Commit Graph

36 Commits

Author SHA1 Message Date
Jean-Marc Strauven
98b8ff236b Merge pull request #23 from Grazulex/feat/laravel-13-upgrade
feat!: upgrade to Laravel 13 compatibility
v2.4.0
2026-03-30 18:03:04 +02:00
Jean-Marc Strauven
53913c1596 fix(ci): set platform PHP to 8.3 for CI compatibility
The platform PHP was set to 8.4.5 which caused Symfony to resolve
to v8.0 requiring PHP 8.4+, breaking the PHP 8.3 CI job.
2026-03-30 18:02:08 +02:00
Jean-Marc Strauven
f2dcd0059a feat!: upgrade to Laravel 13 compatibility
- Update laravel/framework to ^13.0, tinker to ^3.0, query-builder to ^7.0
- Migrate User model to #[Fillable] and #[Hidden] attributes (Laravel 13 pattern)
- Add LARAVEL_130 ruleset to Rector configuration
- Add PHP 8.4 to CI test matrix
- Update README badges and description for Laravel 13

BREAKING CHANGE: requires Laravel 13.x, drops Laravel 12 support
2026-03-30 17:59:00 +02:00
Jean-Marc Strauven
c72b740749 Merge pull request #21 from Grazulex/docs/suggest-optional-packages
docs: add idempotency and throttle-smart as suggested packages
v2.3.0
2026-02-05 05:32:52 +01:00
Jean-Marc Strauven
2791415401 docs: add laravel-api-idempotency and laravel-api-throttle-smart as suggested packages
- Add both packages to composer.json suggest section
- Document usage, installation and attention points in README
- Add to Features list and Credits section
2026-02-05 05:32:14 +01:00
Jean-Marc Strauven
ada996848a Merge pull request #20 from Grazulex/chore/update-dependencies
chore(deps): update Composer dependencies
2026-02-02 09:49:43 +01:00
Jean-Marc Strauven
43a36e4913 chore(deps): update Composer dependencies
Update all dependencies to their latest PHP 8.3 compatible versions:
- laravel/framework v12.46.0 → v12.49.0
- laravel/sanctum v4.2.2 → v4.3.0
- grazulex/laravel-apiroute v2.0.3 → v2.0.5
- spatie/laravel-data 4.18.0 → 4.19.1
- spatie/laravel-query-builder 6.3.6 → 6.4.1
- phpstan/phpstan 2.1.35 → 2.1.38
- pestphp/pest v4.3.1 → v4.3.2
- rector/rector 2.3.2 → 2.3.5

Added platform PHP 8.3 constraint to prevent Symfony 8.x packages
from being installed (requires PHP 8.4).
2026-02-02 09:48:37 +01:00
Jean-Marc Strauven
8b0b57808b Merge pull request #19 from Grazulex/Grazulex-patch-1
Update funding information in FUNDING.yml
2026-02-02 05:22:31 +01:00
Jean-Marc Strauven
5cad524908 Update funding information in FUNDING.yml 2026-02-02 05:22:17 +01:00
Jean-Marc Strauven
84a094666d Merge pull request #18 from Grazulex/release/v2.2.0
chore(release): 2.2.0
2026-01-29 04:21:56 +01:00
Jean-Marc Strauven
5250000618 chore(release): 2.2.0 v2.2.0 2026-01-29 04:21:31 +01:00
Jean-Marc Strauven
b62ec456ad chore(release): 2.1.0 2026-01-29 04:20:44 +01:00
Jean-Marc Strauven
03de471bb5 Merge pull request #17 from Grazulex/docs/readme-v2.2.0
docs: add documentation for v2.2.0 features
2026-01-29 04:19:59 +01:00
Jean-Marc Strauven
b14f4f2dd9 docs: add documentation for email verification, password reset and middleware
- Document email verification flow with curl examples
- Document password reset flow with curl examples
- Document 3 middleware patterns (force.json, log.api, verified)
- Update Features section with new capabilities
- Update register response example with email verification message
2026-01-29 04:19:28 +01:00
ELMEHDI ACHAHED
13da9b84c1 Feature (#16)
* feat: add email verification endpoints and tests

Add comprehensive CI/CD pipeline using GitHub Actions

- Run Pest tests on PHP 8.3 and 8.4 with MySQL 8.0
- Automated code style checks with Pint
- Static analysis with Larastan/PHPStan
- Parallel job execution for faster builds
- Composer dependency caching
- MySQL service container with health checks

* feat: implement password reset flow with secure tokens , add forgot password and reset password functionality

- Created password_reset_tokens table migration
- Added POST /api/v1/forgot-password endpoint
- Added POST /api/v1/reset-password endpoint
- Both endpoints rate-limited to 6 requests per minute
- Integrated with Laravel's Password facade for secure token management
- Revokes all user tokens upon successful password reset
- Created ForgotPasswordRequest and ResetPasswordRequest with validation
- Added comprehensive test suite (6 test cases)
Password reset uses signed, time-limited tokens stored in the database.
All user sessions are invalidated after successful reset for security.

* feat: add reusable API middleware examples , Implement three production-ready middleware patterns for APIs

ForceJsonResponse:
- Ensures all API responses are JSON formatted
- Sets Accept: application/json header automatically
- Handles non-JSON responses gracefully
LogApiRequests:
- Logs API requests with timestamp, method, URL, IP, user ID, status
- Tracks and logs response time in milliseconds
- Adds X-Response-Time header to all responses
- Configurable via APP_LOG_API_REQUESTS env variable
EnsureEmailVerified:
- Protects routes requiring verified emails
- Returns 403 with descriptive message for unverified users
- Works with MustVerifyEmail contract
All middleware registered as aliases in bootstrap/app.php:
'force.json', 'log.api', 'verified'
These provide common API patterns that developers can apply to routes as needed.

* docs: update README with new API endpoints , Update API endpoints table with email verification and password reset routes

- Added 4 new endpoint rows to API documentation
- Updated rate limits for protected routes (60/min -> 120/min)
- Documented email verification endpoints
- Documented password reset endpoints
- All new endpoints properly documented with auth requirements"

* Update 0001_01_01_000000_create_users_table.php

* Fix test suite configuration and update route names to standard Laravel conventions

* style: fix code formatting per Laravel Pint standards

* refactor: revert password_reset_tokens back to users create_users migration

* Update 0001_01_01_000000_create_users_table.php

* fix: resolve all code style and type safety issues

Pint fixes:
- Fixed concat_space issues
- Removed unused imports (MustVerifyEmail from EnsureEmailVerified)
- Fixed not_operator_with_successor_space formatting

Rector fixes:
- Applied EncapsedStringsToSprintfRector for better type safety
- All code quality improvements applied

PHPStan fixes:
- Changed all middleware return types from Response to mixed (Laravel standard)
- Added Response type guard in LogApiRequests before accessing methods
- Removed redundant instanceof MustVerifyEmail check (User always implements it)
2026-01-29 04:16:33 +01:00
Jean-Marc Strauven
07c36c0009 chore(release): 2.1.0 (#14) 2026-01-20 21:01:45 +01:00
Jean-Marc Strauven
f417ec23c2 feat: integrate PHPStan, Rector and Pint code quality tools (#13)
* feat: integrate PHPStan, Rector and Pint code quality tools

- Add larastan, rector, and rector-laravel dev dependencies
- Configure PHPStan at max level with Larastan extension
- Configure Rector with Laravel sets and code quality rules
- Configure Pint with strict rules (final_class, strict_types)
- Add composer scripts: lint, test:lint, test:types, test:unit
- Add GitHub Actions workflow for CI on push/PR
- Apply code style fixes across all files

* docs: add code quality section to README
2026-01-20 20:58:32 +01:00
Jean-Marc Strauven
d961b44c30 chore(release): v2.0.2 (#11) v2.0.2 2026-01-08 20:26:48 +01:00
Jean-Marc Strauven
2b0f6cedaa chore: update dependencies and fix apiroute config (#10)
- Update all Composer dependencies to latest versions
- Fix apiroute URI prefix configuration (was empty, now 'api')
- Laravel framework 12.44.0 -> 12.46.0
- Pest 3.8.4 -> 4.3.1
- laravel-apiroute 0.0.3 -> 2.0.3
2026-01-08 20:24:57 +01:00
Jean-Marc Strauven
bbc34935c6 Merge pull request #8 from Grazulex/fix/routes-cleanup
fix: clean up routes after merge conflict
2026-01-02 17:54:14 +01:00
Jean-Marc Strauven
fcf6483127 fix: clean up routes after merge conflict 2026-01-02 17:53:45 +01:00
Jean-Marc Strauven
6c24d290f4 Merge pull request #7 from Grazulex/feat/apiroute-v2
feat!: upgrade to laravel-apiroute v2.0
V2.0.0
2026-01-02 17:50:00 +01:00
Jean-Marc Strauven
396207d6b0 Merge branch 'main' into feat/apiroute-v2 2026-01-02 17:49:51 +01:00
Jean-Marc Strauven
7a35de80d0 feat!: upgrade to laravel-apiroute v2.0 with config-based versioning
- Update composer.json to require grazulex/laravel-apiroute ^2.0
- Add versions config to config/apiroute.php
- Create routes/api/v1.php with version 1 routes
- Update routes/api.php to remove imperative version declarations
- Update README.md with new v2.x documentation

BREAKING CHANGE: API versions are now declared in config/apiroute.php
instead of routes/api.php
2026-01-02 17:47:38 +01:00
Jean-Marc Strauven
9f0d41d827 Merge pull request #5 from Grazulex/fix/php-requirement-rate-limiting
fix: align PHP requirement and implement rate limiting
v1.3.0
2025-12-30 15:35:29 +01:00
Jean-Marc Strauven
562448f576 Merge branch 'main' into fix/php-requirement-rate-limiting 2025-12-30 15:35:22 +01:00
Jean-Marc Strauven
cb911a3c04 Merge pull request #4 from Trpsky/feature
Fix : laravel-apiroute version mismatch and upgrade Pest to v4 for Laravel 12 compatibility
2025-12-30 15:34:33 +01:00
Jean-Marc Strauven
06ee9a5016 fix: align PHP requirement and implement rate limiting
- Update composer.json to require PHP ^8.3 (required by grazulex/laravel-apiroute ^1.2)
- Add rate limiting to routes using laravel-apiroute's rateLimit() and Laravel's throttle middleware
  - Public routes (login/register): throttle:auth (5/min for brute force protection)
  - Protected routes: throttle:authenticated (120/min)
  - Global version rate limit: 60 req/min via ->rateLimit(60)
- Remove unused import in routes/web.php (fixes Pint style issue)
- Update composer.lock with synchronized dependencies
2025-12-30 15:33:20 +01:00
ELMEHDI ACHAHED
0113b0112b Fix : dependency mismatch and upgrade Pest for Laravel 12 support
This commit resolves the version mismatch for 'grazulex/laravel-apiroute' by regenerating the lock file. Additionally, it upgrades 'pestphp/pest' and 'pestphp/pest-plugin-laravel' to v4 to ensure compatibility with Laravel 12 and PHPUnit 12, fixing dependency conflicts.
The lock file was out of sync with composer.json, causing installation failures. Upgrading to Pest v4 is necessary as Pest v3 conflicts with PHPUnit 12, which is required by Laravel 12.
2025-12-30 11:05:45 +01:00
Jean-Marc Strauven
ae8d4bd432 Merge pull request #1 from Grazulex/chore/update-laravel-apiroute-1.2.0
chore(deps): update laravel-apiroute to ^1.2
V1.2.0
2025-12-28 19:16:16 +01:00
Jean-Marc Strauven
c9fbf64472 chore(deps): update laravel-apiroute to ^1.2 2025-12-28 19:15:17 +01:00
Jean-Marc Strauven
d93b82b1eb chore(release): 1.1.0 v1.1.0 2025-12-25 07:33:38 +01:00
Jean-Marc Strauven
02c55f765f chore(deps): update laravel-apiroute to ^1.0
🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2025-12-25 07:33:08 +01:00
Jean-Marc Strauven
f21616af2b chore: remove CLAUDE.md from repository v1.0.0 2025-12-25 06:40:46 +01:00
Jean-Marc Strauven
512cd05c48 chore(release): 1.0.0 2025-12-25 06:33:52 +01:00
Jean-Marc Strauven
5900990527 feat: Initial Laravel API-only starter kit
- Laravel 12 with Sanctum authentication
- API versioning with grazulex/laravel-apiroute
- spatie/laravel-query-builder for filtering/sorting
- spatie/laravel-data for DTOs
- dedoc/scramble for auto API documentation
- Pest PHP testing framework
- Docker development environment
- Standardized JSON API responses
- Rate limiting and CORS configuration
- Comprehensive README documentation
2025-12-25 06:33:21 +01:00