feat: shop customer accounts (register/login + order history)
Schema: - shop_customers (company_id, name, phone unique-per-tenant, email, password, client_id auto-linked, last_login_at) - online_orders.shop_customer_id nullable FK Auth: - New 'shop' guard (session driver, shop_customers provider) in config/auth.php - ShopCustomer Authenticatable with hashed password cast and BelongsToTenant global scope — login attempts naturally scoped to current tenant subdomain Flow: - ShopAuthController: register / login / logout / account - Register auto-links to existing Client by phone match - /shop/account: order history (only the logged customer's orders) + profile - Checkout prefills name/phone/email from logged customer + sets shop_customer_id (and client_id from auto-link) on the placed order - Layout nav switches between Login/Register and "👤 Name + Ieșire" Tests (8 new): - register creates customer + auto-login - register auto-links existing Client by phone - duplicate phone rejected - login validates credentials - /account requires auth (redirects to /shop/login) - /account lists only the logged customer's orders - checkout attaches shop_customer_id - customers tenant-isolated Full suite: 117 passed. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -93,6 +93,16 @@ Route::controller(\App\Http\Controllers\ShopController::class)->prefix('shop')->
|
||||
Route::post('/part/{id}/add', 'addToCart')->where('id', '\d+')->name('shop.cart.add');
|
||||
});
|
||||
|
||||
// ─── Shop customer auth ────────────────────────────────────────────
|
||||
Route::controller(\App\Http\Controllers\ShopAuthController::class)->prefix('shop')->group(function () {
|
||||
Route::get('/register', 'showRegister')->name('shop.register');
|
||||
Route::post('/register', 'register');
|
||||
Route::get('/login', 'showLogin')->name('shop.login');
|
||||
Route::post('/login', 'login');
|
||||
Route::post('/logout', 'logout')->name('shop.logout');
|
||||
Route::get('/account', 'account')->name('shop.account');
|
||||
});
|
||||
|
||||
// ─── Public WO tracking (no auth, tenant-scoped via subdomain) ──────
|
||||
Route::get('/t/{token}', [\App\Http\Controllers\TrackingController::class, 'show'])
|
||||
->where('token', '[A-Za-z0-9]{16,32}')
|
||||
|
||||
Reference in New Issue
Block a user