initial commit

app/Actions/Fortify/CreateNewUser.php

@@ -0,0 +1,57 @@
+<?php
+
+namespace App\Actions\Fortify;
+
+use App\Models\Team;
+use App\Models\User;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Validator;
+use Laravel\Fortify\Contracts\CreatesNewUsers;
+use Laravel\Jetstream\Jetstream;
+
+class CreateNewUser implements CreatesNewUsers
+{
+    use PasswordValidationRules;
+
+    /**
+     * Create a newly registered user.
+     *
+     * @param  array  $input
+     * @return \App\Models\User
+     */
+    public function create(array $input)
+    {
+        Validator::make($input, [
+            'name' => ['required', 'string', 'max:255'],
+            'email' => ['required', 'string', 'email', 'max:255', 'unique:users'],
+            'password' => $this->passwordRules(),
+            'terms' => Jetstream::hasTermsAndPrivacyPolicyFeature() ? ['accepted', 'required'] : '',
+        ])->validate();
+
+        return DB::transaction(function () use ($input) {
+            return tap(User::create([
+                'name' => $input['name'],
+                'email' => $input['email'],
+                'password' => Hash::make($input['password']),
+            ]), function (User $user) {
+                $this->createTeam($user);
+            });
+        });
+    }
+
+    /**
+     * Create a personal team for the user.
+     *
+     * @param  \App\Models\User  $user
+     * @return void
+     */
+    protected function createTeam(User $user)
+    {
+        $user->ownedTeams()->save(Team::forceCreate([
+            'user_id' => $user->id,
+            'name' => explode(' ', $user->name, 2)[0]."'s Team",
+            'personal_team' => true,
+        ]));
+    }
+}

app/Actions/Fortify/PasswordValidationRules.php

@@ -0,0 +1,18 @@
+<?php
+
+namespace App\Actions\Fortify;
+
+use Laravel\Fortify\Rules\Password;
+
+trait PasswordValidationRules
+{
+    /**
+     * Get the validation rules used to validate passwords.
+     *
+     * @return array
+     */
+    protected function passwordRules()
+    {
+        return ['required', 'string', new Password, 'confirmed'];
+    }
+}

app/Actions/Fortify/ResetUserPassword.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Actions\Fortify;
+
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Validator;
+use Laravel\Fortify\Contracts\ResetsUserPasswords;
+
+class ResetUserPassword implements ResetsUserPasswords
+{
+    use PasswordValidationRules;
+
+    /**
+     * Validate and reset the user's forgotten password.
+     *
+     * @param  mixed  $user
+     * @param  array  $input
+     * @return void
+     */
+    public function reset($user, array $input)
+    {
+        Validator::make($input, [
+            'password' => $this->passwordRules(),
+        ])->validate();
+
+        $user->forceFill([
+            'password' => Hash::make($input['password']),
+        ])->save();
+    }
+}

app/Actions/Fortify/UpdateUserPassword.php

@@ -0,0 +1,35 @@
+<?php
+
+namespace App\Actions\Fortify;
+
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Validator;
+use Laravel\Fortify\Contracts\UpdatesUserPasswords;
+
+class UpdateUserPassword implements UpdatesUserPasswords
+{
+    use PasswordValidationRules;
+
+    /**
+     * Validate and update the user's password.
+     *
+     * @param  mixed  $user
+     * @param  array  $input
+     * @return void
+     */
+    public function update($user, array $input)
+    {
+        Validator::make($input, [
+            'current_password' => ['required', 'string'],
+            'password' => $this->passwordRules(),
+        ])->after(function ($validator) use ($user, $input) {
+            if (! isset($input['current_password']) || ! Hash::check($input['current_password'], $user->password)) {
+                $validator->errors()->add('current_password', __('The provided password does not match your current password.'));
+            }
+        })->validateWithBag('updatePassword');
+
+        $user->forceFill([
+            'password' => Hash::make($input['password']),
+        ])->save();
+    }
+}

app/Actions/Fortify/UpdateUserProfileInformation.php

@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Actions\Fortify;
+
+use Illuminate\Contracts\Auth\MustVerifyEmail;
+use Illuminate\Support\Facades\Validator;
+use Illuminate\Validation\Rule;
+use Laravel\Fortify\Contracts\UpdatesUserProfileInformation;
+
+class UpdateUserProfileInformation implements UpdatesUserProfileInformation
+{
+    /**
+     * Validate and update the given user's profile information.
+     *
+     * @param  mixed  $user
+     * @param  array  $input
+     * @return void
+     */
+    public function update($user, array $input)
+    {
+        Validator::make($input, [
+            'name' => ['required', 'string', 'max:255'],
+            'email' => ['required', 'email', 'max:255', Rule::unique('users')->ignore($user->id)],
+            'photo' => ['nullable', 'mimes:jpg,jpeg,png', 'max:1024'],
+        ])->validateWithBag('updateProfileInformation');
+
+        if (isset($input['photo'])) {
+            $user->updateProfilePhoto($input['photo']);
+        }
+
+        if ($input['email'] !== $user->email &&
+            $user instanceof MustVerifyEmail) {
+            $this->updateVerifiedUser($user, $input);
+        } else {
+            $user->forceFill([
+                'name' => $input['name'],
+                'email' => $input['email'],
+            ])->save();
+        }
+    }
+
+    /**
+     * Update the given verified user's profile information.
+     *
+     * @param  mixed  $user
+     * @param  array  $input
+     * @return void
+     */
+    protected function updateVerifiedUser($user, array $input)
+    {
+        $user->forceFill([
+            'name' => $input['name'],
+            'email' => $input['email'],
+            'email_verified_at' => null,
+        ])->save();
+
+        $user->sendEmailVerificationNotification();
+    }
+}

app/Actions/Jetstream/AddTeamMember.php

@@ -0,0 +1,93 @@
+<?php
+
+namespace App\Actions\Jetstream;
+
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Support\Facades\Validator;
+use Laravel\Jetstream\Contracts\AddsTeamMembers;
+use Laravel\Jetstream\Events\AddingTeamMember;
+use Laravel\Jetstream\Events\TeamMemberAdded;
+use Laravel\Jetstream\Jetstream;
+use Laravel\Jetstream\Rules\Role;
+
+class AddTeamMember implements AddsTeamMembers
+{
+    /**
+     * Add a new team member to the given team.
+     *
+     * @param  mixed  $user
+     * @param  mixed  $team
+     * @param  string  $email
+     * @param  string|null  $role
+     * @return void
+     */
+    public function add($user, $team, string $email, string $role = null)
+    {
+        Gate::forUser($user)->authorize('addTeamMember', $team);
+
+        $this->validate($team, $email, $role);
+
+        $newTeamMember = Jetstream::findUserByEmailOrFail($email);
+
+        AddingTeamMember::dispatch($team, $newTeamMember);
+
+        $team->users()->attach(
+            $newTeamMember, ['role' => $role]
+        );
+
+        TeamMemberAdded::dispatch($team, $newTeamMember);
+    }
+
+    /**
+     * Validate the add member operation.
+     *
+     * @param  mixed  $team
+     * @param  string  $email
+     * @param  string|null  $role
+     * @return void
+     */
+    protected function validate($team, string $email, ?string $role)
+    {
+        Validator::make([
+            'email' => $email,
+            'role' => $role,
+        ], $this->rules(), [
+            'email.exists' => __('We were unable to find a registered user with this email address.'),
+        ])->after(
+            $this->ensureUserIsNotAlreadyOnTeam($team, $email)
+        )->validateWithBag('addTeamMember');
+    }
+
+    /**
+     * Get the validation rules for adding a team member.
+     *
+     * @return array
+     */
+    protected function rules()
+    {
+        return array_filter([
+            'email' => ['required', 'email', 'exists:users'],
+            'role' => Jetstream::hasRoles()
+                            ? ['required', 'string', new Role]
+                            : null,
+        ]);
+    }
+
+    /**
+     * Ensure that the user is not already on the team.
+     *
+     * @param  mixed  $team
+     * @param  string  $email
+     * @return \Closure
+     */
+    protected function ensureUserIsNotAlreadyOnTeam($team, string $email)
+    {
+        return function ($validator) use ($team, $email) {
+            $validator->errors()->addIf(
+                $team->hasUserWithEmail($email),
+                'email',
+                __('This user already belongs to the team.')
+            );
+        };
+    }
+}

app/Actions/Jetstream/CreateTeam.php

@@ -0,0 +1,37 @@
+<?php
+
+namespace App\Actions\Jetstream;
+
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Support\Facades\Validator;
+use Laravel\Jetstream\Contracts\CreatesTeams;
+use Laravel\Jetstream\Events\AddingTeam;
+use Laravel\Jetstream\Jetstream;
+
+class CreateTeam implements CreatesTeams
+{
+    /**
+     * Validate and create a new team for the given user.
+     *
+     * @param  mixed  $user
+     * @param  array  $input
+     * @return mixed
+     */
+    public function create($user, array $input)
+    {
+        Gate::forUser($user)->authorize('create', Jetstream::newTeamModel());
+
+        Validator::make($input, [
+            'name' => ['required', 'string', 'max:255'],
+        ])->validateWithBag('createTeam');
+
+        AddingTeam::dispatch($user);
+
+        $user->switchTeam($team = $user->ownedTeams()->create([
+            'name' => $input['name'],
+            'personal_team' => false,
+        ]));
+
+        return $team;
+    }
+}

app/Actions/Jetstream/DeleteTeam.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Actions\Jetstream;
+
+use Laravel\Jetstream\Contracts\DeletesTeams;
+
+class DeleteTeam implements DeletesTeams
+{
+    /**
+     * Delete the given team.
+     *
+     * @param  mixed  $team
+     * @return void
+     */
+    public function delete($team)
+    {
+        $team->purge();
+    }
+}

app/Actions/Jetstream/DeleteUser.php

@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Actions\Jetstream;
+
+use Illuminate\Support\Facades\DB;
+use Laravel\Jetstream\Contracts\DeletesTeams;
+use Laravel\Jetstream\Contracts\DeletesUsers;
+
+class DeleteUser implements DeletesUsers
+{
+    /**
+     * The team deleter implementation.
+     *
+     * @var \Laravel\Jetstream\Contracts\DeletesTeams
+     */
+    protected $deletesTeams;
+
+    /**
+     * Create a new action instance.
+     *
+     * @param  \Laravel\Jetstream\Contracts\DeletesTeams  $deletesTeams
+     * @return void
+     */
+    public function __construct(DeletesTeams $deletesTeams)
+    {
+        $this->deletesTeams = $deletesTeams;
+    }
+
+    /**
+     * Delete the given user.
+     *
+     * @param  mixed  $user
+     * @return void
+     */
+    public function delete($user)
+    {
+        DB::transaction(function () use ($user) {
+            $this->deleteTeams($user);
+            $user->deleteProfilePhoto();
+            $user->tokens->each->delete();
+            $user->delete();
+        });
+    }
+
+    /**
+     * Delete the teams and team associations attached to the user.
+     *
+     * @param  mixed  $user
+     * @return void
+     */
+    protected function deleteTeams($user)
+    {
+        $user->teams()->detach();
+
+        $user->ownedTeams->each(function ($team) {
+            $this->deletesTeams->delete($team);
+        });
+    }
+}

app/Actions/Jetstream/InviteTeamMember.php

@@ -0,0 +1,97 @@
+<?php
+
+namespace App\Actions\Jetstream;
+
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Support\Facades\Mail;
+use Illuminate\Support\Facades\Validator;
+use Illuminate\Validation\Rule;
+use Laravel\Jetstream\Contracts\InvitesTeamMembers;
+use Laravel\Jetstream\Events\InvitingTeamMember;
+use Laravel\Jetstream\Jetstream;
+use Laravel\Jetstream\Mail\TeamInvitation;
+use Laravel\Jetstream\Rules\Role;
+
+class InviteTeamMember implements InvitesTeamMembers
+{
+    /**
+     * Invite a new team member to the given team.
+     *
+     * @param  mixed  $user
+     * @param  mixed  $team
+     * @param  string  $email
+     * @param  string|null  $role
+     * @return void
+     */
+    public function invite($user, $team, string $email, string $role = null)
+    {
+        Gate::forUser($user)->authorize('addTeamMember', $team);
+
+        $this->validate($team, $email, $role);
+
+        InvitingTeamMember::dispatch($team, $email, $role);
+
+        $invitation = $team->teamInvitations()->create([
+            'email' => $email,
+            'role' => $role,
+        ]);
+
+        Mail::to($email)->send(new TeamInvitation($invitation));
+    }
+
+    /**
+     * Validate the invite member operation.
+     *
+     * @param  mixed  $team
+     * @param  string  $email
+     * @param  string|null  $role
+     * @return void
+     */
+    protected function validate($team, string $email, ?string $role)
+    {
+        Validator::make([
+            'email' => $email,
+            'role' => $role,
+        ], $this->rules($team), [
+            'email.unique' => __('This user has already been invited to the team.'),
+        ])->after(
+            $this->ensureUserIsNotAlreadyOnTeam($team, $email)
+        )->validateWithBag('addTeamMember');
+    }
+
+    /**
+     * Get the validation rules for inviting a team member.
+     *
+     * @param  mixed  $team
+     * @return array
+     */
+    protected function rules($team)
+    {
+        return array_filter([
+            'email' => ['required', 'email', Rule::unique('team_invitations')->where(function ($query) use ($team) {
+                $query->where('team_id', $team->id);
+            })],
+            'role' => Jetstream::hasRoles()
+                            ? ['required', 'string', new Role]
+                            : null,
+        ]);
+    }
+
+    /**
+     * Ensure that the user is not already on the team.
+     *
+     * @param  mixed  $team
+     * @param  string  $email
+     * @return \Closure
+     */
+    protected function ensureUserIsNotAlreadyOnTeam($team, string $email)
+    {
+        return function ($validator) use ($team, $email) {
+            $validator->errors()->addIf(
+                $team->hasUserWithEmail($email),
+                'email',
+                __('This user already belongs to the team.')
+            );
+        };
+    }
+}

app/Actions/Jetstream/RemoveTeamMember.php

@@ -0,0 +1,63 @@
+<?php
+
+namespace App\Actions\Jetstream;
+
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Validation\ValidationException;
+use Laravel\Jetstream\Contracts\RemovesTeamMembers;
+use Laravel\Jetstream\Events\TeamMemberRemoved;
+
+class RemoveTeamMember implements RemovesTeamMembers
+{
+    /**
+     * Remove the team member from the given team.
+     *
+     * @param  mixed  $user
+     * @param  mixed  $team
+     * @param  mixed  $teamMember
+     * @return void
+     */
+    public function remove($user, $team, $teamMember)
+    {
+        $this->authorize($user, $team, $teamMember);
+
+        $this->ensureUserDoesNotOwnTeam($teamMember, $team);
+
+        $team->removeUser($teamMember);
+
+        TeamMemberRemoved::dispatch($team, $teamMember);
+    }
+
+    /**
+     * Authorize that the user can remove the team member.
+     *
+     * @param  mixed  $user
+     * @param  mixed  $team
+     * @param  mixed  $teamMember
+     * @return void
+     */
+    protected function authorize($user, $team, $teamMember)
+    {
+        if (! Gate::forUser($user)->check('removeTeamMember', $team) &&
+            $user->id !== $teamMember->id) {
+            throw new AuthorizationException;
+        }
+    }
+
+    /**
+     * Ensure that the currently authenticated user does not own the team.
+     *
+     * @param  mixed  $teamMember
+     * @param  mixed  $team
+     * @return void
+     */
+    protected function ensureUserDoesNotOwnTeam($teamMember, $team)
+    {
+        if ($teamMember->id === $team->owner->id) {
+            throw ValidationException::withMessages([
+                'team' => [__('You may not leave a team that you created.')],
+            ])->errorBag('removeTeamMember');
+        }
+    }
+}

app/Actions/Jetstream/UpdateTeamName.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Actions\Jetstream;
+
+use Illuminate\Support\Facades\Gate;
+use Illuminate\Support\Facades\Validator;
+use Laravel\Jetstream\Contracts\UpdatesTeamNames;
+
+class UpdateTeamName implements UpdatesTeamNames
+{
+    /**
+     * Validate and update the given team's name.
+     *
+     * @param  mixed  $user
+     * @param  mixed  $team
+     * @param  array  $input
+     * @return void
+     */
+    public function update($user, $team, array $input)
+    {
+        Gate::forUser($user)->authorize('update', $team);
+
+        Validator::make($input, [
+            'name' => ['required', 'string', 'max:255'],
+        ])->validateWithBag('updateTeamName');
+
+        $team->forceFill([
+            'name' => $input['name'],
+        ])->save();
+    }
+}

app/Console/Kernel.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Console;
+
+use Illuminate\Console\Scheduling\Schedule;
+use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
+
+class Kernel extends ConsoleKernel
+{
+    /**
+     * Define the application's command schedule.
+     *
+     * @param  \Illuminate\Console\Scheduling\Schedule  $schedule
+     * @return void
+     */
+    protected function schedule(Schedule $schedule)
+    {
+        // $schedule->command('inspire')->hourly();
+    }
+
+    /**
+     * Register the commands for the application.
+     *
+     * @return void
+     */
+    protected function commands()
+    {
+        $this->load(__DIR__.'/Commands');
+
+        require base_path('routes/console.php');
+    }
+}

app/Exceptions/Handler.php

@@ -0,0 +1,50 @@
+<?php
+
+namespace App\Exceptions;
+
+use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
+use Throwable;
+
+class Handler extends ExceptionHandler
+{
+    /**
+     * A list of exception types with their corresponding custom log levels.
+     *
+     * @var array<class-string<\Throwable>, \Psr\Log\LogLevel::*>
+     */
+    protected $levels = [
+        //
+    ];
+
+    /**
+     * A list of the exception types that are not reported.
+     *
+     * @var array<int, class-string<\Throwable>>
+     */
+    protected $dontReport = [
+        //
+    ];
+
+    /**
+     * A list of the inputs that are never flashed to the session on validation exceptions.
+     *
+     * @var array<int, string>
+     */
+    protected $dontFlash = [
+        'current_password',
+        'password',
+        'password_confirmation',
+    ];
+
+    /**
+     * Register the exception handling callbacks for the application.
+     *
+     * @return void
+     */
+    public function register()
+    {
+        $this->reportable(function (Throwable $e) {
+            //
+        });
+    }
+}

app/Http/Controllers/Controller.php

@@ -0,0 +1,13 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Foundation\Auth\Access\AuthorizesRequests;
+use Illuminate\Foundation\Bus\DispatchesJobs;
+use Illuminate\Foundation\Validation\ValidatesRequests;
+use Illuminate\Routing\Controller as BaseController;
+
+class Controller extends BaseController
+{
+    use AuthorizesRequests, DispatchesJobs, ValidatesRequests;
+}

app/Http/Kernel.php

@@ -0,0 +1,68 @@
+<?php
+
+namespace App\Http;
+
+use Illuminate\Foundation\Http\Kernel as HttpKernel;
+
+class Kernel extends HttpKernel
+{
+    /**
+     * The application's global HTTP middleware stack.
+     *
+     * These middleware are run during every request to your application.
+     *
+     * @var array<int, class-string|string>
+     */
+    protected $middleware = [
+        // \App\Http\Middleware\TrustHosts::class,
+        \App\Http\Middleware\TrustProxies::class,
+        \Illuminate\Http\Middleware\HandleCors::class,
+        \App\Http\Middleware\PreventRequestsDuringMaintenance::class,
+        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
+        \App\Http\Middleware\TrimStrings::class,
+        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
+    ];
+
+    /**
+     * The application's route middleware groups.
+     *
+     * @var array<string, array<int, class-string|string>>
+     */
+    protected $middlewareGroups = [
+        'web' => [
+            \App\Http\Middleware\EncryptCookies::class,
+            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
+            \Illuminate\Session\Middleware\StartSession::class,
+            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
+            \App\Http\Middleware\VerifyCsrfToken::class,
+            \Illuminate\Routing\Middleware\SubstituteBindings::class,
+            \App\Http\Middleware\HandleInertiaRequests::class,
+        ],
+
+        'api' => [
+            // \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
+            'throttle:api',
+            \Illuminate\Routing\Middleware\SubstituteBindings::class,
+        ],
+    ];
+
+    /**
+     * The application's route middleware.
+     *
+     * These middleware may be assigned to groups or used individually.
+     *
+     * @var array<string, class-string|string>
+     */
+    protected $routeMiddleware = [
+        'auth' => \App\Http\Middleware\Authenticate::class,
+        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
+        'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
+        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
+        'can' => \Illuminate\Auth\Middleware\Authorize::class,
+        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
+        'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
+        'signed' => \App\Http\Middleware\ValidateSignature::class,
+        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
+        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
+    ];
+}

app/Http/Middleware/Authenticate.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Auth\Middleware\Authenticate as Middleware;
+
+class Authenticate extends Middleware
+{
+    /**
+     * Get the path the user should be redirected to when they are not authenticated.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return string|null
+     */
+    protected function redirectTo($request)
+    {
+        if (! $request->expectsJson()) {
+            return route('login');
+        }
+    }
+}

app/Http/Middleware/EncryptCookies.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;
+
+class EncryptCookies extends Middleware
+{
+    /**
+     * The names of the cookies that should not be encrypted.
+     *
+     * @var array<int, string>
+     */
+    protected $except = [
+        //
+    ];
+}

app/Http/Middleware/HandleInertiaRequests.php

@@ -0,0 +1,43 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Http\Request;
+use Inertia\Middleware;
+
+class HandleInertiaRequests extends Middleware
+{
+    /**
+     * The root template that's loaded on the first page visit.
+     *
+     * @see https://inertiajs.com/server-side-setup#root-template
+     * @var string
+     */
+    protected $rootView = 'app';
+
+    /**
+     * Determines the current asset version.
+     *
+     * @see https://inertiajs.com/asset-versioning
+     * @param  \Illuminate\Http\Request  $request
+     * @return string|null
+     */
+    public function version(Request $request): ?string
+    {
+        return parent::version($request);
+    }
+
+    /**
+     * Defines the props that are shared by default.
+     *
+     * @see https://inertiajs.com/shared-data
+     * @param  \Illuminate\Http\Request  $request
+     * @return array
+     */
+    public function share(Request $request): array
+    {
+        return array_merge(parent::share($request), [
+            //
+        ]);
+    }
+}

app/Http/Middleware/PreventRequestsDuringMaintenance.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance as Middleware;
+
+class PreventRequestsDuringMaintenance extends Middleware
+{
+    /**
+     * The URIs that should be reachable while maintenance mode is enabled.
+     *
+     * @var array<int, string>
+     */
+    protected $except = [
+        //
+    ];
+}

app/Http/Middleware/RedirectIfAuthenticated.php

@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Providers\RouteServiceProvider;
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+
+class RedirectIfAuthenticated
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
+     * @param  string|null  ...$guards
+     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
+     */
+    public function handle(Request $request, Closure $next, ...$guards)
+    {
+        $guards = empty($guards) ? [null] : $guards;
+
+        foreach ($guards as $guard) {
+            if (Auth::guard($guard)->check()) {
+                return redirect(RouteServiceProvider::HOME);
+            }
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/TrimStrings.php

@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;
+
+class TrimStrings extends Middleware
+{
+    /**
+     * The names of the attributes that should not be trimmed.
+     *
+     * @var array<int, string>
+     */
+    protected $except = [
+        'current_password',
+        'password',
+        'password_confirmation',
+    ];
+}

app/Http/Middleware/TrustHosts.php

@@ -0,0 +1,20 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Http\Middleware\TrustHosts as Middleware;
+
+class TrustHosts extends Middleware
+{
+    /**
+     * Get the host patterns that should be trusted.
+     *
+     * @return array<int, string|null>
+     */
+    public function hosts()
+    {
+        return [
+            $this->allSubdomainsOfApplicationUrl(),
+        ];
+    }
+}

app/Http/Middleware/TrustProxies.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Http\Middleware\TrustProxies as Middleware;
+use Illuminate\Http\Request;
+
+class TrustProxies extends Middleware
+{
+    /**
+     * The trusted proxies for this application.
+     *
+     * @var array<int, string>|string|null
+     */
+    protected $proxies;
+
+    /**
+     * The headers that should be used to detect proxies.
+     *
+     * @var int
+     */
+    protected $headers =
+        Request::HEADER_X_FORWARDED_FOR |
+        Request::HEADER_X_FORWARDED_HOST |
+        Request::HEADER_X_FORWARDED_PORT |
+        Request::HEADER_X_FORWARDED_PROTO |
+        Request::HEADER_X_FORWARDED_AWS_ELB;
+}

app/Http/Middleware/ValidateSignature.php

@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Routing\Middleware\ValidateSignature as Middleware;
+
+class ValidateSignature extends Middleware
+{
+    /**
+     * The names of the query string parameters that should be ignored.
+     *
+     * @var array<int, string>
+     */
+    protected $except = [
+        // 'fbclid',
+        // 'utm_campaign',
+        // 'utm_content',
+        // 'utm_medium',
+        // 'utm_source',
+        // 'utm_term',
+    ];
+}

app/Http/Middleware/VerifyCsrfToken.php

@@ -0,0 +1,17 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
+
+class VerifyCsrfToken extends Middleware
+{
+    /**
+     * The URIs that should be excluded from CSRF verification.
+     *
+     * @var array<int, string>
+     */
+    protected $except = [
+        //
+    ];
+}

app/Models/Membership.php

@@ -0,0 +1,15 @@
+<?php
+
+namespace App\Models;
+
+use Laravel\Jetstream\Membership as JetstreamMembership;
+
+class Membership extends JetstreamMembership
+{
+    /**
+     * Indicates if the IDs are auto-incrementing.
+     *
+     * @var bool
+     */
+    public $incrementing = true;
+}

app/Models/Team.php

@@ -0,0 +1,44 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Laravel\Jetstream\Events\TeamCreated;
+use Laravel\Jetstream\Events\TeamDeleted;
+use Laravel\Jetstream\Events\TeamUpdated;
+use Laravel\Jetstream\Team as JetstreamTeam;
+
+class Team extends JetstreamTeam
+{
+    use HasFactory;
+
+    /**
+     * The attributes that should be cast.
+     *
+     * @var array
+     */
+    protected $casts = [
+        'personal_team' => 'boolean',
+    ];
+
+    /**
+     * The attributes that are mass assignable.
+     *
+     * @var string[]
+     */
+    protected $fillable = [
+        'name',
+        'personal_team',
+    ];
+
+    /**
+     * The event map for the model.
+     *
+     * @var array
+     */
+    protected $dispatchesEvents = [
+        'created' => TeamCreated::class,
+        'updated' => TeamUpdated::class,
+        'deleted' => TeamDeleted::class,
+    ];
+}

app/Models/TeamInvitation.php

@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Models;
+
+use Laravel\Jetstream\Jetstream;
+use Laravel\Jetstream\TeamInvitation as JetstreamTeamInvitation;
+
+class TeamInvitation extends JetstreamTeamInvitation
+{
+    /**
+     * The attributes that are mass assignable.
+     *
+     * @var string[]
+     */
+    protected $fillable = [
+        'email',
+        'role',
+    ];
+
+    /**
+     * Get the team that the invitation belongs to.
+     *
+     * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
+     */
+    public function team()
+    {
+        return $this->belongsTo(Jetstream::teamModel());
+    }
+}

app/Models/Traits/HasUidTrait.php

@@ -0,0 +1,44 @@
+<?php
+
+namespace App\Models\Traits;
+
+trait HasUidTrait
+{
+    /**
+     * Ensure that when a model is saving, a unique ID
+     * is set for the model.
+     *
+     * @since 1.0.0
+     *
+     * @return void
+     */
+    public static function bootHasUidTrait(): void
+    {
+        //
+    }
+
+    /**
+     * Initialize logic.
+     *
+     * @since 1.0.0
+     *
+     * @return void
+     */
+    protected function initializeHasUidTrait(): void
+    {
+        $this->id = $this->generateUid();
+    }
+
+    /**
+     * Generates a cryptographically safe unique ID.
+     *
+     * @since 1.0.0
+     *
+     * @return string
+     */
+    public function generateUid(): string
+    {
+        $bytes = openssl_random_pseudo_bytes(env('APP_UID_BYTES', 8));
+        return bin2hex($bytes);
+    }
+}

app/Models/User.php

@@ -0,0 +1,61 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Contracts\Auth\MustVerifyEmail;
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Foundation\Auth\User as Authenticatable;
+use Illuminate\Notifications\Notifiable;
+use Laravel\Fortify\TwoFactorAuthenticatable;
+use Laravel\Jetstream\HasProfilePhoto;
+use Laravel\Jetstream\HasTeams;
+use Laravel\Sanctum\HasApiTokens;
+
+class User extends Authenticatable
+{
+    use HasApiTokens;
+    use HasFactory;
+    use HasProfilePhoto;
+    use HasTeams;
+    use Notifiable;
+    use TwoFactorAuthenticatable;
+
+    /**
+     * The attributes that are mass assignable.
+     *
+     * @var string[]
+     */
+    protected $fillable = [
+        'name', 'email', 'password',
+    ];
+
+    /**
+     * The attributes that should be hidden for serialization.
+     *
+     * @var array
+     */
+    protected $hidden = [
+        'password',
+        'remember_token',
+        'two_factor_recovery_codes',
+        'two_factor_secret',
+    ];
+
+    /**
+     * The attributes that should be cast.
+     *
+     * @var array
+     */
+    protected $casts = [
+        'email_verified_at' => 'datetime',
+    ];
+
+    /**
+     * The accessors to append to the model's array form.
+     *
+     * @var array
+     */
+    protected $appends = [
+        'profile_photo_url',
+    ];
+}

app/Policies/TeamPolicy.php

@@ -0,0 +1,106 @@
+<?php
+
+namespace App\Policies;
+
+use App\Models\Team;
+use App\Models\User;
+use Illuminate\Auth\Access\HandlesAuthorization;
+
+class TeamPolicy
+{
+    use HandlesAuthorization;
+
+    /**
+     * Determine whether the user can view any models.
+     *
+     * @param  \App\Models\User  $user
+     * @return mixed
+     */
+    public function viewAny(User $user)
+    {
+        return true;
+    }
+
+    /**
+     * Determine whether the user can view the model.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Team  $team
+     * @return mixed
+     */
+    public function view(User $user, Team $team)
+    {
+        return $user->belongsToTeam($team);
+    }
+
+    /**
+     * Determine whether the user can create models.
+     *
+     * @param  \App\Models\User  $user
+     * @return mixed
+     */
+    public function create(User $user)
+    {
+        return true;
+    }
+
+    /**
+     * Determine whether the user can update the model.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Team  $team
+     * @return mixed
+     */
+    public function update(User $user, Team $team)
+    {
+        return $user->ownsTeam($team);
+    }
+
+    /**
+     * Determine whether the user can add team members.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Team  $team
+     * @return mixed
+     */
+    public function addTeamMember(User $user, Team $team)
+    {
+        return $user->ownsTeam($team);
+    }
+
+    /**
+     * Determine whether the user can update team member permissions.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Team  $team
+     * @return mixed
+     */
+    public function updateTeamMember(User $user, Team $team)
+    {
+        return $user->ownsTeam($team);
+    }
+
+    /**
+     * Determine whether the user can remove team members.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Team  $team
+     * @return mixed
+     */
+    public function removeTeamMember(User $user, Team $team)
+    {
+        return $user->ownsTeam($team);
+    }
+
+    /**
+     * Determine whether the user can delete the model.
+     *
+     * @param  \App\Models\User  $user
+     * @param  \App\Models\Team  $team
+     * @return mixed
+     */
+    public function delete(User $user, Team $team)
+    {
+        return $user->ownsTeam($team);
+    }
+}

app/Providers/AppServiceProvider.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Providers;
+
+use Illuminate\Support\ServiceProvider;
+
+class AppServiceProvider extends ServiceProvider
+{
+    /**
+     * Register any application services.
+     *
+     * @return void
+     */
+    public function register()
+    {
+        //
+    }
+
+    /**
+     * Bootstrap any application services.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        //
+    }
+}

app/Providers/AuthServiceProvider.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Providers;
+
+use App\Models\Team;
+use App\Policies\TeamPolicy;
+use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
+
+class AuthServiceProvider extends ServiceProvider
+{
+    /**
+     * The policy mappings for the application.
+     *
+     * @var array
+     */
+    protected $policies = [
+        Team::class => TeamPolicy::class,
+    ];
+
+    /**
+     * Register any authentication / authorization services.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        $this->registerPolicies();
+
+        //
+    }
+}

app/Providers/BroadcastServiceProvider.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Providers;
+
+use Illuminate\Support\Facades\Broadcast;
+use Illuminate\Support\ServiceProvider;
+
+class BroadcastServiceProvider extends ServiceProvider
+{
+    /**
+     * Bootstrap any application services.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        Broadcast::routes();
+
+        require base_path('routes/channels.php');
+    }
+}

app/Providers/EventServiceProvider.php

@@ -0,0 +1,42 @@
+<?php
+
+namespace App\Providers;
+
+use Illuminate\Auth\Events\Registered;
+use Illuminate\Auth\Listeners\SendEmailVerificationNotification;
+use Illuminate\Foundation\Support\Providers\EventServiceProvider as ServiceProvider;
+use Illuminate\Support\Facades\Event;
+
+class EventServiceProvider extends ServiceProvider
+{
+    /**
+     * The event to listener mappings for the application.
+     *
+     * @var array<class-string, array<int, class-string>>
+     */
+    protected $listen = [
+        Registered::class => [
+            SendEmailVerificationNotification::class,
+        ],
+    ];
+
+    /**
+     * Register any events for your application.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        //
+    }
+
+    /**
+     * Determine if events and listeners should be automatically discovered.
+     *
+     * @return bool
+     */
+    public function shouldDiscoverEvents()
+    {
+        return false;
+    }
+}

app/Providers/FortifyServiceProvider.php

@@ -0,0 +1,49 @@
+<?php
+
+namespace App\Providers;
+
+use App\Actions\Fortify\CreateNewUser;
+use App\Actions\Fortify\ResetUserPassword;
+use App\Actions\Fortify\UpdateUserPassword;
+use App\Actions\Fortify\UpdateUserProfileInformation;
+use Illuminate\Cache\RateLimiting\Limit;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\RateLimiter;
+use Illuminate\Support\ServiceProvider;
+use Laravel\Fortify\Fortify;
+
+class FortifyServiceProvider extends ServiceProvider
+{
+    /**
+     * Register any application services.
+     *
+     * @return void
+     */
+    public function register()
+    {
+        //
+    }
+
+    /**
+     * Bootstrap any application services.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        Fortify::createUsersUsing(CreateNewUser::class);
+        Fortify::updateUserProfileInformationUsing(UpdateUserProfileInformation::class);
+        Fortify::updateUserPasswordsUsing(UpdateUserPassword::class);
+        Fortify::resetUserPasswordsUsing(ResetUserPassword::class);
+
+        RateLimiter::for('login', function (Request $request) {
+            $email = (string) $request->email;
+
+            return Limit::perMinute(5)->by($email.$request->ip());
+        });
+
+        RateLimiter::for('two-factor', function (Request $request) {
+            return Limit::perMinute(5)->by($request->session()->get('login.id'));
+        });
+    }
+}

app/Providers/JetstreamServiceProvider.php

@@ -0,0 +1,67 @@
+<?php
+
+namespace App\Providers;
+
+use App\Actions\Jetstream\AddTeamMember;
+use App\Actions\Jetstream\CreateTeam;
+use App\Actions\Jetstream\DeleteTeam;
+use App\Actions\Jetstream\DeleteUser;
+use App\Actions\Jetstream\InviteTeamMember;
+use App\Actions\Jetstream\RemoveTeamMember;
+use App\Actions\Jetstream\UpdateTeamName;
+use Illuminate\Support\ServiceProvider;
+use Laravel\Jetstream\Jetstream;
+
+class JetstreamServiceProvider extends ServiceProvider
+{
+    /**
+     * Register any application services.
+     *
+     * @return void
+     */
+    public function register()
+    {
+        //
+    }
+
+    /**
+     * Bootstrap any application services.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        $this->configurePermissions();
+
+        Jetstream::createTeamsUsing(CreateTeam::class);
+        Jetstream::updateTeamNamesUsing(UpdateTeamName::class);
+        Jetstream::addTeamMembersUsing(AddTeamMember::class);
+        Jetstream::inviteTeamMembersUsing(InviteTeamMember::class);
+        Jetstream::removeTeamMembersUsing(RemoveTeamMember::class);
+        Jetstream::deleteTeamsUsing(DeleteTeam::class);
+        Jetstream::deleteUsersUsing(DeleteUser::class);
+    }
+
+    /**
+     * Configure the roles and permissions that are available within the application.
+     *
+     * @return void
+     */
+    protected function configurePermissions()
+    {
+        Jetstream::defaultApiTokenPermissions(['read']);
+
+        Jetstream::role('admin', 'Administrator', [
+            'create',
+            'read',
+            'update',
+            'delete',
+        ])->description('Administrator users can perform any action.');
+
+        Jetstream::role('editor', 'Editor', [
+            'read',
+            'create',
+            'update',
+        ])->description('Editor users have the ability to read, create, and update.');
+    }
+}

app/Providers/RouteServiceProvider.php

@@ -0,0 +1,52 @@
+<?php
+
+namespace App\Providers;
+
+use Illuminate\Cache\RateLimiting\Limit;
+use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\RateLimiter;
+use Illuminate\Support\Facades\Route;
+
+class RouteServiceProvider extends ServiceProvider
+{
+    /**
+     * The path to the "home" route for your application.
+     *
+     * Typically, users are redirected here after authentication.
+     *
+     * @var string
+     */
+    public const HOME = '/dashboard';
+
+    /**
+     * Define your route model bindings, pattern filters, and other route configuration.
+     *
+     * @return void
+     */
+    public function boot()
+    {
+        $this->configureRateLimiting();
+
+        $this->routes(function () {
+            Route::middleware('api')
+                ->prefix('api')
+                ->group(base_path('routes/api.php'));
+
+            Route::middleware('web')
+                ->group(base_path('routes/web.php'));
+        });
+    }
+
+    /**
+     * Configure the rate limiters for the application.
+     *
+     * @return void
+     */
+    protected function configureRateLimiting()
+    {
+        RateLimiter::for('api', function (Request $request) {
+            return Limit::perMinute(60)->by($request->user()?->id ?: $request->ip());
+        });
+    }
+}