Documentation Index
Fetch the complete documentation index at: https://mintlify.com/AlexanderDamont1/Stratus/llms.txt
Use this file to discover all available pages before exploring further.
Overview
Controllers live in app/Http/Controllers/. All controllers extend the base Controller class at app/Http/Controllers/Controller.php, which in turn extends Laravel’s Illuminate\Routing\Controller.
Authentication controllers are grouped in app/Http/Controllers/Auth/ and are generated and maintained by Laravel Breeze.
Base controller
File: app/Http/Controllers/Controller.php
The base class that all other controllers extend. Add shared middleware, helpers, or response methods here when they need to be available across the application.
ProfileController
File: app/Http/Controllers/ProfileController.php
Handles authenticated user profile management.
Methods
edit(Request $request): View
Displays the profile editing form.
public function edit(Request $request): View
{
return view('profile.edit', ['user' => $request->user()]);
}
GET /profile — protected by auth middleware.
update(ProfileUpdateRequest $request): RedirectResponse
Persists profile changes. If the email address is changed, email_verified_at is reset to null, requiring the user to re-verify.
public function update(ProfileUpdateRequest $request): RedirectResponse
{
$request->user()->fill($request->validated());
if ($request->user()->isDirty('email')) {
$request->user()->email_verified_at = null;
}
$request->user()->save();
return Redirect::route('profile.edit')->with('status', 'profile-updated');
}
PATCH /profile — protected by auth middleware.
Validation rules for profile updates are defined in app/Http/Requests/ProfileUpdateRequest.php. The rules are:
name — required, string, max 255 charactersemail — required, string, lowercase, valid email format, max 255 characters, unique in the users table (excluding the current user’s own record)
destroy(Request $request): RedirectResponse
Permanently deletes the authenticated user’s account. Requires the current password for confirmation.
public function destroy(Request $request): RedirectResponse
{
$request->validateWithBag('userDeletion', [
'password' => ['required', 'current_password'],
]);
$user = $request->user();
Auth::logout();
$user->delete();
$request->session()->invalidate();
$request->session()->regenerateToken();
return Redirect::to('/');
}
DELETE /profile — protected by auth middleware.
This action is irreversible. The user record and all associated data are permanently deleted.
Auth controllers
All auth controllers live in app/Http/Controllers/Auth/. They handle the full authentication lifecycle for Stratus.
AuthenticatedSessionController
Handles login and logout.
| Method | HTTP | Route | Description |
|---|
create | GET | /login | Show the login form |
store | POST | /login | Authenticate the user and start a session |
destroy | POST | /logout | Log the user out and invalidate the session |
App\Http\Requests\Auth\LoginRequest, which enforces:
- Required
email and password fields
- Rate limiting: 5 failed attempts per email+IP combination triggers a lockout
- Optional
remember boolean for persistent sessions
RegisteredUserController
Handles new user registration.
| Method | HTTP | Route | Description |
|---|
create | GET | /register | Show the registration form |
store | POST | /register | Validate, create the user, and log them in |
PasswordResetLinkController
Sends a password reset email.
| Method | HTTP | Route | Description |
|---|
create | GET | /forgot-password | Show the forgot password form |
store | POST | /forgot-password | Send the password reset link email |
NewPasswordController
Handles resetting a password using a valid reset token.
| Method | HTTP | Route | Description |
|---|
create | GET | /reset-password/{token} | Show the new password form |
store | POST | /reset-password | Validate the token and update the password |
PasswordController
Updates the password for an already-authenticated user.
| Method | HTTP | Route | Description |
|---|
update | PUT | /password | Validate current password and set a new one |
Password update validation uses the updatePassword error bag. This allows the profile page to display password errors separately from profile information errors.
VerifyEmailController
Handles the email verification link clicked from the verification email.
| Method | HTTP | Route | Description |
|---|
__invoke | GET | /verify-email/{id}/{hash} | Mark the email as verified and redirect |
signed middleware (URL signature validation) and is throttled at 6 requests per minute.
EmailVerificationNotificationController
Resends the email verification notification.
| Method | HTTP | Route | Description |
|---|
store | POST | /email/verification-notification | Resend the verification email (rate-limited: 6/min) |
EmailVerificationPromptController
Shows the email verification prompt to users who have not yet verified.
| Method | HTTP | Route | Description |
|---|
__invoke | GET | /verify-email | Show the verification prompt page |
ConfirmablePasswordController
Used to re-confirm a password before performing sensitive actions (e.g., enabling two-factor auth).
| Method | HTTP | Route | Description |
|---|
show | GET | /confirm-password | Show the password confirmation form |
store | POST | /confirm-password | Validate the password and mark the session as confirmed |
Adding new controllers
Generate a controller
php artisan make:controller ProductController
php artisan make:controller ProductController --resource
Extend the base controller
The generated file will automatically extend Controller:app/Http/Controllers/ProductController.php
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class ProductController extends Controller
{
public function index()
{
//
}
}
Add routes
Register the controller in routes/web.php:use App\Http\Controllers\ProductController;
Route::resource('products', ProductController::class)
->middleware(['auth', 'verified']);
Create a form request (optional)
For controllers with validation, generate a form request to keep the controller thin:php artisan make:request StoreProductRequest
