Deploy 2: 2FA (App + Email) + REST API + CSV import-export + auto backup

- Filament v5 multiFactorAuthentication enabled on both panels (App + Email)
- HasAppAuthentication + HasEmailAuthentication on User and SuperAdmin
- Migration: app_authentication_secret + recovery_codes + email_authentication_at
- Sanctum REST API: /api/v1/login, /me, clients, vehicles, work-orders
- EnsureTokenMatchesTenant middleware blocks cross-tenant token usage
- CsvImportExport service: clients + vehicles bulk via plain CSV
- Import/Export buttons on Client + Vehicle list pages
- ApiTokens page in tenant panel (generate/revoke + last-used)
- BackupAllTenantsCommand + scheduler (daily 03:00, retain 14 days)
- Background scheduler in entrypoint.sh
This commit is contained in:
2026-05-07 19:25:27 +00:00
parent ce4e21220f
commit eaa05d68c1
22 changed files with 1068 additions and 6 deletions
+20
View File
@@ -0,0 +1,20 @@
<?php
use App\Http\Controllers\Api\ApiAuthController;
use App\Http\Controllers\Api\ClientApiController;
use App\Http\Controllers\Api\VehicleApiController;
use App\Http\Controllers\Api\WorkOrderApiController;
use Illuminate\Support\Facades\Route;
Route::middleware(['api'])->prefix('api/v1')->group(function () {
Route::post('/login', [ApiAuthController::class, 'login']);
Route::middleware(['auth:sanctum', \App\Http\Middleware\EnsureTokenMatchesTenant::class])->group(function () {
Route::get('/me', [ApiAuthController::class, 'me']);
Route::post('/logout', [ApiAuthController::class, 'logout']);
Route::apiResource('clients', ClientApiController::class);
Route::apiResource('vehicles', VehicleApiController::class);
Route::apiResource('work-orders', WorkOrderApiController::class);
});
});
+12
View File
@@ -1,8 +1,20 @@
<?php
use Illuminate\Console\Scheduling\Schedule;
use Illuminate\Foundation\Inspiring;
use Illuminate\Support\Facades\Artisan;
use Illuminate\Support\Facades\Schedule as ScheduleFacade;
Artisan::command('inspire', function () {
$this->comment(Inspiring::quote());
})->purpose('Display an inspiring quote');
// Daily tenant backups at 03:00 — auto-rotates after 14 days.
ScheduleFacade::command('backup:tenants --keep=14')
->dailyAt('03:00')
->withoutOverlapping()
->onOneServer();
// AI chat cleanup — keep tokens spend in check.
ScheduleFacade::command('queue:prune-batches --hours=48')->daily();
ScheduleFacade::command('queue:prune-failed --hours=72')->daily();