Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/AndresLopezCorrales/Boletilandia/llms.txt

Use this file to discover all available pages before exploring further.

Boletilandia’s routing layer is split across two files: routes/web.php for all browser-facing pages and routes/api.php for the Sanctum-protected JSON API. Routes are grouped by access level — public, admin-only (guarded by the admin middleware alias), and user-only (guarded by the user middleware alias). Laravel Jetstream and Fortify automatically register their own authentication routes on top of these.

Public Routes

These routes are accessible without authentication.
MethodPathHandlerDescription
GET/Closure → index viewRenders the landing page. The view itself checks auth status to display appropriate content.
GET/homeAdminController::index() + ClosureRole-based router: redirects authenticated admins to admin.index, authenticated users to home.index (with upcoming events ordered by date ascending), and unauthenticated visitors back to the previous page.
The /home route is declared twice in routes/web.php. The first declaration uses AdminController::index() (note the lowercase route::get call). The second declaration is a Closure containing the full usertype role-branching logic and carries the ->name('home') named route. Laravel resolves to the last matching definition, so the named Closure is the one that actually handles requests. The AdminController version is superseded.

/home Role-Branching Logic

When a logged-in user hits /home, the Closure checks usertype and branches:
Route::get('/home', function () {
    if (Auth::id()) {
        $userType = Auth()->user()->usertype;

        if ($userType == 'admin') {
            return view('admin.index');

        } else if ($userType == 'user') {
            $fechaActual = Carbon::now()->format('Y-m-d');

            $events = Evento::where('FechaEvento', '>=', $fechaActual)
                        ->orderBy('FechaEvento', 'asc')
                        ->get();

            return view('home.index', compact('events'));
        }
    } else {
        return redirect()->back();
    }
})->name('home');

Dashboard Route (Auth + Verified)

The /dashboard route is wrapped in the Jetstream authenticated-and-verified middleware group. It returns the same index view as the root route, providing a consistent landing point for post-login redirects.
Route::middleware([
    'auth:sanctum',
    config('jetstream.auth_session'),
    'verified',
])->group(function () {
    Route::get('/dashboard', function () {
        return view('index');
    })->name('dashboard');
});
MiddlewarePurpose
auth:sanctumRequires an authenticated Sanctum session or token
config('jetstream.auth_session')Applies Jetstream’s session authentication guard
verifiedRequires email_verified_at to be non-null

Admin Routes

All admin routes require the admin middleware alias (App\Http\Middleware\Admin). Any authenticated user whose usertype is not 'admin' receives an HTTP 401 response.
MethodPathControllerMiddlewareDescription
POST/admin-eventosEventoController::store()adminCreates a new event and stores it in the evento table.
GET/admin-ver_eventosClosure → admin.ver_eventos viewadminLists all upcoming events (ordered by FechaEvento ascending) for the admin to review. Named admin-ver_eventos.
DELETE/admin-eliminar_eventos/{evento}EventoController::eliminarEvento()adminDeletes the specified event (triggers cascade deletion of all its sections and seats).
GET/admin-editar_eventos/{evento}EventoController::mostrarPantallaEdicion()adminDisplays the edit form pre-populated with the event’s current data. Named admin.editar_evento.
PUT/admin-editar_eventos/{evento}EventoController::actualizarInfoEvento()adminPersists updated event information to the database.
GET/admin-grafica_eventosGraficaController::verGrafica()adminRenders the sales/analytics chart view for all events.

User Routes

All user routes require the user middleware alias (App\Http\Middleware\User). Admins visiting these routes receive an HTTP 401 response.
MethodPathControllerMiddlewareDescription
GET/home-pagina_eventos/{evento}HomeController::mostrarPaginaEvento()userShows the detail page for a specific event, including its sections and available seats.
POST/home-seleccionboleto_eventos/{evento}BoletoController::mostrarPantallaBoletos()userDisplays the seat-selection interface (SVG seating map) for a chosen event.
POST/comprar-asientoBoletoController::comprarAsiento()userRecords a seat purchase: marks disponibilidad_asiento = 0 for the selected asiento row.
GET/pdf-boleto/{evento}PdfController::generarPdf()userGenerates and returns a downloadable PDF ticket for the authenticated user’s purchased seat.

API Routes

Defined in routes/api.php. All API routes are automatically prefixed with /api.
MethodPathHandlerMiddlewareDescription
GET/api/userClosureauth:sanctumReturns the currently authenticated user as a JSON object. Requires a valid Sanctum personal access token (Bearer) or an active Sanctum cookie session.
// routes/api.php

Route::get('/user', function (Request $request) {
    return $request->user();
})->middleware('auth:sanctum');
To call /api/user with a personal access token, include the token in the Authorization header:
curl -H "Authorization: Bearer YOUR_TOKEN" https://your-app.test/api/user

Jetstream & Fortify Auto-Registered Routes

Jetstream and Fortify register their own routes automatically when the packages boot. These routes are not declared in routes/web.php but are fully available at runtime.

Authentication

  • GET /login — Login form
  • POST /login — Submit credentials
  • POST /logout — End session
  • GET /register — Registration form
  • POST /register — Create account

Password Reset

  • GET /forgot-password — Request reset link
  • POST /forgot-password — Send reset email
  • GET /reset-password/{token} — Reset form
  • POST /reset-password — Persist new password

Two-Factor Auth

  • GET /two-factor-challenge — 2FA prompt
  • POST /two-factor-challenge — Submit TOTP code
  • Routes to enable, confirm, and disable 2FA from the profile page

Profile & API Tokens

  • GET /user/profile — Profile settings page
  • Update profile info, password, and photo
  • GET /user/api-tokens — Manage personal access tokens
  • Create and revoke Sanctum API tokens with scoped permissions

Route File Locations

FilePrefixPurpose
routes/web.php(none)All browser-facing routes — public, admin, and user
routes/api.php/apiSanctum-protected JSON API
routes/console.php(none)Artisan command routes
Both route files are registered in bootstrap/app.php:
return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
        web: __DIR__.'/../routes/web.php',
        api: __DIR__.'/../routes/api.php',
        commands: __DIR__.'/../routes/console.php',
        health: '/up',
    )
    // ...
The health check endpoint GET /up is registered automatically by Laravel 11 via the health key above. It returns a 200 OK response and is used for uptime monitoring.

Build docs developers (and LLMs) love