chore: Add API route for user authentication

README.md

@@ -1,2 +1,94 @@
 # ADHD-Home-Quest
+
  An ADHD Task planning tool, based on a Quest and Leveling System. It should be developed as a independent Backend and a basic web App in Svelte for the start. Native Apps might follow.
+
+## Features
+
+- [ ] Task Management
+- [ ] Quest Management
+- [ ] Leveling System
+- [ ] User Management
+- [ ] User Profile
+- [ ] User Settings
+- [ ] User Statistics
+- [ ] User Achievements
+- [ ] Local Ranking (Opt in)
+- [ ] Global Ranking (Opt in)
+
+## Roadmap
+
+- [ ] Backend
+  - [ ] Task Management
+  - [ ] Quest Management
+  - [ ] Leveling System
+  - [ ] User Management
+  - [ ] User Profile
+  - [ ] User Settings
+  - [ ] User Statistics
+  - [ ] User Achievements
+  - [ ] Local Ranking (Opt in)
+  - [ ] Global Ranking (Opt in)
+- [ ] Frontend
+  - [ ] Task Management
+  - [ ] Quest Management
+  - [ ] Leveling System
+  - [ ] User Management
+  - [ ] User Profile
+  - [ ] User Settings
+  - [ ] User Statistics
+  - [ ] User Achievements
+  - [ ] Local Ranking (Opt in)
+  - [ ] Global Ranking (Opt in)
+- [ ] Native Apps
+  - [ ] Android
+  - [ ] iOS
+  - [ ] Windows
+  - [ ] MacOS
+  - [ ] Linux
+- [ ] Testing
+  - [ ] Backend
+  - [ ] Frontend
+  - [ ] Native Apps
+- [ ] Deployment
+  - [ ] Backend
+  - [ ] Frontend
+  - [ ] Native Apps
+- [ ] Documentation
+  - [ ] Backend
+  - [ ] Frontend
+  - [ ] Native Apps
+- [ ] Marketing
+  - [ ] Social Media
+  - [ ] Blog
+  - [ ] Press
+  - [ ] Influencer
+- [ ] Community
+  - [ ] Discord
+  - [ ] Reddit
+  - [ ] Twitter
+  - [ ] Facebook
+  - [ ] Instagram
+- [ ] Support
+  - [ ] FAQ
+  - [ ] Contact
+  - [ ] Bug Report
+  - [ ] Feature Request
+- [ ] Monetization
+  - [ ] Ads
+  - [ ] Premium
+  - [ ] Donations
+  - [ ] Merch
+- [ ] Legal
+  - [ ] Privacy Policy
+  - [ ] Terms of Service
+  - [ ] Imprint
+  - [ ] License
+  
+## Contributing
+
+Feel free to contribute to this project. Just fork it and create a pull request. If you have any questions, feel free to ask. This project is open for everyone and should be a community project. It is primarily developed for people with ADHD, but can be used by everyone.
+The Lead Developers are [Magnus Leßmann (@MarkL4YG)](https://github.com/MarkL4YG) and [Jonas Pfalzgraf (@JosunLP)](https://github.com/JosunLP).
+
+## License
+
+This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.

backend/bootstrap/app.php

@@ -7,6 +7,7 @@ use Illuminate\Foundation\Configuration\Middleware;
 return Application::configure(basePath: dirname(__DIR__))
     ->withRouting(
         web: __DIR__.'/../routes/web.php',
+        api: __DIR__.'/../routes/api.php',
         commands: __DIR__.'/../routes/console.php',
         health: '/up',
     )

backend/composer.json

@@ -12,6 +12,7 @@
   "require": {
     "php": "^8.2",
     "laravel/framework": "^11.9",
+    "laravel/sanctum": "^4.0",
     "laravel/tinker": "^2.9"
   },
   "require-dev": {

backend/composer.lock

@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "7e8c3c14ff33b199b4a0838993eb8423",
+    "content-hash": "2ccadfe61f1bf0098718e1b614c30025",
     "packages": [
         {
             "name": "brick/math",
@@ -1314,6 +1314,70 @@
             },
             "time": "2024-08-12T22:06:33+00:00"
         },
+        {
+            "name": "laravel/sanctum",
+            "version": "v4.0.2",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/laravel/sanctum.git",
+                "reference": "9cfc0ce80cabad5334efff73ec856339e8ec1ac1"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/laravel/sanctum/zipball/9cfc0ce80cabad5334efff73ec856339e8ec1ac1",
+                "reference": "9cfc0ce80cabad5334efff73ec856339e8ec1ac1",
+                "shasum": ""
+            },
+            "require": {
+                "ext-json": "*",
+                "illuminate/console": "^11.0",
+                "illuminate/contracts": "^11.0",
+                "illuminate/database": "^11.0",
+                "illuminate/support": "^11.0",
+                "php": "^8.2",
+                "symfony/console": "^7.0"
+            },
+            "require-dev": {
+                "mockery/mockery": "^1.6",
+                "orchestra/testbench": "^9.0",
+                "phpstan/phpstan": "^1.10",
+                "phpunit/phpunit": "^10.5"
+            },
+            "type": "library",
+            "extra": {
+                "laravel": {
+                    "providers": [
+                        "Laravel\\Sanctum\\SanctumServiceProvider"
+                    ]
+                }
+            },
+            "autoload": {
+                "psr-4": {
+                    "Laravel\\Sanctum\\": "src/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Taylor Otwell",
+                    "email": "taylor@laravel.com"
+                }
+            ],
+            "description": "Laravel Sanctum provides a featherweight authentication system for SPAs and simple APIs.",
+            "keywords": [
+                "auth",
+                "laravel",
+                "sanctum"
+            ],
+            "support": {
+                "issues": "https://github.com/laravel/sanctum/issues",
+                "source": "https://github.com/laravel/sanctum"
+            },
+            "time": "2024-04-10T19:39:58+00:00"
+        },
         {
             "name": "laravel/serializable-closure",
             "version": "v1.3.4",

backend/config/sanctum.php

@@ -0,0 +1,83 @@
+<?php
+
+use Laravel\Sanctum\Sanctum;
+
+return [
+
+    /*
+    |--------------------------------------------------------------------------
+    | Stateful Domains
+    |--------------------------------------------------------------------------
+    |
+    | Requests from the following domains / hosts will receive stateful API
+    | authentication cookies. Typically, these should include your local
+    | and production domains which access your API via a frontend SPA.
+    |
+    */
+
+    'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf(
+        '%s%s',
+        'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1',
+        Sanctum::currentApplicationUrlWithPort()
+    ))),
+
+    /*
+    |--------------------------------------------------------------------------
+    | Sanctum Guards
+    |--------------------------------------------------------------------------
+    |
+    | This array contains the authentication guards that will be checked when
+    | Sanctum is trying to authenticate a request. If none of these guards
+    | are able to authenticate the request, Sanctum will use the bearer
+    | token that's present on an incoming request for authentication.
+    |
+    */
+
+    'guard' => ['web'],
+
+    /*
+    |--------------------------------------------------------------------------
+    | Expiration Minutes
+    |--------------------------------------------------------------------------
+    |
+    | This value controls the number of minutes until an issued token will be
+    | considered expired. This will override any values set in the token's
+    | "expires_at" attribute, but first-party sessions are not affected.
+    |
+    */
+
+    'expiration' => null,
+
+    /*
+    |--------------------------------------------------------------------------
+    | Token Prefix
+    |--------------------------------------------------------------------------
+    |
+    | Sanctum can prefix new tokens in order to take advantage of numerous
+    | security scanning initiatives maintained by open source platforms
+    | that notify developers if they commit tokens into repositories.
+    |
+    | See: https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning
+    |
+    */
+
+    'token_prefix' => env('SANCTUM_TOKEN_PREFIX', ''),
+
+    /*
+    |--------------------------------------------------------------------------
+    | Sanctum Middleware
+    |--------------------------------------------------------------------------
+    |
+    | When authenticating your first-party SPA with Sanctum you may need to
+    | customize some of the middleware Sanctum uses while processing the
+    | request. You may change the middleware listed below as required.
+    |
+    */
+
+    'middleware' => [
+        'authenticate_session' => Laravel\Sanctum\Http\Middleware\AuthenticateSession::class,
+        'encrypt_cookies' => Illuminate\Cookie\Middleware\EncryptCookies::class,
+        'validate_csrf_token' => Illuminate\Foundation\Http\Middleware\ValidateCsrfToken::class,
+    ],
+
+];

backend/database/migrations/2024_08_25_162511_create_personal_access_tokens_table.php

@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     */
+    public function up(): void
+    {
+        Schema::create('personal_access_tokens', function (Blueprint $table) {
+            $table->id();
+            $table->morphs('tokenable');
+            $table->string('name');
+            $table->string('token', 64)->unique();
+            $table->text('abilities')->nullable();
+            $table->timestamp('last_used_at')->nullable();
+            $table->timestamp('expires_at')->nullable();
+            $table->timestamps();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     */
+    public function down(): void
+    {
+        Schema::dropIfExists('personal_access_tokens');
+    }
+};

backend/routes/api.php

@@ -0,0 +1,9 @@
+<?php
+
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Route;
+
+Route::get('/user', function (Request $request) {
+    return $request->user();
+})->middleware('auth:sanctum');
+