 0 2px 4px -2px rgba(0, 0, 0, 0.06);
/* Typography scale */
--admin-text-xs: 0.75rem;
--admin-text-sm: 0.875rem;
--admin-text-base: 1rem;
--admin-text-lg: 1.125rem;
--admin-text-xl: 1.25rem;
--admin-text-2xl: 1.5rem;
/* Spacing scale */
--admin-space-2: 0.5rem;
--admin-space-3: 0.75rem;
--admin-space-4: 1rem;
--admin-space-5: 1.25rem;
--admin-space-6: 1.5rem;
--admin-space-8: 2rem;
--admin-space-10: 2.5rem;
--admin-space-12: 3rem;
}
*,
*::before,
*::after {
box-sizing: border-box;
}
body {
margin: 0;
min-height: 100vh;
font-family: "Plus Jakarta Sans", -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
font-size: 15px;
line-height: 1.6;
color: var(--admin-body);
-webkit-font-smoothing: antialiased;
}
#app {
min-height: 100vh;
}
/* Global admin cards used by EventsListPage, EventCreatePage, EventEditPage, EventUploadsPage */
.admin-card {
background: var(--admin-surface);
border-radius: var(--admin-radius-lg);
border: 1px solid var(--admin-border);
box-shadow: var(--admin-shadow);
}
.admin-card-body {
padding: var(--admin-space-8);
}
/* Button transitions */
.btn {
transition: color 0.15s ease, background-color 0.15s ease, border-color 0.15s ease;
}
/* Override Bootstrap for theme primary color for buttons, links, spinner */
.text-primary {
color: var(--admin-primary) !important;
}
.btn-primary {
background: var(--admin-primary);
border-color: var(--admin-primary);
}
.btn-primary:hover {
background: var(--admin-primary-hover);
border-color: var(--admin-primary-hover);
}
/* Form control focus transition */
.form-control,
.form-select {
transition: border-color 0.15s ease, box-shadow 0.15s ease;
}
.form-control:focus,
.form-select:focus {
border-color: var(--admin-primary);
box-shadow: 0 0 0 3px rgba(99, 102, 241, 0.2);
}
.card {
border-radius: var(--admin-radius-lg);
border: 1px solid var(--admin-border);
box-shadow: var(--admin-shadow);
}
.table {
--bs-table-striped-bg: rgba(241, 245, 249, 0.6);
}
.badge.bg-success { background: #10b981 !important; }
.badge.bg-danger { background: #ef4444 !important; }
.badge.bg-info { background: #0ea5e9 !important; }
.badge.bg-secondary { background: var(--admin-muted) !important; }
.alert {
border-radius: var(--admin-radius);
border: 1px solid transparent;
}
.list-group-item {
border-color: var(--admin-border);
}
.list-group-item.active {
background: var(--admin-sidebar-active);
border-color: var(--admin-border);
color: var(--admin-primary);
}
.navbar {
display: none; /* We use AdminLayout instead */
}
/* Micro-interactions: links and table rows */
.admin-main a {
transition: color 0.15s ease;
}
.table tbody tr {
transition: background-color 0.15s ease;
}

33
admin/src/types/event.ts Normal file
View File

@@ -0,0 +1,33 @@
export interface Event {
id: number
name: string
description: string | null
slug: string
google_drive_folder_id: string | null
google_drive_folder_name: string | null
is_active: boolean
upload_start_at: string | null
upload_end_at: string | null
max_file_size_mb: number
allowed_extensions: string[]
require_password: boolean
has_password: boolean
created_at: string
updated_at: string
uploads_count?: number
}
export interface EventFormData {
name: string
description: string
slug: string
google_drive_folder_id: string
google_drive_folder_name: string
is_active: boolean
upload_start_at: string
upload_end_at: string
max_file_size_mb: number
allowed_extensions: string[]
require_password: boolean
upload_password: string
}

18
admin/src/types/upload.ts Normal file
View File

@@ -0,0 +1,18 @@
export interface Upload {
id: number
event_id: number
original_filename: string
stored_filename: string
file_size: number
mime_type: string
google_drive_file_id: string | null
google_drive_web_link: string | null
status: 'pending' | 'uploading' | 'completed' | 'failed'
error_message: string | null
uploader_name: string | null
uploader_email: string | null
upload_started_at: string | null
upload_completed_at: string | null
created_at: string
updated_at: string
}

8
admin/src/types/user.ts Normal file
View File

@@ -0,0 +1,8 @@
export interface User {
id: number
name: string
email: string
email_verified_at: string | null
created_at: string
updated_at: string
}

16
admin/tsconfig.app.json Normal file
View File

@@ -0,0 +1,16 @@
{
"extends": "@vue/tsconfig/tsconfig.dom.json",
"compilerOptions": {
"tsBuildInfoFile": "./node_modules/.tmp/tsconfig.app.tsbuildinfo",
"types": ["vite/client"],
/* Linting */
"strict": true,
"noUnusedLocals": true,
"noUnusedParameters": true,
"erasableSyntaxOnly": true,
"noFallthroughCasesInSwitch": true,
"noUncheckedSideEffectImports": true
},
"include": ["src/**/*.ts", "src/**/*.tsx", "src/**/*.vue"]
}

7
admin/tsconfig.json Normal file
View File

@@ -0,0 +1,7 @@
{
"files": [],
"references": [
{ "path": "./tsconfig.app.json" },
{ "path": "./tsconfig.node.json" }
]
}

26
admin/tsconfig.node.json Normal file
View File

@@ -0,0 +1,26 @@
{
"compilerOptions": {
"tsBuildInfoFile": "./node_modules/.tmp/tsconfig.node.tsbuildinfo",
"target": "ES2023",
"lib": ["ES2023"],
"module": "ESNext",
"types": ["node"],
"skipLibCheck": true,
/* Bundler mode */
"moduleResolution": "bundler",
"allowImportingTsExtensions": true,
"verbatimModuleSyntax": true,
"moduleDetection": "force",
"noEmit": true,
/* Linting */
"strict": true,
"noUnusedLocals": true,
"noUnusedParameters": true,
"erasableSyntaxOnly": true,
"noFallthroughCasesInSwitch": true,
"noUncheckedSideEffectImports": true
},
"include": ["vite.config.ts"]
}

48
admin/vite.config.ts Normal file
View File

@@ -0,0 +1,48 @@
import { defineConfig } from 'vite'
import vue from '@vitejs/plugin-vue'
// https://vite.dev/config/
export default defineConfig({
plugins: [vue()],
server: {
port: 5173,
proxy: {
'/api': {
target: 'http://localhost:8000',
changeOrigin: true,
configure: (proxy) => {
proxy.on('proxyRes', (proxyRes) => {
const setCookie = proxyRes.headers['set-cookie']
if (setCookie) {
const rewritten = (Array.isArray(setCookie) ? setCookie : [setCookie]).map(
(cookie: string) =>
cookie
.replace(/;\s*[Dd]omain=[^;]+/g, '; Domain=localhost')
.replace(/;\s*[Ss]ecure\b/g, ''),
)
proxyRes.headers['set-cookie'] = rewritten
}
})
},
},
'/sanctum': {
target: 'http://localhost:8000',
changeOrigin: true,
configure: (proxy) => {
proxy.on('proxyRes', (proxyRes) => {
const setCookie = proxyRes.headers['set-cookie']
if (setCookie) {
const rewritten = (Array.isArray(setCookie) ? setCookie : [setCookie]).map(
(cookie: string) =>
cookie
.replace(/;\s*[Dd]omain=[^;]+/g, '; Domain=localhost')
.replace(/;\s*[Ss]ecure\b/g, ''),
)
proxyRes.headers['set-cookie'] = rewritten
}
})
},
},
},
},
})

18
api/.editorconfig Normal file
View File

@@ -0,0 +1,18 @@
root = true
[*]
charset = utf-8
end_of_line = lf
indent_size = 4
indent_style = space
insert_final_newline = true
trim_trailing_whitespace = true
[*.md]
trim_trailing_whitespace = false
[*.{yml,yaml}]
indent_size = 2
[compose.yaml]
indent_size = 4

74
api/.env.example Normal file
View File

@@ -0,0 +1,74 @@
APP_NAME=Laravel
APP_ENV=local
APP_KEY=
APP_DEBUG=true
APP_URL=http://localhost
FRONTEND_ADMIN_URL=http://localhost:5173
APP_LOCALE=en
APP_FALLBACK_LOCALE=en
APP_FAKER_LOCALE=en_US
APP_MAINTENANCE_DRIVER=file
# APP_MAINTENANCE_STORE=database
# PHP_CLI_SERVER_WORKERS=4
BCRYPT_ROUNDS=12
LOG_CHANNEL=stack
LOG_STACK=single
LOG_DEPRECATIONS_CHANNEL=null
LOG_LEVEL=debug
DB_CONNECTION=sqlite
# DB_HOST=127.0.0.1
# DB_PORT=3306
# DB_DATABASE=laravel
# DB_USERNAME=root
# DB_PASSWORD=
SESSION_DRIVER=database
SESSION_LIFETIME=120
SESSION_ENCRYPT=false
SESSION_PATH=/
SESSION_DOMAIN=localhost
# Set to false so session cookie works over HTTP (e.g. localhost). Set true in production with HTTPS.
SESSION_SECURE_COOKIE=false
SANCTUM_STATEFUL_DOMAINS=localhost:5173,localhost:5174
BROADCAST_CONNECTION=log
FILESYSTEM_DISK=local
QUEUE_CONNECTION=database
CACHE_STORE=database
# CACHE_PREFIX=
MEMCACHED_HOST=127.0.0.1
REDIS_CLIENT=phpredis
REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379
MAIL_MAILER=log
MAIL_SCHEME=null
MAIL_HOST=127.0.0.1
MAIL_PORT=2525
MAIL_USERNAME=null
MAIL_PASSWORD=null
MAIL_FROM_ADDRESS="hello@example.com"
MAIL_FROM_NAME="${APP_NAME}"
AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_DEFAULT_REGION=us-east-1
AWS_BUCKET=
AWS_USE_PATH_STYLE_ENDPOINT=false
VITE_APP_NAME="${APP_NAME}"
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
GOOGLE_REDIRECT_URI=http://localhost:8000/api/admin/google-drive/callback

11
api/.gitattributes vendored Normal file
View File

@@ -0,0 +1,11 @@
* text=auto eol=lf
*.blade.php diff=html
*.css diff=css
*.html diff=html
*.md diff=markdown
*.php diff=php
/.github export-ignore
CHANGELOG.md export-ignore
.styleci.yml export-ignore

24
api/.gitignore vendored Normal file
View File

@@ -0,0 +1,24 @@
*.log
.DS_Store
.env
.env.backup
.env.production
.phpactor.json
.phpunit.result.cache
/.fleet
/.idea
/.nova
/.phpunit.cache
/.vscode
/.zed
/auth.json
/node_modules
/public/build
/public/hot
/public/storage
/storage/*.key
/storage/pail
/vendor
Homestead.json
Homestead.yaml
Thumbs.db

59
api/README.md Normal file
View File

@@ -0,0 +1,59 @@
<p align="center"><a href="https://laravel.com" target="_blank"><img src="https://raw.githubusercontent.com/laravel/art/master/logo-lockup/5%20SVG/2%20CMYK/1%20Full%20Color/laravel-logolockup-cmyk-red.svg" width="400" alt="Laravel Logo"></a></p>
<p align="center">
<a href="https://github.com/laravel/framework/actions"><img src="https://github.com/laravel/framework/workflows/tests/badge.svg" alt="Build Status"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/dt/laravel/framework" alt="Total Downloads"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/v/laravel/framework" alt="Latest Stable Version"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/l/laravel/framework" alt="License"></a>
</p>
## About Laravel
Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experience to be truly fulfilling. Laravel takes the pain out of development by easing common tasks used in many web projects, such as:
- [Simple, fast routing engine](https://laravel.com/docs/routing).
- [Powerful dependency injection container](https://laravel.com/docs/container).
- Multiple back-ends for [session](https://laravel.com/docs/session) and [cache](https://laravel.com/docs/cache) storage.
- Expressive, intuitive [database ORM](https://laravel.com/docs/eloquent).
- Database agnostic [schema migrations](https://laravel.com/docs/migrations).
- [Robust background job processing](https://laravel.com/docs/queues).
- [Real-time event broadcasting](https://laravel.com/docs/broadcasting).
Laravel is accessible, powerful, and provides tools required for large, robust applications.
## Learning Laravel
Laravel has the most extensive and thorough [documentation](https://laravel.com/docs) and video tutorial library of all modern web application frameworks, making it a breeze to get started with the framework. You can also check out [Laravel Learn](https://laravel.com/learn), where you will be guided through building a modern Laravel application.
If you don't feel like reading, [Laracasts](https://laracasts.com) can help. Laracasts contains thousands of video tutorials on a range of topics including Laravel, modern PHP, unit testing, and JavaScript. Boost your skills by digging into our comprehensive video library.
## Laravel Sponsors
We would like to extend our thanks to the following sponsors for funding Laravel development. If you are interested in becoming a sponsor, please visit the [Laravel Partners program](https://partners.laravel.com).
### Premium Partners
- **[Vehikl](https://vehikl.com)**
- **[Tighten Co.](https://tighten.co)**
- **[Kirschbaum Development Group](https://kirschbaumdevelopment.com)**
- **[64 Robots](https://64robots.com)**
- **[Curotec](https://www.curotec.com/services/technologies/laravel)**
- **[DevSquad](https://devsquad.com/hire-laravel-developers)**
- **[Redberry](https://redberry.international/laravel-development)**
- **[Active Logic](https://activelogic.com)**
## Contributing
Thank you for considering contributing to the Laravel framework! The contribution guide can be found in the [Laravel documentation](https://laravel.com/docs/contributions).
## Code of Conduct
In order to ensure that the Laravel community is welcoming to all, please review and abide by the [Code of Conduct](https://laravel.com/docs/contributions#code-of-conduct).
## Security Vulnerabilities
If you discover a security vulnerability within Laravel, please send an e-mail to Taylor Otwell via [taylor@laravel.com](mailto:taylor@laravel.com). All security vulnerabilities will be promptly addressed.
## License
The Laravel framework is open-sourced software licensed under the [MIT license](https://opensource.org/licenses/MIT).

36
api/app/Actions/Events/CreateEventAction.php Normal file
View File

@@ -0,0 +1,36 @@
<?php
namespace App\Actions\Events;
use App\Models\Event;
use App\Models\User;
use Illuminate\Support\Str;
class CreateEventAction
{
public function execute(array $data, User $user): Event
{
return \Illuminate\Support\Facades\DB::transaction(function () use ($data, $user) {
$slug = $this->generateUniqueSlug($data['slug'] ?? Str::slug($data['name']));
$data['slug'] = $slug;
$data['user_id'] = $user->id;
$event = new Event($data);
$event->save();
return $event;
});
}
protected function generateUniqueSlug(string $base): string
{
$slug = Str::slug($base);
$original = $slug;
$count = 0;
while (Event::where('slug', $slug)->exists()) {
$count++;
$slug = $original.'-'.$count;
}
return $slug;
}
}

34
api/app/Actions/Events/UpdateEventAction.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
namespace App\Actions\Events;
use App\Models\Event;
use Illuminate\Support\Str;
class UpdateEventAction
{
public function execute(Event $event, array $data): Event
{
return \Illuminate\Support\Facades\DB::transaction(function () use ($event, $data) {
if (isset($data['slug']) && $data['slug'] !== $event->slug) {
$data['slug'] = $this->generateUniqueSlug($data['slug'], $event->id);
}
$event->update($data);
return $event->fresh();
});
}
protected function generateUniqueSlug(string $base, int $excludeId): string
{
$slug = Str::slug($base);
$original = $slug;
$count = 0;
while (Event::where('slug', $slug)->where('id', '!=', $excludeId)->exists()) {
$count++;
$slug = $original.'-'.$count;
}
return $slug;
}
}

44
api/app/Console/Commands/MakeAdminUser.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
namespace App\Console\Commands;
use App\Models\User;
use Illuminate\Console\Command;
class MakeAdminUser extends Command
{
protected $signature = 'make:admin
{--email= : Admin email address}
{--password= : Admin password}';
protected $description = 'Create an admin user (email and password required)';
public function handle(): int
{
$email = $this->option('email');
$password = $this->option('password');
if (! $email || ! $password) {
$this->error('Please provide --email and --password.');
$this->line('Example: php artisan make:admin --email=admin@example.com --password=secret');
return self::FAILURE;
}
if (User::where('email', $email)->exists()) {
$this->error("A user with email {$email} already exists.");
return self::FAILURE;
}
User::create([
'name' => explode('@', $email)[0],
'email' => $email,
'password' => $password,
]);
$this->info("Admin user created for {$email}.");
return self::SUCCESS;
}
}

71
api/app/Http/Controllers/Admin/EventsController.php Normal file
View File

@@ -0,0 +1,71 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Actions\Events\CreateEventAction;
use App\Actions\Events\UpdateEventAction;
use App\Http\Controllers\Controller;
use App\Http\Requests\Admin\StoreEventRequest;
use App\Http\Requests\Admin\UpdateEventRequest;
use App\Models\Event;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
class EventsController extends Controller
{
public function index(Request $request): JsonResponse
{
$events = Event::query()
->where('user_id', $request->user()->id)
->withCount('uploads')
->orderByDesc('created_at')
->paginate($request->input('per_page', 15));
return response()->json($events);
}
public function store(StoreEventRequest $request, CreateEventAction $action): JsonResponse
{
$event = $action->execute($request->validated(), $request->user());
return response()->json($event->loadCount('uploads'), 201);
}
public function show(Event $event, Request $request): JsonResponse
{
$this->authorizeEvent($event, $request);
return response()->json($event->loadCount('uploads'));
}
public function update(UpdateEventRequest $request, Event $event, UpdateEventAction $action): JsonResponse
{
$this->authorizeEvent($event, $request);
$event = $action->execute($event, $request->validated());
return response()->json($event->loadCount('uploads'));
}
public function destroy(Event $event, Request $request): JsonResponse
{
$this->authorizeEvent($event, $request);
$event->delete();
return response()->json(null, 204);
}
public function uploads(Event $event, Request $request): JsonResponse
{
$this->authorizeEvent($event, $request);
$uploads = $event->uploads()->orderByDesc('created_at')->paginate($request->input('per_page', 20));
return response()->json($uploads);
}
protected function authorizeEvent(Event $event, Request $request): void
{
if ($event->user_id !== $request->user()->id) {
abort(404);
}
}
}

103
api/app/Http/Controllers/Admin/GoogleDriveController.php Normal file
View File

@@ -0,0 +1,103 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use App\Services\GoogleDrive\GoogleDriveService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\RedirectResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Log;
class GoogleDriveController extends Controller
{
public function __construct(
protected GoogleDriveService $googleDrive
) {}
public function authUrl(): JsonResponse
{
$url = $this->googleDrive->getAuthUrl();
return response()->json(['url' => $url]);
}
public function callback(Request $request): RedirectResponse
{
$frontendUrl = config('app.frontend_admin_url', 'http://localhost:5173');
$code = $request->query('code');
if (! $code) {
return redirect($frontendUrl.'?google_drive_error=missing_code');
}
$user = Auth::user();
if (! $user) {
return redirect($frontendUrl.'?google_drive_error=not_authenticated');
}
try {
$this->googleDrive->handleCallback($code, $user);
} catch (\Throwable $e) {
Log::error('Google Drive connection failed', [
'error' => $e->getMessage(),
'user_id' => $user->id,
]);
return redirect($frontendUrl.'?google_drive_error=connection_failed');
}
return redirect($frontendUrl.'?google_drive_connected=1');
}
public function status(): JsonResponse
{
$connection = Auth::user()?->googleDriveConnections()->first();
return response()->json([
'connected' => (bool) $connection,
'account_email' => $connection?->account_email,
]);
}
public function disconnect(): JsonResponse
{
Auth::user()?->googleDriveConnections()->delete();
return response()->json(['message' => 'Disconnected']);
}
public function sharedDrives(): JsonResponse
{
$drives = $this->googleDrive->listSharedDrives(Auth::user());
return response()->json(['data' => $drives]);
}
public function folders(Request $request): JsonResponse
{
$parentId = $request->query('parent_id');
$driveId = $request->query('drive_id');
$folders = $this->googleDrive->listFolders(Auth::user(), $parentId, $driveId);
return response()->json(['data' => $folders]);
}
public function createFolder(Request $request): JsonResponse
{
$request->validate([
'name' => ['required', 'string', 'max:255'],
'parent_id' => ['nullable', 'string'],
'drive_id' => ['nullable', 'string'],
]);
$folder = $this->googleDrive->createFolder(
Auth::user(),
$request->input('name'),
$request->input('parent_id'),
$request->input('drive_id')
);
return response()->json(['data' => $folder]);
}
}

55
api/app/Http/Controllers/Admin/UploadsController.php Normal file
View File

@@ -0,0 +1,55 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use App\Models\Upload;
use App\Services\GoogleDrive\GoogleDriveService;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
class UploadsController extends Controller
{
public function show(Upload $upload, Request $request): JsonResponse
{
$this->authorizeUpload($upload, $request);
return response()->json($upload);
}
public function destroy(Upload $upload, Request $request, GoogleDriveService $googleDrive): JsonResponse
{
$this->authorizeUpload($upload, $request);
if ($upload->google_drive_file_id) {
try {
$googleDrive->deleteFile($request->user(), $upload->google_drive_file_id);
} catch (\Throwable) {
// Continue to delete record even if Drive delete fails
}
}
$upload->delete();
return response()->json(null, 204);
}
public function downloadUrl(Upload $upload, Request $request, GoogleDriveService $googleDrive): JsonResponse
{
$this->authorizeUpload($upload, $request);
if (! $upload->google_drive_file_id) {
return response()->json(['message' => 'File not yet available'], 404);
}
$url = $googleDrive->getFileLink($request->user(), $upload->google_drive_file_id);
return response()->json(['url' => $url]);
}
protected function authorizeUpload(Upload $upload, Request $request): void
{
if ($upload->event->user_id !== $request->user()->id) {
abort(404);
}
}
}

47
api/app/Http/Controllers/AuthController.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Validation\ValidationException;
class AuthController extends Controller
{
public function login(Request $request): JsonResponse
{
$request->validate([
'email' => ['required', 'string', 'email'],
'password' => ['required', 'string'],
'remember' => ['boolean'],
]);
if (! Auth::attempt(
$request->only('email', 'password'),
$request->boolean('remember')
)) {
throw ValidationException::withMessages([
'email' => [__('auth.failed')],
]);
}
$request->session()->regenerate();
return response()->json(['user' => Auth::user()]);
}
public function logout(Request $request): JsonResponse
{
Auth::guard('web')->logout();
$request->session()->invalidate();
$request->session()->regenerateToken();
return response()->json(['message' => 'Logged out']);
}
public function user(Request $request): JsonResponse
{
return response()->json($request->user());
}
}

8
api/app/Http/Controllers/Controller.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
namespace App\Http\Controllers;
abstract class Controller
{
//
}

183
api/app/Http/Controllers/Public/EventUploadController.php Normal file
View File

@@ -0,0 +1,183 @@
<?php
namespace App\Http\Controllers\Public;
use App\Http\Controllers\Controller;
use App\Http\Requests\Public\VerifyPasswordRequest;
use App\Jobs\ProcessEventUpload;
use App\Models\Event;
use App\Models\Upload;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\RateLimiter;
use Illuminate\Support\Str;
class EventUploadController extends Controller
{
public function show(string $slug): JsonResponse
{
$event = Event::where('slug', $slug)->where('is_active', true)->firstOrFail();
return response()->json([
'name' => $event->name,
'description' => $event->description,
'slug' => $event->slug,
'is_active' => $event->is_active,
'upload_start_at' => $event->upload_start_at?->toIso8601String(),
'upload_end_at' => $event->upload_end_at?->toIso8601String(),
'max_file_size_mb' => $event->max_file_size_mb,
'allowed_extensions' => $event->allowed_extensions,
'require_password' => $event->require_password,
'has_password' => $event->has_password,
]);
}
public function verifyPassword(VerifyPasswordRequest $request, string $slug): JsonResponse
{
$event = Event::where('slug', $slug)->where('is_active', true)->firstOrFail();
if (! $event->require_password) {
return response()->json(['verified' => true]);
}
if (! Hash::check($request->password, $event->upload_password)) {
RateLimiter::hit('password-verify:'.$request->ip());
return response()->json(['message' => 'Invalid password'], 401);
}
return response()->json(['verified' => true]);
}
public function upload(Request $request, string $slug): JsonResponse
{
\Log::info('Upload request received', [
'slug' => $slug,
'has_file' => $request->hasFile('file'),
'files' => array_keys($request->allFiles()),
'content_length' => $request->header('Content-Length'),
]);
$event = Event::where('slug', $slug)->where('is_active', true)->firstOrFail();
if ($event->require_password) {
$password = $request->header('X-Upload-Password');
if (! $password || ! Hash::check($password, $event->upload_password)) {
return response()->json(['message' => 'Invalid or missing upload password'], 401);
}
}
$this->validateUploadWindow($event);
$request->validate([
'file' => ['required', 'file'],
]);
$file = $request->file('file');
\Log::info('File details', [
'original_name' => $file->getClientOriginalName(),
'size' => $file->getSize(),
'mime' => $file->getMimeType(),
'is_valid' => $file->isValid(),
'error' => $file->getError(),
'temp_path' => $file->getPathname(),
]);
$originalName = $file->getClientOriginalName();
$extension = strtolower($file->getClientOriginalExtension() ?: $file->guessExtension());
if (! in_array($extension, $event->allowed_extensions ?? [], true)) {
return response()->json([
'message' => 'File type not allowed. Allowed: '.implode(', ', $event->allowed_extensions),
], 422);
}
$maxBytes = $event->max_file_size_mb * 1024 * 1024;
if ($file->getSize() > $maxBytes) {
return response()->json([
'message' => 'File too large. Maximum size: '.$event->max_file_size_mb.' MB',
], 422);
}
// Ensure temp directory exists (local disk uses app/private/)
$tempDir = storage_path('app/private/uploads/temp');
if (! is_dir($tempDir)) {
mkdir($tempDir, 0755, true);
}
$storedName = Str::uuid().'.'.$extension;
try {
$tempPath = $file->storeAs('uploads/temp', $storedName, ['disk' => 'local']);
if ($tempPath === false || $tempPath === null) {
\Log::error('File storeAs returned false/null', [
'original_name' => $originalName,
'stored_name' => $storedName,
'temp_dir' => $tempDir,
'temp_dir_exists' => is_dir($tempDir),
'temp_dir_writable' => is_writable($tempDir),
]);
return response()->json(['message' => 'Failed to store file'], 500);
}
} catch (\Throwable $e) {
\Log::error('File storage exception', [
'error' => $e->getMessage(),
'original_name' => $originalName,
'stored_name' => $storedName,
]);
return response()->json(['message' => 'Failed to store file: '.$e->getMessage()], 500);
}
// Local disk stores in app/private/, so construct full path accordingly
$fullPath = storage_path('app/private/'.$tempPath);
\Log::info('File stored successfully', [
'temp_path' => $tempPath,
'full_path' => $fullPath,
'file_exists' => file_exists($fullPath),
]);
$upload = $event->uploads()->create([
'original_filename' => $originalName,
'stored_filename' => $storedName,
'file_size' => $file->getSize(),
'mime_type' => $file->getMimeType(),
'status' => 'pending',
'uploader_name' => $request->input('uploader_name'),
'uploader_email' => $request->input('uploader_email'),
]);
ProcessEventUpload::dispatch($upload, $fullPath);
return response()->json([
'upload_id' => $upload->id,
'status' => $upload->status,
], 201);
}
public function uploadStatus(string $slug, int $uploadId): JsonResponse
{
$event = Event::where('slug', $slug)->where('is_active', true)->firstOrFail();
$upload = $event->uploads()->findOrFail($uploadId);
return response()->json([
'id' => $upload->id,
'status' => $upload->status,
'error_message' => $upload->error_message,
'google_drive_web_link' => $upload->google_drive_web_link,
]);
}
protected function validateUploadWindow(Event $event): void
{
if ($event->upload_start_at && now()->isBefore($event->upload_start_at)) {
abort(422, 'Uploads are not yet open.');
}
if ($event->upload_end_at && now()->isAfter($event->upload_end_at)) {
abort(422, 'Upload window has closed.');
}
}
}

26
api/app/Http/Middleware/ThrottlePasswordVerification.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\RateLimiter;
use Symfony\Component\HttpFoundation\Response;
class ThrottlePasswordVerification
{
public function handle(Request $request, Closure $next): Response
{
$key = 'password-verify:'.$request->ip();
if (RateLimiter::tooManyAttempts($key, 5)) {
$seconds = RateLimiter::availableIn($key);
return response()->json([
'message' => "Too many attempts. Please try again in {$seconds} seconds.",
], 429);
}
return $next($request);
}
}

32
api/app/Http/Requests/Admin/StoreEventRequest.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
namespace App\Http\Requests\Admin;
use Illuminate\Foundation\Http\FormRequest;
class StoreEventRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
public function rules(): array
{
return [
'name' => ['required', 'string', 'max:255'],
'description' => ['nullable', 'string', 'max:5000'],
'slug' => ['nullable', 'string', 'max:100', 'unique:events,slug', 'regex:/^[a-z0-9]+(?:-[a-z0-9]+)*$/'],
'google_drive_folder_id' => ['nullable', 'string', 'max:255'],
'google_drive_folder_name' => ['nullable', 'string', 'max:255'],
'is_active' => ['boolean'],
'upload_start_at' => ['nullable', 'date'],
'upload_end_at' => ['nullable', 'date', 'after:upload_start_at'],
'max_file_size_mb' => ['integer', 'min:1', 'max:2000'],
'allowed_extensions' => ['array'],
'allowed_extensions.*' => ['string', 'in:mp4,mov,avi,mkv,webm,jpg,jpeg,png'],
'require_password' => ['boolean'],
'upload_password' => ['nullable', 'string', 'min:4', 'max:100'],
];
}
}

42
api/app/Http/Requests/Admin/UpdateEventRequest.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
namespace App\Http\Requests\Admin;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rule;
class UpdateEventRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
public function rules(): array
{
$event = $this->route('event');
$eventId = $event?->id ?? $this->route('id');
return [
'name' => ['required', 'string', 'max:255'],
'description' => ['nullable', 'string', 'max:5000'],
'slug' => [
'nullable',
'string',
'max:100',
'regex:/^[a-z0-9]+(?:-[a-z0-9]+)*$/',
Rule::unique('events', 'slug')->ignore($eventId),
],
'google_drive_folder_id' => ['nullable', 'string', 'max:255'],
'google_drive_folder_name' => ['nullable', 'string', 'max:255'],
'is_active' => ['boolean'],
'upload_start_at' => ['nullable', 'date'],
'upload_end_at' => ['nullable', 'date', 'after:upload_start_at'],
'max_file_size_mb' => ['integer', 'min:1', 'max:2000'],
'allowed_extensions' => ['array'],
'allowed_extensions.*' => ['string', 'in:mp4,mov,avi,mkv,webm,jpg,jpeg,png'],
'require_password' => ['boolean'],
'upload_password' => ['nullable', 'string', 'min:4', 'max:100'],
];
}
}

20
api/app/Http/Requests/Public/VerifyPasswordRequest.php Normal file
View File

@@ -0,0 +1,20 @@
<?php
namespace App\Http\Requests\Public;
use Illuminate\Foundation\Http\FormRequest;
class VerifyPasswordRequest extends FormRequest
{
public function authorize(): bool
{
return true;
}
public function rules(): array
{
return [
'password' => ['required', 'string'],
];
}
}

69
api/app/Jobs/ProcessEventUpload.php Normal file
View File

@@ -0,0 +1,69 @@
<?php
namespace App\Jobs;
use App\Models\Upload;
use App\Services\GoogleDrive\GoogleDriveService;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Foundation\Bus\Dispatchable;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Queue\SerializesModels;
class ProcessEventUpload implements ShouldQueue
{
use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
public int $tries = 3;
public function __construct(
public Upload $upload,
public string $tempFilePath
) {}
public function handle(GoogleDriveService $googleDrive): void
{
$upload = $this->upload;
$event = $upload->event;
$user = $event->user;
$upload->update(['status' => 'uploading', 'upload_started_at' => now()]);
try {
if (! $event->google_drive_folder_id) {
throw new \RuntimeException('Event has no Google Drive folder configured.');
}
if (! file_exists($this->tempFilePath)) {
throw new \RuntimeException('Temporary file not found.');
}
$result = $googleDrive->uploadFile(
$user,
$this->tempFilePath,
$event->google_drive_folder_id,
$upload->original_filename,
$upload->mime_type
);
$upload->update([
'google_drive_file_id' => $result['id'],
'google_drive_web_link' => $result['webViewLink'] ?? null,
'status' => 'completed',
'upload_completed_at' => now(),
'error_message' => null,
]);
} catch (\Throwable $e) {
$upload->update([
'status' => 'failed',
'error_message' => $e->getMessage(),
'upload_completed_at' => now(),
]);
throw $e;
} finally {
if (file_exists($this->tempFilePath)) {
@unlink($this->tempFilePath);
}
}
}
}

69
api/app/Models/Event.php Normal file
View File

@@ -0,0 +1,69 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
use Illuminate\Database\Eloquent\Relations\HasMany;
use Illuminate\Support\Facades\Hash;
class Event extends Model
{
protected $hidden = ['upload_password'];
protected $appends = ['has_password'];
protected $fillable = [
'user_id',
'name',
'description',
'slug',
'google_drive_folder_id',
'google_drive_folder_name',
'is_active',
'upload_start_at',
'upload_end_at',
'max_file_size_mb',
'allowed_extensions',
'upload_password',
'require_password',
];
protected function casts(): array
{
return [
'upload_start_at' => 'datetime',
'upload_end_at' => 'datetime',
'is_active' => 'boolean',
'require_password' => 'boolean',
'allowed_extensions' => 'array',
];
}
public function getAllowedExtensionsAttribute($value): array
{
$decoded = $value ? json_decode($value, true) : null;
return is_array($decoded) ? $decoded : ['mp4', 'mov', 'avi', 'mkv', 'webm'];
}
public function getHasPasswordAttribute(): bool
{
return ! empty($this->attributes['upload_password'] ?? null);
}
public function setUploadPasswordAttribute(?string $value): void
{
$this->attributes['upload_password'] = $value ? Hash::make($value) : null;
}
public function user(): BelongsTo
{
return $this->belongsTo(User::class);
}
public function uploads(): HasMany
{
return $this->hasMany(Upload::class);
}
}

31
api/app/Models/GoogleDriveConnection.php Normal file
View File

@@ -0,0 +1,31 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
class GoogleDriveConnection extends Model
{
protected $fillable = [
'user_id',
'access_token',
'refresh_token',
'token_expires_at',
'account_email',
];
protected function casts(): array
{
return [
'token_expires_at' => 'datetime',
'access_token' => 'encrypted',
'refresh_token' => 'encrypted',
];
}
public function user(): BelongsTo
{
return $this->belongsTo(User::class);
}
}

38
api/app/Models/Upload.php Normal file
View File

@@ -0,0 +1,38 @@
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Database\Eloquent\Relations\BelongsTo;
class Upload extends Model
{
protected $fillable = [
'event_id',
'original_filename',
'stored_filename',
'file_size',
'mime_type',
'google_drive_file_id',
'google_drive_web_link',
'status',
'error_message',
'uploader_name',
'uploader_email',
'upload_started_at',
'upload_completed_at',
];
protected function casts(): array
{
return [
'upload_started_at' => 'datetime',
'upload_completed_at' => 'datetime',
];
}
public function event(): BelongsTo
{
return $this->belongsTo(Event::class);
}
}

59
api/app/Models/User.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
namespace App\Models;
// use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
use Laravel\Sanctum\HasApiTokens;
class User extends Authenticatable
{
/** @use HasFactory<\Database\Factories\UserFactory> */
use HasApiTokens, HasFactory, Notifiable;
/**
* The attributes that are mass assignable.
*
* @var list<string>
*/
protected $fillable = [
'name',
'email',
'password',
];
/**
* The attributes that should be hidden for serialization.
*
* @var list<string>
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* Get the attributes that should be cast.
*
* @return array<string, string>
*/
protected function casts(): array
{
return [
'email_verified_at' => 'datetime',
'password' => 'hashed',
];
}
public function googleDriveConnections(): \Illuminate\Database\Eloquent\Relations\HasMany
{
return $this->hasMany(GoogleDriveConnection::class);
}
public function events(): \Illuminate\Database\Eloquent\Relations\HasMany
{
return $this->hasMany(Event::class);
}
}

24
api/app/Providers/AppServiceProvider.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
class AppServiceProvider extends ServiceProvider
{
/**
* Register any application services.
*/
public function register(): void
{
//
}
/**
* Bootstrap any application services.
*/
public function boot(): void
{
//
}
}

294
api/app/Services/GoogleDrive/GoogleDriveService.php Normal file
View File

@@ -0,0 +1,294 @@
<?php
namespace App\Services\GoogleDrive;
use App\Models\GoogleDriveConnection;
use App\Models\User;
use Google\Client as GoogleClient;
use Google\Http\MediaFileUpload;
use Google\Service\Drive;
use Google\Service\Drive\DriveFile;
class GoogleDriveService
{
protected const DRIVE_SCOPE = 'https://www.googleapis.com/auth/drive';
protected const DRIVE_METADATA_SCOPE = 'https://www.googleapis.com/auth/drive.metadata.readonly';
public function getAuthUrl(): string
{
$client = $this->createOAuthClient();
$client->setState(optional(request()->user())->id);
return $client->createAuthUrl();
}
public function handleCallback(string $code, User $user): GoogleDriveConnection
{
$client = $this->createOAuthClient();
$token = $client->fetchAccessTokenWithAuthCode($code);
if (isset($token['error'])) {
throw new \RuntimeException('Error fetching access token: '.($token['error_description'] ?? $token['error']));
}
$expiresAt = now();
if (isset($token['expires_in'])) {
$expiresAt = now()->addSeconds($token['expires_in']);
}
$connection = $user->googleDriveConnections()->first();
$email = $this->getTokenEmail($token, $client);
if ($connection) {
$connection->update([
'access_token' => $token['access_token'] ?? $connection->access_token,
'refresh_token' => $token['refresh_token'] ?? $connection->refresh_token,
'token_expires_at' => $expiresAt,
'account_email' => $email ?? $connection->account_email,
]);
} else {
$connection = $user->googleDriveConnections()->create([
'access_token' => $token['access_token'],
'refresh_token' => $token['refresh_token'] ?? '',
'token_expires_at' => $expiresAt,
'account_email' => $email ?? 'unknown',
]);
}
return $connection;
}
public function getClient(User $user): \Google\Client
{
$connection = $user->googleDriveConnections()->first();
if (! $connection) {
throw new \RuntimeException('No Google Drive connection found for user.');
}
$client = $this->createOAuthClient();
$token = [
'access_token' => $connection->access_token,
'refresh_token' => $connection->refresh_token,
'created' => $connection->token_expires_at->subSeconds(3600)->timestamp,
'expires_in' => 3600,
];
$client->setAccessToken($token);
if ($connection->token_expires_at->isPast() || $client->isAccessTokenExpired()) {
$newToken = $client->fetchAccessTokenWithRefreshToken($connection->refresh_token);
if (isset($newToken['error'])) {
throw new \RuntimeException('Error refreshing token: '.($newToken['error_description'] ?? $newToken['error']));
}
$expiresAt = isset($newToken['expires_in'])
? now()->addSeconds($newToken['expires_in'])
: now()->addHour();
$connection->update([
'access_token' => $newToken['access_token'],
'token_expires_at' => $expiresAt,
]);
$client->setAccessToken($newToken);
}
return $client;
}
public function getDriveService(User $user): Drive
{
$client = $this->getClient($user);
return new Drive($client);
}
/**
* List all Shared Drives (Team Drives) the user has access to.
*
* @return \Illuminate\Support\Collection<int, array{id: string, name: string, type: string}>
*/
public function listSharedDrives(User $user): \Illuminate\Support\Collection
{
$service = $this->getDriveService($user);
$optParams = [
'pageSize' => 100,
'fields' => 'drives(id, name)',
];
$results = $service->drives->listDrives($optParams);
return collect($results->getDrives())->map(fn ($d) => [
'id' => $d->getId(),
'name' => $d->getName(),
'type' => 'shared_drive',
]);
}
/**
* @return \Illuminate\Support\Collection<int, array{id: string, name: string}>
*/
public function listFolders(User $user, ?string $parentId = null, ?string $driveId = null): \Illuminate\Support\Collection
{
$service = $this->getDriveService($user);
$query = "mimeType = 'application/vnd.google-apps.folder' and trashed = false";
if ($parentId) {
// List folders inside a specific parent folder
$query .= " and '{$parentId}' in parents";
} elseif ($driveId) {
// List root folders of the Shared Drive
// For Shared Drives, we need to get folders where the drive itself is the parent
// This is done by querying within the specific drive without a parent filter
// and filtering to only top-level items (those with the drive as direct parent)
// However, the API doesn't have a simple "root" concept for Shared Drives
// So we'll fetch all and filter, or use a different approach
// Better approach: Get the drive root and list its children
// We'll query for folders where parents contains the driveId
$query .= " and '{$driveId}' in parents";
} else {
// List root folders of My Drive
$query .= " and 'root' in parents";
}
$optParams = [
'q' => $query,
'fields' => 'files(id, name)',
'orderBy' => 'name',
'supportsAllDrives' => true,
'includeItemsFromAllDrives' => true,
];
if ($driveId) {
$optParams['driveId'] = $driveId;
$optParams['corpora'] = 'drive';
}
$results = $service->files->listFiles($optParams);
return collect($results->getFiles())->map(fn ($f) => ['id' => $f->getId(), 'name' => $f->getName()]);
}
public function createFolder(User $user, string $name, ?string $parentId = null, ?string $driveId = null): array
{
$service = $this->getDriveService($user);
$file = new DriveFile;
$file->setName($name);
$file->setMimeType('application/vnd.google-apps.folder');
if ($parentId) {
$file->setParents([$parentId]);
} elseif ($driveId) {
// Creating in root of Shared Drive - no parent needed, just driveId
$file->setDriveId($driveId);
}
$optParams = [
'supportsAllDrives' => true,
];
$created = $service->files->create($file, $optParams);
return ['id' => $created->getId(), 'name' => $created->getName()];
}
/**
* Upload a file to Google Drive. Returns array with 'id' and 'webViewLink'.
*/
public function uploadFile(User $user, string $filePath, string $folderId, string $filename, string $mimeType): array
{
$client = $this->getClient($user);
$service = new Drive($client);
$file = new DriveFile;
$file->setName($filename);
$file->setParents([$folderId]);
$client->setDefer(true);
$request = $service->files->create($file, [
'mimeType' => $mimeType,
'uploadType' => 'resumable',
'fields' => 'id, webViewLink',
'supportsAllDrives' => true,
]);
$chunkSize = 5 * 1024 * 1024; // 5MB
$media = new MediaFileUpload(
$client,
$request,
$mimeType,
'',
true,
$chunkSize
);
$media->setFileSize(filesize($filePath));
$handle = fopen($filePath, 'rb');
$status = false;
while (! $status) {
$chunk = fread($handle, $chunkSize);
$status = $media->nextChunk($chunk);
}
fclose($handle);
$client->setDefer(false);
$file = $status;
if (! $file instanceof DriveFile) {
throw new \RuntimeException('Upload did not return file metadata.');
}
return [
'id' => $file->getId(),
'webViewLink' => $file->getWebViewLink() ?? $file->getWebContentLink() ?? '',
];
}
public function deleteFile(User $user, string $fileId): void
{
$service = $this->getDriveService($user);
$service->files->delete($fileId, ['supportsAllDrives' => true]);
}
/**
* Get a temporary download URL or web link for a file.
*/
public function getFileLink(User $user, string $fileId): ?string
{
$service = $this->getDriveService($user);
$file = $service->files->get($fileId, [
'fields' => 'webViewLink, webContentLink',
'supportsAllDrives' => true,
]);
return $file->getWebViewLink() ?? $file->getWebContentLink();
}
protected function createOAuthClient(): GoogleClient
{
$client = new GoogleClient;
$client->setClientId(config('services.google.client_id'));
$client->setClientSecret(config('services.google.client_secret'));
$client->setRedirectUri(config('services.google.redirect_uri'));
$client->setScopes([self::DRIVE_SCOPE, self::DRIVE_METADATA_SCOPE]);
$client->setAccessType('offline');
$client->setPrompt('consent');
return $client;
}
protected function getTokenEmail(array $token, GoogleClient $client): ?string
{
if (isset($token['id_token'])) {
$payload = $client->verifyIdToken($token['id_token']);
if ($payload && isset($payload['email'])) {
return $payload['email'];
}
}
try {
$client->setAccessToken($token);
$oauth2 = new \Google\Service\Oauth2($client);
$info = $oauth2->userinfo->get();
return $info->getEmail();
} catch (\Throwable) {
return null;
}
}
}

18
api/artisan Executable file
View File

@@ -0,0 +1,18 @@
#!/usr/bin/env php
<?php
use Illuminate\Foundation\Application;
use Symfony\Component\Console\Input\ArgvInput;
define('LARAVEL_START', microtime(true));
// Register the Composer autoloader...
require __DIR__.'/vendor/autoload.php';
// Bootstrap Laravel and handle the command...
/** @var Application $app */
$app = require_once __DIR__.'/bootstrap/app.php';
$status = $app->handleCommand(new ArgvInput);
exit($status);

30
api/bootstrap/app.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
use App\Http\Middleware\ThrottlePasswordVerification;
use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware;
return Application::configure(basePath: dirname(__DIR__))
->withRouting(
web: __DIR__.'/../routes/web.php',
api: __DIR__.'/../routes/api.php',
commands: __DIR__.'/../routes/console.php',
health: '/up',
)
->withMiddleware(function (Middleware $middleware): void {
$middleware->statefulApi();
$middleware->alias([
'throttle.password' => ThrottlePasswordVerification::class,
]);
// Exclude public upload endpoints from CSRF verification
// These endpoints use password-based auth, not session cookies
$middleware->validateCsrfTokens(except: [
'api/events/*/upload',
'api/events/*/verify-password',
]);
})
->withExceptions(function (Exceptions $exceptions): void {
//
})->create();

2
api/bootstrap/cache/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
*
!.gitignore

5
api/bootstrap/providers.php Normal file
View File

@@ -0,0 +1,5 @@
<?php
return [
App\Providers\AppServiceProvider::class,
];

89
api/composer.json Normal file
View File

@@ -0,0 +1,89 @@
{
"$schema": "https://getcomposer.org/schema.json",
"name": "laravel/laravel",
"type": "project",
"description": "The skeleton application for the Laravel framework.",
"keywords": ["laravel", "framework"],
"license": "MIT",
"require": {
"php": "^8.2",
"google/apiclient": "^2.19",
"laravel/framework": "^12.0",
"laravel/sanctum": "^4.0",
"laravel/tinker": "^2.10.1"
},
"require-dev": {
"fakerphp/faker": "^1.23",
"laravel/pail": "^1.2.2",
"laravel/pint": "^1.24",
"laravel/sail": "^1.41",
"mockery/mockery": "^1.6",
"nunomaduro/collision": "^8.6",
"pestphp/pest": "^3.8",
"phpunit/phpunit": "^11.5.3"
},
"autoload": {
"psr-4": {
"App\\": "app/",
"Database\\Factories\\": "database/factories/",
"Database\\Seeders\\": "database/seeders/"
}
},
"autoload-dev": {
"psr-4": {
"Tests\\": "tests/"
}
},
"scripts": {
"setup": [
"composer install",
"@php -r \"file_exists('.env') || copy('.env.example', '.env');\"",
"@php artisan key:generate",
"@php artisan migrate --force",
"npm install",
"npm run build"
],
"dev": [
"Composer\\Config::disableProcessTimeout",
"npx concurrently -c \"#93c5fd,#c4b5fd,#fb7185,#fdba74\" \"php artisan serve\" \"php artisan queue:listen --tries=1 --timeout=0\" \"php artisan pail --timeout=0\" \"npm run dev\" --names=server,queue,logs,vite --kill-others"
],
"test": [
"@php artisan config:clear --ansi",
"@php artisan test"
],
"post-autoload-dump": [
"Illuminate\\Foundation\\ComposerScripts::postAutoloadDump",
"@php artisan package:discover --ansi"
],
"post-update-cmd": [
"@php artisan vendor:publish --tag=laravel-assets --ansi --force"
],
"post-root-package-install": [
"@php -r \"file_exists('.env') || copy('.env.example', '.env');\""
],
"post-create-project-cmd": [
"@php artisan key:generate --ansi",
"@php -r \"file_exists('database/database.sqlite') || touch('database/database.sqlite');\"",
"@php artisan migrate --graceful --ansi"
],
"pre-package-uninstall": [
"Illuminate\\Foundation\\ComposerScripts::prePackageUninstall"
]
},
"extra": {
"laravel": {
"dont-discover": []
}
},
"config": {
"optimize-autoloader": true,
"preferred-install": "dist",
"sort-packages": true,
"allow-plugins": {
"pestphp/pest-plugin": true,
"php-http/discovery": true
}
},
"minimum-stability": "stable",
"prefer-stable": true
}

9893
api/composer.lock generated Normal file
View File

File diff suppressed because it is too large Load Diff

126
api/config/app.php Normal file
View File

@@ -0,0 +1,126 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Application Name
|--------------------------------------------------------------------------
|
| This value is the name of your application, which will be used when the
| framework needs to place the application's name in a notification or
| other UI elements where an application name needs to be displayed.
|
*/
'name' => env('APP_NAME', 'Laravel'),
/*
|--------------------------------------------------------------------------
| Application Environment
|--------------------------------------------------------------------------
|
| This value determines the "environment" your application is currently
| running in. This may determine how you prefer to configure various
| services the application utilizes. Set this in your ".env" file.
|
*/
'env' => env('APP_ENV', 'production'),
/*
|--------------------------------------------------------------------------
| Application Debug Mode
|--------------------------------------------------------------------------
|
| When your application is in debug mode, detailed error messages with
| stack traces will be shown on every error that occurs within your
| application. If disabled, a simple generic error page is shown.
|
*/
'debug' => (bool) env('APP_DEBUG', false),
/*
|--------------------------------------------------------------------------
| Application URL
|--------------------------------------------------------------------------
|
| This URL is used by the console to properly generate URLs when using
| the Artisan command line tool. You should set this to the root of
| the application so that it's available within Artisan commands.
|
*/
'url' => env('APP_URL', 'http://localhost'),
/*
|--------------------------------------------------------------------------
| Application Timezone
|--------------------------------------------------------------------------
|
| Here you may specify the default timezone for your application, which
| will be used by the PHP date and date-time functions. The timezone
| is set to "UTC" by default as it is suitable for most use cases.
|
*/
'timezone' => 'UTC',
/*
|--------------------------------------------------------------------------
| Application Locale Configuration
|--------------------------------------------------------------------------
|
| The application locale determines the default locale that will be used
| by Laravel's translation / localization methods. This option can be
| set to any locale for which you plan to have translation strings.
|
*/
'locale' => env('APP_LOCALE', 'en'),
'fallback_locale' => env('APP_FALLBACK_LOCALE', 'en'),
'faker_locale' => env('APP_FAKER_LOCALE', 'en_US'),
/*
|--------------------------------------------------------------------------
| Encryption Key
|--------------------------------------------------------------------------
|
| This key is utilized by Laravel's encryption services and should be set
| to a random, 32 character string to ensure that all encrypted values
| are secure. You should do this prior to deploying the application.
|
*/
'cipher' => 'AES-256-CBC',
'key' => env('APP_KEY'),
'previous_keys' => [
...array_filter(
explode(',', (string) env('APP_PREVIOUS_KEYS', ''))
),
],
/*
|--------------------------------------------------------------------------
| Maintenance Mode Driver
|--------------------------------------------------------------------------
|
| These configuration options determine the driver used to determine and
| manage Laravel's "maintenance mode" status. The "cache" driver will
| allow maintenance mode to be controlled across multiple machines.
|
| Supported drivers: "file", "cache"
|
*/
'maintenance' => [
'driver' => env('APP_MAINTENANCE_DRIVER', 'file'),
'store' => env('APP_MAINTENANCE_STORE', 'database'),
],
];

115
api/config/auth.php Normal file
View File

@@ -0,0 +1,115 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option defines the default authentication "guard" and password
| reset "broker" for your application. You may change these values
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => env('AUTH_GUARD', 'web'),
'passwords' => env('AUTH_PASSWORD_BROKER', 'users'),
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| which utilizes session storage plus the Eloquent user provider.
|
| All authentication guards have a user provider, which defines how the
| users are actually retrieved out of your database or other storage
| system used by the application. Typically, Eloquent is utilized.
|
| Supported: "session"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication guards have a user provider, which defines how the
| users are actually retrieved out of your database or other storage
| system used by the application. Typically, Eloquent is utilized.
|
| If you have multiple user tables or models you may configure multiple
| providers to represent the model / table. These providers may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => env('AUTH_MODEL', App\Models\User::class),
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| These configuration options specify the behavior of Laravel's password
| reset functionality, including the table utilized for token storage
| and the user provider that is invoked to actually retrieve users.
|
| The expiry time is the number of minutes that each reset token will be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
| The throttle setting is the number of seconds a user must wait before
| generating more password reset tokens. This prevents the user from
| quickly generating a very large amount of password reset tokens.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'table' => env('AUTH_PASSWORD_RESET_TOKEN_TABLE', 'password_reset_tokens'),
'expire' => 60,
'throttle' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Password Confirmation Timeout
|--------------------------------------------------------------------------
|
| Here you may define the number of seconds before a password confirmation
| window expires and users are asked to re-enter their password via the
| confirmation screen. By default, the timeout lasts for three hours.
|
*/
'password_timeout' => env('AUTH_PASSWORD_TIMEOUT', 10800),
];

117
api/config/cache.php Normal file
View File

@@ -0,0 +1,117 @@
<?php
use Illuminate\Support\Str;
return [
/*
|--------------------------------------------------------------------------
| Default Cache Store
|--------------------------------------------------------------------------
|
| This option controls the default cache store that will be used by the
| framework. This connection is utilized if another isn't explicitly
| specified when running a cache operation inside the application.
|
*/
'default' => env('CACHE_STORE', 'database'),
/*
|--------------------------------------------------------------------------
| Cache Stores
|--------------------------------------------------------------------------
|
| Here you may define all of the cache "stores" for your application as
| well as their drivers. You may even define multiple stores for the
| same cache driver to group types of items stored in your caches.
|
| Supported drivers: "array", "database", "file", "memcached",
| "redis", "dynamodb", "octane",
| "failover", "null"
|
*/
'stores' => [
'array' => [
'driver' => 'array',
'serialize' => false,
],
'database' => [
'driver' => 'database',
'connection' => env('DB_CACHE_CONNECTION'),
'table' => env('DB_CACHE_TABLE', 'cache'),
'lock_connection' => env('DB_CACHE_LOCK_CONNECTION'),
'lock_table' => env('DB_CACHE_LOCK_TABLE'),
],
'file' => [
'driver' => 'file',
'path' => storage_path('framework/cache/data'),
'lock_path' => storage_path('framework/cache/data'),
],
'memcached' => [
'driver' => 'memcached',
'persistent_id' => env('MEMCACHED_PERSISTENT_ID'),
'sasl' => [
env('MEMCACHED_USERNAME'),
env('MEMCACHED_PASSWORD'),
],
'options' => [
// Memcached::OPT_CONNECT_TIMEOUT => 2000,
],
'servers' => [
[
'host' => env('MEMCACHED_HOST', '127.0.0.1'),
'port' => env('MEMCACHED_PORT', 11211),
'weight' => 100,
],
],
],
'redis' => [
'driver' => 'redis',
'connection' => env('REDIS_CACHE_CONNECTION', 'cache'),
'lock_connection' => env('REDIS_CACHE_LOCK_CONNECTION', 'default'),
],
'dynamodb' => [
'driver' => 'dynamodb',
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION', 'us-east-1'),
'table' => env('DYNAMODB_CACHE_TABLE', 'cache'),
'endpoint' => env('DYNAMODB_ENDPOINT'),
],
'octane' => [
'driver' => 'octane',
],
'failover' => [
'driver' => 'failover',
'stores' => [
'database',
'array',
],
],
],
/*
|--------------------------------------------------------------------------
| Cache Key Prefix
|--------------------------------------------------------------------------
|
| When utilizing the APC, database, memcached, Redis, and DynamoDB cache
| stores, there might be other applications using the same cache. For
| that reason, you may prefix every cache key to avoid collisions.
|
*/
'prefix' => env('CACHE_PREFIX', Str::slug((string) env('APP_NAME', 'laravel')).'-cache-'),
];

39
api/config/cors.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Cross-Origin Resource Sharing (CORS) Configuration
|--------------------------------------------------------------------------
|
| Here you may configure your settings for cross-origin resource sharing
| or "CORS". This determines what cross-origin operations may execute
| in web browsers. You are free to adjust these settings as needed.
|
| To learn more: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
|
*/
'paths' => ['api/*', 'sanctum/csrf-cookie'],
'allowed_methods' => ['*'],
'allowed_origins' => [
'http://localhost:5173',
'http://localhost:5174',
'http://127.0.0.1:5173',
'http://127.0.0.1:5174',
],
'allowed_origins_patterns' => [],
'allowed_headers' => ['*'],
'exposed_headers' => [],
'max_age' => 0,
'supports_credentials' => true,
];

183
api/config/database.php Normal file
View File

@@ -0,0 +1,183 @@
<?php
use Illuminate\Support\Str;
return [
/*
|--------------------------------------------------------------------------
| Default Database Connection Name
|--------------------------------------------------------------------------
|
| Here you may specify which of the database connections below you wish
| to use as your default connection for database operations. This is
| the connection which will be utilized unless another connection
| is explicitly specified when you execute a query / statement.
|
*/
'default' => env('DB_CONNECTION', 'sqlite'),
/*
|--------------------------------------------------------------------------
| Database Connections
|--------------------------------------------------------------------------
|
| Below are all of the database connections defined for your application.
| An example configuration is provided for each database system which
| is supported by Laravel. You're free to add / remove connections.
|
*/
'connections' => [
'sqlite' => [
'driver' => 'sqlite',
'url' => env('DB_URL'),
'database' => env('DB_DATABASE', database_path('database.sqlite')),
'prefix' => '',
'foreign_key_constraints' => env('DB_FOREIGN_KEYS', true),
'busy_timeout' => null,
'journal_mode' => null,
'synchronous' => null,
'transaction_mode' => 'DEFERRED',
],
'mysql' => [
'driver' => 'mysql',
'url' => env('DB_URL'),
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '3306'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'unix_socket' => env('DB_SOCKET', ''),
'charset' => env('DB_CHARSET', 'utf8mb4'),
'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'),
'prefix' => '',
'prefix_indexes' => true,
'strict' => true,
'engine' => null,
'options' => extension_loaded('pdo_mysql') ? array_filter([
(PHP_VERSION_ID >= 80500 ? \Pdo\Mysql::ATTR_SSL_CA : \PDO::MYSQL_ATTR_SSL_CA) => env('MYSQL_ATTR_SSL_CA'),
]) : [],
],
'mariadb' => [
'driver' => 'mariadb',
'url' => env('DB_URL'),
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '3306'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'unix_socket' => env('DB_SOCKET', ''),
'charset' => env('DB_CHARSET', 'utf8mb4'),
'collation' => env('DB_COLLATION', 'utf8mb4_unicode_ci'),
'prefix' => '',
'prefix_indexes' => true,
'strict' => true,
'engine' => null,
'options' => extension_loaded('pdo_mysql') ? array_filter([
(PHP_VERSION_ID >= 80500 ? \Pdo\Mysql::ATTR_SSL_CA : \PDO::MYSQL_ATTR_SSL_CA) => env('MYSQL_ATTR_SSL_CA'),
]) : [],
],
'pgsql' => [
'driver' => 'pgsql',
'url' => env('DB_URL'),
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '5432'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'charset' => env('DB_CHARSET', 'utf8'),
'prefix' => '',
'prefix_indexes' => true,
'search_path' => 'public',
'sslmode' => env('DB_SSLMODE', 'prefer'),
],
'sqlsrv' => [
'driver' => 'sqlsrv',
'url' => env('DB_URL'),
'host' => env('DB_HOST', 'localhost'),
'port' => env('DB_PORT', '1433'),
'database' => env('DB_DATABASE', 'laravel'),
'username' => env('DB_USERNAME', 'root'),
'password' => env('DB_PASSWORD', ''),
'charset' => env('DB_CHARSET', 'utf8'),
'prefix' => '',
'prefix_indexes' => true,
// 'encrypt' => env('DB_ENCRYPT', 'yes'),
// 'trust_server_certificate' => env('DB_TRUST_SERVER_CERTIFICATE', 'false'),
],
],
/*
|--------------------------------------------------------------------------
| Migration Repository Table
|--------------------------------------------------------------------------
|
| This table keeps track of all the migrations that have already run for
| your application. Using this information, we can determine which of
| the migrations on disk haven't actually been run on the database.
|
*/
'migrations' => [
'table' => 'migrations',
'update_date_on_publish' => true,
],
/*
|--------------------------------------------------------------------------
| Redis Databases
|--------------------------------------------------------------------------
|
| Redis is an open source, fast, and advanced key-value store that also
| provides a richer body of commands than a typical key-value system
| such as Memcached. You may define your connection settings here.
|
*/
'redis' => [
'client' => env('REDIS_CLIENT', 'phpredis'),
'options' => [
'cluster' => env('REDIS_CLUSTER', 'redis'),
'prefix' => env('REDIS_PREFIX', Str::slug((string) env('APP_NAME', 'laravel')).'-database-'),
'persistent' => env('REDIS_PERSISTENT', false),
],
'default' => [
'url' => env('REDIS_URL'),
'host' => env('REDIS_HOST', '127.0.0.1'),
'username' => env('REDIS_USERNAME'),
'password' => env('REDIS_PASSWORD'),
'port' => env('REDIS_PORT', '6379'),
'database' => env('REDIS_DB', '0'),
'max_retries' => env('REDIS_MAX_RETRIES', 3),
'backoff_algorithm' => env('REDIS_BACKOFF_ALGORITHM', 'decorrelated_jitter'),
'backoff_base' => env('REDIS_BACKOFF_BASE', 100),
'backoff_cap' => env('REDIS_BACKOFF_CAP', 1000),
],
'cache' => [
'url' => env('REDIS_URL'),
'host' => env('REDIS_HOST', '127.0.0.1'),
'username' => env('REDIS_USERNAME'),
'password' => env('REDIS_PASSWORD'),
'port' => env('REDIS_PORT', '6379'),
'database' => env('REDIS_CACHE_DB', '1'),
'max_retries' => env('REDIS_MAX_RETRIES', 3),
'backoff_algorithm' => env('REDIS_BACKOFF_ALGORITHM', 'decorrelated_jitter'),
'backoff_base' => env('REDIS_BACKOFF_BASE', 100),
'backoff_cap' => env('REDIS_BACKOFF_CAP', 1000),
],
],
];

80
api/config/filesystems.php Normal file
View File

@@ -0,0 +1,80 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Default Filesystem Disk
|--------------------------------------------------------------------------
|
| Here you may specify the default filesystem disk that should be used
| by the framework. The "local" disk, as well as a variety of cloud
| based disks are available to your application for file storage.
|
*/
'default' => env('FILESYSTEM_DISK', 'local'),
/*
|--------------------------------------------------------------------------
| Filesystem Disks
|--------------------------------------------------------------------------
|
| Below you may configure as many filesystem disks as necessary, and you
| may even configure multiple disks for the same driver. Examples for
| most supported storage drivers are configured here for reference.
|
| Supported drivers: "local", "ftp", "sftp", "s3"
|
*/
'disks' => [
'local' => [
'driver' => 'local',
'root' => storage_path('app/private'),
'serve' => true,
'throw' => false,
'report' => false,
],
'public' => [
'driver' => 'local',
'root' => storage_path('app/public'),
'url' => rtrim(env('APP_URL', 'http://localhost'), '/').'/storage',
'visibility' => 'public',
'throw' => false,
'report' => false,
],
's3' => [
'driver' => 's3',
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION'),
'bucket' => env('AWS_BUCKET'),
'url' => env('AWS_URL'),
'endpoint' => env('AWS_ENDPOINT'),
'use_path_style_endpoint' => env('AWS_USE_PATH_STYLE_ENDPOINT', false),
'throw' => false,
'report' => false,
],
],
/*
|--------------------------------------------------------------------------
| Symbolic Links
|--------------------------------------------------------------------------
|
| Here you may configure the symbolic links that will be created when the
| `storage:link` Artisan command is executed. The array keys should be
| the locations of the links and the values should be their targets.
|
*/
'links' => [
public_path('storage') => storage_path('app/public'),
],
];

132
api/config/logging.php Normal file
View File

@@ -0,0 +1,132 @@
<?php
use Monolog\Handler\NullHandler;
use Monolog\Handler\StreamHandler;
use Monolog\Handler\SyslogUdpHandler;
use Monolog\Processor\PsrLogMessageProcessor;
return [
/*
|--------------------------------------------------------------------------
| Default Log Channel
|--------------------------------------------------------------------------
|
| This option defines the default log channel that is utilized to write
| messages to your logs. The value provided here should match one of
| the channels present in the list of "channels" configured below.
|
*/
'default' => env('LOG_CHANNEL', 'stack'),
/*
|--------------------------------------------------------------------------
| Deprecations Log Channel
|--------------------------------------------------------------------------
|
| This option controls the log channel that should be used to log warnings
| regarding deprecated PHP and library features. This allows you to get
| your application ready for upcoming major versions of dependencies.
|
*/
'deprecations' => [
'channel' => env('LOG_DEPRECATIONS_CHANNEL', 'null'),
'trace' => env('LOG_DEPRECATIONS_TRACE', false),
],
/*
|--------------------------------------------------------------------------
| Log Channels
|--------------------------------------------------------------------------
|
| Here you may configure the log channels for your application. Laravel
| utilizes the Monolog PHP logging library, which includes a variety
| of powerful log handlers and formatters that you're free to use.
|
| Available drivers: "single", "daily", "slack", "syslog",
| "errorlog", "monolog", "custom", "stack"
|
*/
'channels' => [
'stack' => [
'driver' => 'stack',
'channels' => explode(',', (string) env('LOG_STACK', 'single')),
'ignore_exceptions' => false,
],
'single' => [
'driver' => 'single',
'path' => storage_path('logs/laravel.log'),
'level' => env('LOG_LEVEL', 'debug'),
'replace_placeholders' => true,
],
'daily' => [
'driver' => 'daily',
'path' => storage_path('logs/laravel.log'),
'level' => env('LOG_LEVEL', 'debug'),
'days' => env('LOG_DAILY_DAYS', 14),
'replace_placeholders' => true,
],
'slack' => [
'driver' => 'slack',
'url' => env('LOG_SLACK_WEBHOOK_URL'),
'username' => env('LOG_SLACK_USERNAME', 'Laravel Log'),
'emoji' => env('LOG_SLACK_EMOJI', ':boom:'),
'level' => env('LOG_LEVEL', 'critical'),
'replace_placeholders' => true,
],
'papertrail' => [
'driver' => 'monolog',
'level' => env('LOG_LEVEL', 'debug'),
'handler' => env('LOG_PAPERTRAIL_HANDLER', SyslogUdpHandler::class),
'handler_with' => [
'host' => env('PAPERTRAIL_URL'),
'port' => env('PAPERTRAIL_PORT'),
'connectionString' => 'tls://'.env('PAPERTRAIL_URL').':'.env('PAPERTRAIL_PORT'),
],
'processors' => [PsrLogMessageProcessor::class],
],
'stderr' => [
'driver' => 'monolog',
'level' => env('LOG_LEVEL', 'debug'),
'handler' => StreamHandler::class,
'handler_with' => [
'stream' => 'php://stderr',
],
'formatter' => env('LOG_STDERR_FORMATTER'),
'processors' => [PsrLogMessageProcessor::class],
],
'syslog' => [
'driver' => 'syslog',
'level' => env('LOG_LEVEL', 'debug'),
'facility' => env('LOG_SYSLOG_FACILITY', LOG_USER),
'replace_placeholders' => true,
],
'errorlog' => [
'driver' => 'errorlog',
'level' => env('LOG_LEVEL', 'debug'),
'replace_placeholders' => true,
],
'null' => [
'driver' => 'monolog',
'handler' => NullHandler::class,
],
'emergency' => [
'path' => storage_path('logs/laravel.log'),
],
],
];

118
api/config/mail.php Normal file
View File

@@ -0,0 +1,118 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Default Mailer
|--------------------------------------------------------------------------
|
| This option controls the default mailer that is used to send all email
| messages unless another mailer is explicitly specified when sending
| the message. All additional mailers can be configured within the
| "mailers" array. Examples of each type of mailer are provided.
|
*/
'default' => env('MAIL_MAILER', 'log'),
/*
|--------------------------------------------------------------------------
| Mailer Configurations
|--------------------------------------------------------------------------
|
| Here you may configure all of the mailers used by your application plus
| their respective settings. Several examples have been configured for
| you and you are free to add your own as your application requires.
|
| Laravel supports a variety of mail "transport" drivers that can be used
| when delivering an email. You may specify which one you're using for
| your mailers below. You may also add additional mailers if needed.
|
| Supported: "smtp", "sendmail", "mailgun", "ses", "ses-v2",
| "postmark", "resend", "log", "array",
| "failover", "roundrobin"
|
*/
'mailers' => [
'smtp' => [
'transport' => 'smtp',
'scheme' => env('MAIL_SCHEME'),
'url' => env('MAIL_URL'),
'host' => env('MAIL_HOST', '127.0.0.1'),
'port' => env('MAIL_PORT', 2525),
'username' => env('MAIL_USERNAME'),
'password' => env('MAIL_PASSWORD'),
'timeout' => null,
'local_domain' => env('MAIL_EHLO_DOMAIN', parse_url((string) env('APP_URL', 'http://localhost'), PHP_URL_HOST)),
],
'ses' => [
'transport' => 'ses',
],
'postmark' => [
'transport' => 'postmark',
// 'message_stream_id' => env('POSTMARK_MESSAGE_STREAM_ID'),
// 'client' => [
// 'timeout' => 5,
// ],
],
'resend' => [
'transport' => 'resend',
],
'sendmail' => [
'transport' => 'sendmail',
'path' => env('MAIL_SENDMAIL_PATH', '/usr/sbin/sendmail -bs -i'),
],
'log' => [
'transport' => 'log',
'channel' => env('MAIL_LOG_CHANNEL'),
],
'array' => [
'transport' => 'array',
],
'failover' => [
'transport' => 'failover',
'mailers' => [
'smtp',
'log',
],
'retry_after' => 60,
],
'roundrobin' => [
'transport' => 'roundrobin',
'mailers' => [
'ses',
'postmark',
],
'retry_after' => 60,
],
],
/*
|--------------------------------------------------------------------------
| Global "From" Address
|--------------------------------------------------------------------------
|
| You may wish for all emails sent by your application to be sent from
| the same address. Here you may specify a name and address that is
| used globally for all emails that are sent by your application.
|
*/
'from' => [
'address' => env('MAIL_FROM_ADDRESS', 'hello@example.com'),
'name' => env('MAIL_FROM_NAME', 'Example'),
],
];

129
api/config/queue.php Normal file
View File

@@ -0,0 +1,129 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Default Queue Connection Name
|--------------------------------------------------------------------------
|
| Laravel's queue supports a variety of backends via a single, unified
| API, giving you convenient access to each backend using identical
| syntax for each. The default queue connection is defined below.
|
*/
'default' => env('QUEUE_CONNECTION', 'database'),
/*
|--------------------------------------------------------------------------
| Queue Connections
|--------------------------------------------------------------------------
|
| Here you may configure the connection options for every queue backend
| used by your application. An example configuration is provided for
| each backend supported by Laravel. You're also free to add more.
|
| Drivers: "sync", "database", "beanstalkd", "sqs", "redis",
| "deferred", "background", "failover", "null"
|
*/
'connections' => [
'sync' => [
'driver' => 'sync',
],
'database' => [
'driver' => 'database',
'connection' => env('DB_QUEUE_CONNECTION'),
'table' => env('DB_QUEUE_TABLE', 'jobs'),
'queue' => env('DB_QUEUE', 'default'),
'retry_after' => (int) env('DB_QUEUE_RETRY_AFTER', 90),
'after_commit' => false,
],
'beanstalkd' => [
'driver' => 'beanstalkd',
'host' => env('BEANSTALKD_QUEUE_HOST', 'localhost'),
'queue' => env('BEANSTALKD_QUEUE', 'default'),
'retry_after' => (int) env('BEANSTALKD_QUEUE_RETRY_AFTER', 90),
'block_for' => 0,
'after_commit' => false,
],
'sqs' => [
'driver' => 'sqs',
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'prefix' => env('SQS_PREFIX', 'https://sqs.us-east-1.amazonaws.com/your-account-id'),
'queue' => env('SQS_QUEUE', 'default'),
'suffix' => env('SQS_SUFFIX'),
'region' => env('AWS_DEFAULT_REGION', 'us-east-1'),
'after_commit' => false,
],
'redis' => [
'driver' => 'redis',
'connection' => env('REDIS_QUEUE_CONNECTION', 'default'),
'queue' => env('REDIS_QUEUE', 'default'),
'retry_after' => (int) env('REDIS_QUEUE_RETRY_AFTER', 90),
'block_for' => null,
'after_commit' => false,
],
'deferred' => [
'driver' => 'deferred',
],
'background' => [
'driver' => 'background',
],
'failover' => [
'driver' => 'failover',
'connections' => [
'database',
'deferred',
],
],
],
/*
|--------------------------------------------------------------------------
| Job Batching
|--------------------------------------------------------------------------
|
| The following options configure the database and table that store job
| batching information. These options can be updated to any database
| connection and table which has been defined by your application.
|
*/
'batching' => [
'database' => env('DB_CONNECTION', 'sqlite'),
'table' => 'job_batches',
],
/*
|--------------------------------------------------------------------------
| Failed Queue Jobs
|--------------------------------------------------------------------------
|
| These options configure the behavior of failed queue job logging so you
| can control how and where failed jobs are stored. Laravel ships with
| support for storing failed jobs in a simple file or in a database.
|
| Supported drivers: "database-uuids", "dynamodb", "file", "null"
|
*/
'failed' => [
'driver' => env('QUEUE_FAILED_DRIVER', 'database-uuids'),
'database' => env('DB_CONNECTION', 'sqlite'),
'table' => 'failed_jobs',
],
];

84
api/config/sanctum.php Normal file
View File

@@ -0,0 +1,84 @@
<?php
use Laravel\Sanctum\Sanctum;
return [
/*
|--------------------------------------------------------------------------
| Stateful Domains
|--------------------------------------------------------------------------
|
| Requests from the following domains / hosts will receive stateful API
| authentication cookies. Typically, these should include your local
| and production domains which access your API via a frontend SPA.
|
*/
'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf(
'%s%s',
'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1',
Sanctum::currentApplicationUrlWithPort(),
// Sanctum::currentRequestHost(),
))),
/*
|--------------------------------------------------------------------------
| Sanctum Guards
|--------------------------------------------------------------------------
|
| This array contains the authentication guards that will be checked when
| Sanctum is trying to authenticate a request. If none of these guards
| are able to authenticate the request, Sanctum will use the bearer
| token that's present on an incoming request for authentication.
|
*/
'guard' => ['web'],
/*
|--------------------------------------------------------------------------
| Expiration Minutes
|--------------------------------------------------------------------------
|
| This value controls the number of minutes until an issued token will be
| considered expired. This will override any values set in the token's
| "expires_at" attribute, but first-party sessions are not affected.
|
*/
'expiration' => null,
/*
|--------------------------------------------------------------------------
| Token Prefix
|--------------------------------------------------------------------------
|
| Sanctum can prefix new tokens in order to take advantage of numerous
| security scanning initiatives maintained by open source platforms
| that notify developers if they commit tokens into repositories.
|
| See: https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning
|
*/
'token_prefix' => env('SANCTUM_TOKEN_PREFIX', ''),
/*
|--------------------------------------------------------------------------
| Sanctum Middleware
|--------------------------------------------------------------------------
|
| When authenticating your first-party SPA with Sanctum you may need to
| customize some of the middleware Sanctum uses while processing the
| request. You may change the middleware listed below as required.
|
*/
'middleware' => [
'authenticate_session' => Laravel\Sanctum\Http\Middleware\AuthenticateSession::class,
'encrypt_cookies' => Illuminate\Cookie\Middleware\EncryptCookies::class,
'validate_csrf_token' => Illuminate\Foundation\Http\Middleware\ValidateCsrfToken::class,
],
];

44
api/config/services.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
return [
/*
|--------------------------------------------------------------------------
| Third Party Services
|--------------------------------------------------------------------------
|
| This file is for storing the credentials for third party services such
| as Mailgun, Postmark, AWS and more. This file provides the de facto
| location for this type of information, allowing packages to have
| a conventional file to locate the various service credentials.
|
*/
'postmark' => [
'key' => env('POSTMARK_API_KEY'),
],
'resend' => [
'key' => env('RESEND_API_KEY'),
],
'ses' => [
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION', 'us-east-1'),
],
'slack' => [
'notifications' => [
'bot_user_oauth_token' => env('SLACK_BOT_USER_OAUTH_TOKEN'),
'channel' => env('SLACK_BOT_USER_DEFAULT_CHANNEL'),
],
],
'google' => [
'client_id' => env('GOOGLE_CLIENT_ID'),
'client_secret' => env('GOOGLE_CLIENT_SECRET'),
'redirect_uri' => env('GOOGLE_REDIRECT_URI', env('APP_URL').'/api/admin/google-drive/callback'),
],
];

217
api/config/session.php Normal file
View File

@@ -0,0 +1,217 @@
<?php
use Illuminate\Support\Str;
return [
/*
|--------------------------------------------------------------------------
| Default Session Driver
|--------------------------------------------------------------------------
|
| This option determines the default session driver that is utilized for
| incoming requests. Laravel supports a variety of storage options to
| persist session data. Database storage is a great default choice.
|
| Supported: "file", "cookie", "database", "memcached",
| "redis", "dynamodb", "array"
|
*/
'driver' => env('SESSION_DRIVER', 'database'),
/*
|--------------------------------------------------------------------------
| Session Lifetime
|--------------------------------------------------------------------------
|
| Here you may specify the number of minutes that you wish the session
| to be allowed to remain idle before it expires. If you want them
| to expire immediately when the browser is closed then you may
| indicate that via the expire_on_close configuration option.
|
*/
'lifetime' => (int) env('SESSION_LIFETIME', 120),
'expire_on_close' => env('SESSION_EXPIRE_ON_CLOSE', false),
/*
|--------------------------------------------------------------------------
| Session Encryption
|--------------------------------------------------------------------------
|
| This option allows you to easily specify that all of your session data
| should be encrypted before it's stored. All encryption is performed
| automatically by Laravel and you may use the session like normal.
|
*/
'encrypt' => env('SESSION_ENCRYPT', false),
/*
|--------------------------------------------------------------------------
| Session File Location
|--------------------------------------------------------------------------
|
| When utilizing the "file" session driver, the session files are placed
| on disk. The default storage location is defined here; however, you
| are free to provide another location where they should be stored.
|
*/
'files' => storage_path('framework/sessions'),
/*
|--------------------------------------------------------------------------
| Session Database Connection
|--------------------------------------------------------------------------
|
| When using the "database" or "redis" session drivers, you may specify a
| connection that should be used to manage these sessions. This should
| correspond to a connection in your database configuration options.
|
*/
'connection' => env('SESSION_CONNECTION'),
/*
|--------------------------------------------------------------------------
| Session Database Table
|--------------------------------------------------------------------------
|
| When using the "database" session driver, you may specify the table to
| be used to store sessions. Of course, a sensible default is defined
| for you; however, you're welcome to change this to another table.
|
*/
'table' => env('SESSION_TABLE', 'sessions'),
/*
|--------------------------------------------------------------------------
| Session Cache Store
|--------------------------------------------------------------------------
|
| When using one of the framework's cache driven session backends, you may
| define the cache store which should be used to store the session data
| between requests. This must match one of your defined cache stores.
|
| Affects: "dynamodb", "memcached", "redis"
|
*/
'store' => env('SESSION_STORE'),
/*
|--------------------------------------------------------------------------
| Session Sweeping Lottery
|--------------------------------------------------------------------------
|
| Some session drivers must manually sweep their storage location to get
| rid of old sessions from storage. Here are the chances that it will
| happen on a given request. By default, the odds are 2 out of 100.
|
*/
'lottery' => [2, 100],
/*
|--------------------------------------------------------------------------
| Session Cookie Name
|--------------------------------------------------------------------------
|
| Here you may change the name of the session cookie that is created by
| the framework. Typically, you should not need to change this value
| since doing so does not grant a meaningful security improvement.
|
*/
'cookie' => env(
'SESSION_COOKIE',
Str::slug((string) env('APP_NAME', 'laravel')).'-session'
),
/*
|--------------------------------------------------------------------------
| Session Cookie Path
|--------------------------------------------------------------------------
|
| The session cookie path determines the path for which the cookie will
| be regarded as available. Typically, this will be the root path of
| your application, but you're free to change this when necessary.
|
*/
'path' => env('SESSION_PATH', '/'),
/*
|--------------------------------------------------------------------------
| Session Cookie Domain
|--------------------------------------------------------------------------
|
| This value determines the domain and subdomains the session cookie is
| available to. By default, the cookie will be available to the root
| domain without subdomains. Typically, this shouldn't be changed.
|
*/
'domain' => env('SESSION_DOMAIN'),
/*
|--------------------------------------------------------------------------
| HTTPS Only Cookies
|--------------------------------------------------------------------------
|
| By setting this option to true, session cookies will only be sent back
| to the server if the browser has a HTTPS connection. This will keep
| the cookie from being sent to you when it can't be done securely.
|
*/
'secure' => env('SESSION_SECURE_COOKIE'),
/*
|--------------------------------------------------------------------------
| HTTP Access Only
|--------------------------------------------------------------------------
|
| Setting this value to true will prevent JavaScript from accessing the
| value of the cookie and the cookie will only be accessible through
| the HTTP protocol. It's unlikely you should disable this option.
|
*/
'http_only' => env('SESSION_HTTP_ONLY', true),
/*
|--------------------------------------------------------------------------
| Same-Site Cookies
|--------------------------------------------------------------------------
|
| This option determines how your cookies behave when cross-site requests
| take place, and can be used to mitigate CSRF attacks. By default, we
| will set this value to "lax" to permit secure cross-site requests.
|
| See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#samesitesamesite-value
|
| Supported: "lax", "strict", "none", null
|
*/
'same_site' => env('SESSION_SAME_SITE', 'lax'),
/*
|--------------------------------------------------------------------------
| Partitioned Cookies
|--------------------------------------------------------------------------
|
| Setting this value to true will tie the cookie to the top-level site for
| a cross-site context. Partitioned cookies are accepted by the browser
| when flagged "secure" and the Same-Site attribute is set to "none".
|
*/
'partitioned' => env('SESSION_PARTITIONED_COOKIE', false),
];

1
api/database/.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
*.sqlite*

44
api/database/factories/UserFactory.php Normal file
View File

@@ -0,0 +1,44 @@
<?php
namespace Database\Factories;
use Illuminate\Database\Eloquent\Factories\Factory;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Str;
/**
* @extends \Illuminate\Database\Eloquent\Factories\Factory<\App\Models\User>
*/
class UserFactory extends Factory
{
/**
* The current password being used by the factory.
*/
protected static ?string $password;
/**
* Define the model's default state.
*
* @return array<string, mixed>
*/
public function definition(): array
{
return [
'name' => fake()->name(),
'email' => fake()->unique()->safeEmail(),
'email_verified_at' => now(),
'password' => static::$password ??= Hash::make('password'),
'remember_token' => Str::random(10),
];
}
/**
* Indicate that the model's email address should be unverified.
*/
public function unverified(): static
{
return $this->state(fn (array $attributes) => [
'email_verified_at' => null,
]);
}
}

49
api/database/migrations/0001_01_01_000000_create_users_table.php Normal file
View File

@@ -0,0 +1,49 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('users', function (Blueprint $table) {
$table->id();
$table->string('name');
$table->string('email')->unique();
$table->timestamp('email_verified_at')->nullable();
$table->string('password');
$table->rememberToken();
$table->timestamps();
});
Schema::create('password_reset_tokens', function (Blueprint $table) {
$table->string('email')->primary();
$table->string('token');
$table->timestamp('created_at')->nullable();
});
Schema::create('sessions', function (Blueprint $table) {
$table->string('id')->primary();
$table->foreignId('user_id')->nullable()->index();
$table->string('ip_address', 45)->nullable();
$table->text('user_agent')->nullable();
$table->longText('payload');
$table->integer('last_activity')->index();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('users');
Schema::dropIfExists('password_reset_tokens');
Schema::dropIfExists('sessions');
}
};

35
api/database/migrations/0001_01_01_000001_create_cache_table.php Normal file
View File

@@ -0,0 +1,35 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('cache', function (Blueprint $table) {
$table->string('key')->primary();
$table->mediumText('value');
$table->integer('expiration')->index();
});
Schema::create('cache_locks', function (Blueprint $table) {
$table->string('key')->primary();
$table->string('owner');
$table->integer('expiration')->index();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('cache');
Schema::dropIfExists('cache_locks');
}
};

57
api/database/migrations/0001_01_01_000002_create_jobs_table.php Normal file
View File

@@ -0,0 +1,57 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('jobs', function (Blueprint $table) {
$table->id();
$table->string('queue')->index();
$table->longText('payload');
$table->unsignedTinyInteger('attempts');
$table->unsignedInteger('reserved_at')->nullable();
$table->unsignedInteger('available_at');
$table->unsignedInteger('created_at');
});
Schema::create('job_batches', function (Blueprint $table) {
$table->string('id')->primary();
$table->string('name');
$table->integer('total_jobs');
$table->integer('pending_jobs');
$table->integer('failed_jobs');
$table->longText('failed_job_ids');
$table->mediumText('options')->nullable();
$table->integer('cancelled_at')->nullable();
$table->integer('created_at');
$table->integer('finished_at')->nullable();
});
Schema::create('failed_jobs', function (Blueprint $table) {
$table->id();
$table->string('uuid')->unique();
$table->text('connection');
$table->text('queue');
$table->longText('payload');
$table->longText('exception');
$table->timestamp('failed_at')->useCurrent();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('jobs');
Schema::dropIfExists('job_batches');
Schema::dropIfExists('failed_jobs');
}
};

33
api/database/migrations/2026_02_02_201554_create_personal_access_tokens_table.php Normal file
View File

@@ -0,0 +1,33 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('personal_access_tokens', function (Blueprint $table) {
$table->id();
$table->morphs('tokenable');
$table->text('name');
$table->string('token', 64)->unique();
$table->text('abilities')->nullable();
$table->timestamp('last_used_at')->nullable();
$table->timestamp('expires_at')->nullable()->index();
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('personal_access_tokens');
}
};

42
api/database/migrations/2026_02_02_201741_create_events_table.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('events', function (Blueprint $table) {
$table->id();
$table->foreignId('user_id')->constrained()->cascadeOnDelete();
$table->string('name');
$table->text('description')->nullable();
$table->string('slug', 100)->unique();
$table->string('google_drive_folder_id', 255)->nullable();
$table->string('google_drive_folder_name', 255)->nullable();
$table->boolean('is_active')->default(true);
$table->timestamp('upload_start_at')->nullable();
$table->timestamp('upload_end_at')->nullable();
$table->unsignedInteger('max_file_size_mb')->default(500);
$table->json('allowed_extensions')->nullable();
$table->string('upload_password')->nullable();
$table->boolean('require_password')->default(false);
$table->timestamps();
$table->index('slug');
$table->index('is_active');
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('events');
}
};

32
api/database/migrations/2026_02_02_201741_create_google_drive_connections_table.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('google_drive_connections', function (Blueprint $table) {
$table->id();
$table->foreignId('user_id')->constrained()->cascadeOnDelete();
$table->text('access_token');
$table->text('refresh_token');
$table->timestamp('token_expires_at');
$table->string('account_email');
$table->timestamps();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('google_drive_connections');
}
};

41
api/database/migrations/2026_02_02_201741_create_uploads_table.php Normal file
View File

@@ -0,0 +1,41 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::create('uploads', function (Blueprint $table) {
$table->id();
$table->foreignId('event_id')->constrained()->cascadeOnDelete();
$table->string('original_filename');
$table->string('stored_filename');
$table->unsignedBigInteger('file_size');
$table->string('mime_type', 100);
$table->string('google_drive_file_id', 255)->nullable();
$table->string('google_drive_web_link', 500)->nullable();
$table->enum('status', ['pending', 'uploading', 'completed', 'failed'])->default('pending');
$table->text('error_message')->nullable();
$table->string('uploader_name')->nullable();
$table->string('uploader_email')->nullable();
$table->timestamp('upload_started_at')->nullable();
$table->timestamp('upload_completed_at')->nullable();
$table->timestamps();
$table->index(['event_id', 'status']);
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::dropIfExists('uploads');
}
};

25
api/database/seeders/DatabaseSeeder.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
namespace Database\Seeders;
use App\Models\User;
use Illuminate\Database\Console\Seeds\WithoutModelEvents;
use Illuminate\Database\Seeder;
class DatabaseSeeder extends Seeder
{
use WithoutModelEvents;
/**
* Seed the application's database.
*/
public function run(): void
{
// User::factory(10)->create();
User::factory()->create([
'name' => 'Test User',
'email' => 'test@example.com',
]);
}
}

17
api/package.json Normal file
View File

@@ -0,0 +1,17 @@
{
"$schema": "https://www.schemastore.org/package.json",
"private": true,
"type": "module",
"scripts": {
"build": "vite build",
"dev": "vite"
},
"devDependencies": {
"@tailwindcss/vite": "^4.0.0",
"axios": "^1.11.0",
"concurrently": "^9.0.1",
"laravel-vite-plugin": "^2.0.0",
"tailwindcss": "^4.0.0",
"vite": "^7.0.7"
}
}

7
api/php.ini Normal file
View File

@@ -0,0 +1,7 @@
; PHP configuration for development
; These settings allow larger file uploads
upload_max_filesize = 512M
post_max_size = 520M
memory_limit = 256M
max_execution_time = 300

35
api/phpunit.xml Normal file
View File

@@ -0,0 +1,35 @@
<?xml version="1.0" encoding="UTF-8"?>
<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="vendor/phpunit/phpunit/phpunit.xsd"
bootstrap="vendor/autoload.php"
colors="true"
>
<testsuites>
<testsuite name="Unit">
<directory>tests/Unit</directory>
</testsuite>
<testsuite name="Feature">
<directory>tests/Feature</directory>
</testsuite>
</testsuites>
<source>
<include>
<directory>app</directory>
</include>
</source>
<php>
<env name="APP_ENV" value="testing"/>
<env name="APP_MAINTENANCE_DRIVER" value="file"/>
<env name="BCRYPT_ROUNDS" value="4"/>
<env name="BROADCAST_CONNECTION" value="null"/>
<env name="CACHE_STORE" value="array"/>
<env name="DB_CONNECTION" value="sqlite"/>
<env name="DB_DATABASE" value=":memory:"/>
<env name="MAIL_MAILER" value="array"/>
<env name="QUEUE_CONNECTION" value="sync"/>
<env name="SESSION_DRIVER" value="array"/>
<env name="PULSE_ENABLED" value="false"/>
<env name="TELESCOPE_ENABLED" value="false"/>
<env name="NIGHTWATCH_ENABLED" value="false"/>
</php>
</phpunit>

25
api/public/.htaccess Normal file
View File

@@ -0,0 +1,25 @@
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Handle X-XSRF-Token Header
RewriteCond %{HTTP:x-xsrf-token} .
RewriteRule .* - [E=HTTP_X_XSRF_TOKEN:%{HTTP:X-XSRF-Token}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Send Requests To Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>

0
api/public/favicon.ico Normal file
View File

20
api/public/index.php Normal file
View File

@@ -0,0 +1,20 @@
<?php
use Illuminate\Foundation\Application;
use Illuminate\Http\Request;
define('LARAVEL_START', microtime(true));
// Determine if the application is in maintenance mode...
if (file_exists($maintenance = __DIR__.'/../storage/framework/maintenance.php')) {
require $maintenance;
}
// Register the Composer autoloader...
require __DIR__.'/../vendor/autoload.php';
// Bootstrap Laravel and handle the request...
/** @var Application $app */
$app = require_once __DIR__.'/../bootstrap/app.php';
$app->handleRequest(Request::capture());

2
api/public/robots.txt Normal file
View File

@@ -0,0 +1,2 @@
User-agent: *
Disallow:

11
api/resources/css/app.css Normal file
View File

@@ -0,0 +1,11 @@
@import 'tailwindcss';
@source '../../vendor/laravel/framework/src/Illuminate/Pagination/resources/views/*.blade.php';
@source '../../storage/framework/views/*.php';
@source '../**/*.blade.php';
@source '../**/*.js';
@theme {
--font-sans: 'Instrument Sans', ui-sans-serif, system-ui, sans-serif, 'Apple Color Emoji', 'Segoe UI Emoji',
'Segoe UI Symbol', 'Noto Color Emoji';
}

1
api/resources/js/app.js Normal file
View File

@@ -0,0 +1 @@
import './bootstrap';

4
api/resources/js/bootstrap.js vendored Normal file
View File

@@ -0,0 +1,4 @@
import axios from 'axios';
window.axios = axios;
window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';

277
api/resources/views/welcome.blade.php Normal file
View File

File diff suppressed because one or more lines are too long

39
api/routes/api.php Normal file
View File

@@ -0,0 +1,39 @@
<?php
use App\Http\Controllers\Admin\GoogleDriveController as AdminGoogleDriveController;
use App\Http\Controllers\AuthController;
use Illuminate\Support\Facades\Route;
Route::prefix('auth')->middleware('web')->group(function () {
Route::post('login', [AuthController::class, 'login']);
Route::post('logout', [AuthController::class, 'logout'])->middleware('auth:sanctum');
Route::get('user', [AuthController::class, 'user'])->middleware('auth:sanctum');
});
// Google Drive callback needs web middleware for session but not auth:sanctum (handles auth internally)
Route::get('admin/google-drive/callback', [AdminGoogleDriveController::class, 'callback'])->middleware('web');
Route::prefix('admin')->middleware('auth:sanctum')->group(function () {
Route::get('google-drive/auth-url', [AdminGoogleDriveController::class, 'authUrl']);
Route::get('google-drive/status', [AdminGoogleDriveController::class, 'status']);
Route::delete('google-drive/disconnect', [AdminGoogleDriveController::class, 'disconnect']);
Route::get('google-drive/shared-drives', [AdminGoogleDriveController::class, 'sharedDrives']);
Route::get('google-drive/folders', [AdminGoogleDriveController::class, 'folders']);
Route::post('google-drive/folders', [AdminGoogleDriveController::class, 'createFolder']);
Route::apiResource('events', \App\Http\Controllers\Admin\EventsController::class);
Route::get('events/{event}/uploads', [\App\Http\Controllers\Admin\EventsController::class, 'uploads']);
Route::get('uploads/{upload}', [\App\Http\Controllers\Admin\UploadsController::class, 'show']);
Route::delete('uploads/{upload}', [\App\Http\Controllers\Admin\UploadsController::class, 'destroy']);
Route::get('uploads/{upload}/download-url', [\App\Http\Controllers\Admin\UploadsController::class, 'downloadUrl']);
});
Route::prefix('events')->group(function () {
Route::get('{slug}', [\App\Http\Controllers\Public\EventUploadController::class, 'show']);
Route::post('{slug}/verify-password', [\App\Http\Controllers\Public\EventUploadController::class, 'verifyPassword'])
->middleware('throttle.password');
Route::post('{slug}/upload', [\App\Http\Controllers\Public\EventUploadController::class, 'upload'])
->middleware('throttle:30,60');
Route::get('{slug}/upload/{uploadId}/status', [\App\Http\Controllers\Public\EventUploadController::class, 'uploadStatus']);
});

8
api/routes/console.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
use Illuminate\Foundation\Inspiring;
use Illuminate\Support\Facades\Artisan;
Artisan::command('inspire', function () {
$this->comment(Inspiring::quote());
})->purpose('Display an inspiring quote');

Some files were not shown because too many files have changed in this diff Show More