core/agent
8
0
Fork 0
Code Issues 5 Pull requests Projects Releases Packages Wiki Activity Actions
agent/php/Routes/api.php
Snider be1130f470 agent updates
2026-03-21 11:10:44 +00:00

109 lines
5 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
use Core\Mod\Agentic\Controllers\AgentApiController;
use Core\Mod\Agentic\Controllers\Api\IssueController;
use Core\Mod\Agentic\Controllers\Api\SprintController;
use Core\Mod\Agentic\Middleware\AgentApiAuth;
use Illuminate\Support\Facades\Route;
/*
|--------------------------------------------------------------------------
| Agent API Routes
|--------------------------------------------------------------------------
|
| REST endpoints for the go-agentic Client (dispatch watch).
| Protected by AgentApiAuth middleware with Bearer token.
|
| Routes at /v1/* (Go client uses BaseURL + "/v1/...")
|
*/
// Health check (no auth required)
Route::get('v1/health', [AgentApiController::class, 'health']);
// GitHub App webhook (signature-verified, no Bearer auth)
Route::post('github/webhook', [\Core\Mod\Agentic\Controllers\Api\GitHubWebhookController::class, 'receive'])
->middleware('throttle:120,1');
// Agent checkin — discover which repos changed since last sync
// Uses auth.api (brain key) for authentication
Route::middleware(['throttle:120,1', 'auth.api:brain:read'])->group(function () {
Route::get('v1/agent/checkin', [\Core\Mod\Agentic\Controllers\Api\CheckinController::class, 'checkin']);
});
// Authenticated agent endpoints
Route::middleware(AgentApiAuth::class.':plans.read')->group(function () {
// Plans (read)
Route::get('v1/plans', [AgentApiController::class, 'listPlans']);
Route::get('v1/plans/{slug}', [AgentApiController::class, 'getPlan']);
// Phases (read)
Route::get('v1/plans/{slug}/phases/{phase}', [AgentApiController::class, 'getPhase']);
// Sessions (read)
Route::get('v1/sessions', [AgentApiController::class, 'listSessions']);
Route::get('v1/sessions/{sessionId}', [AgentApiController::class, 'getSession']);
});
Route::middleware(AgentApiAuth::class.':plans.write')->group(function () {
// Plans (write)
Route::post('v1/plans', [AgentApiController::class, 'createPlan']);
Route::patch('v1/plans/{slug}', [AgentApiController::class, 'updatePlan']);
Route::delete('v1/plans/{slug}', [AgentApiController::class, 'archivePlan']);
});
Route::middleware(AgentApiAuth::class.':phases.write')->group(function () {
// Phases (write)
Route::patch('v1/plans/{slug}/phases/{phase}', [AgentApiController::class, 'updatePhase']);
Route::post('v1/plans/{slug}/phases/{phase}/checkpoint', [AgentApiController::class, 'addCheckpoint']);
Route::patch('v1/plans/{slug}/phases/{phase}/tasks/{taskIdx}', [AgentApiController::class, 'updateTask'])
->whereNumber('taskIdx');
Route::post('v1/plans/{slug}/phases/{phase}/tasks/{taskIdx}/toggle', [AgentApiController::class, 'toggleTask'])
->whereNumber('taskIdx');
});
Route::middleware(AgentApiAuth::class.':sessions.write')->group(function () {
// Sessions (write)
Route::post('v1/sessions', [AgentApiController::class, 'startSession']);
Route::post('v1/sessions/{sessionId}/end', [AgentApiController::class, 'endSession']);
Route::post('v1/sessions/{sessionId}/continue', [AgentApiController::class, 'continueSession']);
});
// Issue tracker
Route::middleware(AgentApiAuth::class.':issues.read')->group(function () {
Route::get('v1/issues', [IssueController::class, 'index']);
Route::get('v1/issues/{slug}', [IssueController::class, 'show']);
Route::get('v1/issues/{slug}/comments', [IssueController::class, 'comments']);
});
Route::middleware(AgentApiAuth::class.':issues.write')->group(function () {
Route::post('v1/issues', [IssueController::class, 'store']);
Route::patch('v1/issues/{slug}', [IssueController::class, 'update']);
Route::delete('v1/issues/{slug}', [IssueController::class, 'destroy']);
Route::post('v1/issues/{slug}/comments', [IssueController::class, 'addComment']);
});
// Sprints
Route::middleware(AgentApiAuth::class.':sprints.read')->group(function () {
Route::get('v1/sprints', [SprintController::class, 'index']);
Route::get('v1/sprints/{slug}', [SprintController::class, 'show']);
});
Route::middleware(AgentApiAuth::class.':sprints.write')->group(function () {
Route::post('v1/sprints', [SprintController::class, 'store']);
Route::patch('v1/sprints/{slug}', [SprintController::class, 'update']);
Route::delete('v1/sprints/{slug}', [SprintController::class, 'destroy']);
});
// Agent messaging — uses auth.api (same as brain routes) so CORE_BRAIN_KEY works
Route::middleware(['throttle:120,1', 'auth.api:brain:read'])->group(function () {
Route::get('v1/messages/inbox', [\Core\Mod\Agentic\Controllers\Api\MessageController::class, 'inbox']);
Route::get('v1/messages/conversation/{agent}', [\Core\Mod\Agentic\Controllers\Api\MessageController::class, 'conversation']);
});
Route::middleware(['throttle:60,1', 'auth.api:brain:write'])->group(function () {
Route::post('v1/messages/send', [\Core\Mod\Agentic\Controllers\Api\MessageController::class, 'send']);
Route::post('v1/messages/{id}/read', [\Core\Mod\Agentic\Controllers\Api\MessageController::class, 'markRead']);
});
Reference in a new issue View git blame Copy permalink