mesreleves-php/routes/web.php

<?php

use App\Http\Controllers\CarteController;
use App\Http\Controllers\DashboardController;
use App\Http\Controllers\ExportController;
use App\Http\Controllers\LieuController;
use App\Http\Controllers\NotificationController;
use App\Http\Controllers\ProfileController;
use App\Http\Controllers\RechercheController;
use App\Http\Controllers\ReleveController;
use App\Http\Controllers\Auth\TwoFactorController;
use App\Http\Controllers\SetupController;
use App\Http\Controllers\SourceController;
use Illuminate\Support\Facades\Route;

// ── Assistant d'installation (accessible sans authentification) ───────────────
Route::prefix('setup')->name('setup.')->group(function () {
    Route::get('/',            [SetupController::class, 'index'])->name('index');
    Route::get('/database',    [SetupController::class, 'database'])->name('database');
    Route::post('/database',   [SetupController::class, 'saveDatabase'])->name('database.save');
    Route::post('/test-database', [SetupController::class, 'testDatabase'])->name('testDatabase');
    Route::get('/application', [SetupController::class, 'application'])->name('application');
    Route::post('/application', [SetupController::class, 'saveApplication'])->name('application.save');
    Route::get('/admin',       [SetupController::class, 'admin'])->name('admin');
    Route::post('/install',    [SetupController::class, 'install'])->name('install');
});

// ── Authentification 2FA par code PIN ───────────────────────────────────────
Route::middleware('guest')->group(function () {
    Route::get('2fa',           [TwoFactorController::class, 'challenge'])->name('2fa.challenge');
    Route::post('2fa',          [TwoFactorController::class, 'verify'])->name('2fa.verify');
    Route::post('2fa/resend',   [TwoFactorController::class, 'resend'])->name('2fa.resend');
});

Route::get('/', function () {
    return view('welcome');
});

Route::get('/dashboard', [DashboardController::class, 'index'])
    ->middleware(['auth', 'verified'])
    ->name('dashboard');

Route::middleware('auth')->group(function () {
    Route::get('/profile', [ProfileController::class, 'edit'])->name('profile.edit');
    Route::patch('/profile', [ProfileController::class, 'update'])->name('profile.update');
    Route::delete('/profile', [ProfileController::class, 'destroy'])->name('profile.destroy');

    Route::get('lieux/search', [LieuController::class, 'search'])->name('lieux.search');
    Route::resource('lieux', LieuController::class)->parameters(['lieux' => 'lieu']);

    Route::resource('sources', SourceController::class);
    Route::post('sources/{source}/membres', [SourceController::class, 'addMembre'])->name('sources.membres.add');
    Route::delete('sources/{source}/membres/{user}', [SourceController::class, 'removeMembre'])->name('sources.membres.remove');
    Route::post('sources/{source}/transition', [SourceController::class, 'transition'])->name('sources.transition');

    Route::resource('sources.releves', ReleveController::class)
        ->shallow()
        ->parameters(['releves' => 'releve']);

    Route::get('recherche', [RechercheController::class, 'index'])->name('recherche');
    Route::get('carte',          [CarteController::class, 'index'])->name('carte');
    Route::get('carte/data',     [CarteController::class, 'data'])->name('carte.data');
    Route::get('export/source/{source}', [ExportController::class, 'source'])->name('export.source');
    Route::get('export/source/{source}/csv', [ExportController::class, 'sourceCsv'])->name('export.source.csv');
    Route::get('export/recherche', [ExportController::class, 'recherche'])->name('export.recherche');

    Route::get('notifications', [NotificationController::class, 'index'])->name('notifications.index');
    Route::post('notifications/{id}/read', [NotificationController::class, 'markAsRead'])->name('notifications.read');
    Route::post('notifications/read-all', [NotificationController::class, 'markAllAsRead'])->name('notifications.read-all');
});

require __DIR__.'/auth.php';