laravel-files/routes/files.php

<?php

use Blax\Files\Http\Controllers\FileUploadController;
use Blax\Files\Http\Controllers\WarehouseController;
use Blax\Files\Http\Middleware\FileAccessControl;
use Illuminate\Support\Facades\Route;

/*
|--------------------------------------------------------------------------
| Warehouse (file serving)
|--------------------------------------------------------------------------
*/

if (config('files.warehouse.enabled', true)) {
    // The access-control middleware is always attached; it no-ops unless
    // `files.access_control.enabled` is true, so this stays a public file
    // server by default while letting consumers opt into per-file guards.
    $warehouseMiddleware = array_merge(
        (array) config('files.warehouse.middleware', ['web']),
        [FileAccessControl::class],
    );

    Route::middleware($warehouseMiddleware)
        ->get(config('files.warehouse.prefix', 'warehouse') . '/{identifier?}', WarehouseController::class)
        ->name('files.warehouse')
        ->where('identifier', '[\/\w\.\-\=&@]*');
}

/*
|--------------------------------------------------------------------------
| File Upload API
|--------------------------------------------------------------------------
*/

Route::prefix(config('files.upload.route_prefix', 'api/files'))
    ->middleware(config('files.upload.middleware', ['api', 'auth:sanctum']))
    ->group(function () {
        Route::post('upload', [FileUploadController::class, 'upload'])->name('files.upload');
        Route::post('chunk/init', [FileUploadController::class, 'chunkInit'])->name('files.chunk.init');
        Route::post('chunk/upload', [FileUploadController::class, 'chunkUpload'])->name('files.chunk.upload');
    });
Initial release 2026-04-14 08:20:55 +00:00			`<?php`

			`use Blax\Files\Http\Controllers\FileUploadController;`
			`use Blax\Files\Http\Controllers\WarehouseController;`
feat(access): serve-time file access control middleware Add an opt-in FileAccessControl middleware that resolves the warehouse file and enforces File::canBeAccessedBy() (default public, so existing consumers are unaffected) when files.access_control.enabled is set. Resolution is delegated to a configurable files.warehouse.resolver (ResolvesWarehouseFiles) and the resolved file is stashed on the request so the controller reuses it. Exposed as the `files.access` route-middleware alias and auto-attached to the package warehouse route. Adds the FileAccessControl unit suite. 2026-06-23 09:08:28 +00:00			`use Blax\Files\Http\Middleware\FileAccessControl;`
Initial release 2026-04-14 08:20:55 +00:00			`use Illuminate\Support\Facades\Route;`

			`/*`
			`\|--------------------------------------------------------------------------`
			`\| Warehouse (file serving)`
			`\|--------------------------------------------------------------------------`
			`*/`

			`if (config('files.warehouse.enabled', true)) {`
feat(access): serve-time file access control middleware Add an opt-in FileAccessControl middleware that resolves the warehouse file and enforces File::canBeAccessedBy() (default public, so existing consumers are unaffected) when files.access_control.enabled is set. Resolution is delegated to a configurable files.warehouse.resolver (ResolvesWarehouseFiles) and the resolved file is stashed on the request so the controller reuses it. Exposed as the `files.access` route-middleware alias and auto-attached to the package warehouse route. Adds the FileAccessControl unit suite. 2026-06-23 09:08:28 +00:00			`// The access-control middleware is always attached; it no-ops unless`
			// `files.access_control.enabled` is true, so this stays a public file
			`// server by default while letting consumers opt into per-file guards.`
			`$warehouseMiddleware = array_merge(`
			`(array) config('files.warehouse.middleware', ['web']),`
			`[FileAccessControl::class],`
			`);`

			`Route::middleware($warehouseMiddleware)`
Initial release 2026-04-14 08:20:55 +00:00			`->get(config('files.warehouse.prefix', 'warehouse') . '/{identifier?}', WarehouseController::class)`
			`->name('files.warehouse')`
			`->where('identifier', '[\/\w\.\-\=&@]*');`
			`}`

			`/*`
			`\|--------------------------------------------------------------------------`
			`\| File Upload API`
			`\|--------------------------------------------------------------------------`
			`*/`

			`Route::prefix(config('files.upload.route_prefix', 'api/files'))`
			`->middleware(config('files.upload.middleware', ['api', 'auth:sanctum']))`
			`->group(function () {`
			`Route::post('upload', [FileUploadController::class, 'upload'])->name('files.upload');`
			`Route::post('chunk/init', [FileUploadController::class, 'chunkInit'])->name('files.chunk.init');`
			`Route::post('chunk/upload', [FileUploadController::class, 'chunkUpload'])->name('files.chunk.upload');`
			`});`