defmodule SimpleshopThemeWeb.Router do use SimpleshopThemeWeb, :router import SimpleshopThemeWeb.UserAuth pipeline :browser do plug :accepts, ["html"] plug :fetch_session plug :fetch_live_flash plug :put_root_layout, html: {SimpleshopThemeWeb.Layouts, :root} plug :protect_from_forgery plug :put_secure_browser_headers plug :fetch_current_scope_for_user end pipeline :api do plug :accepts, ["json"] end pipeline :printify_webhook do plug SimpleshopThemeWeb.Plugs.VerifyPrintifyWebhook end pipeline :shop do plug :put_root_layout, html: {SimpleshopThemeWeb.Layouts, :shop_root} plug SimpleshopThemeWeb.Plugs.LoadTheme end # Public storefront (root level) scope "/", SimpleshopThemeWeb do pipe_through [:browser, :shop] live_session :public_shop, layout: {SimpleshopThemeWeb.Layouts, :shop}, on_mount: [{SimpleshopThemeWeb.CartHook, :mount_cart}] do live "/", ShopLive.Home, :index live "/about", ShopLive.About, :index live "/contact", ShopLive.Contact, :index live "/collections/:slug", ShopLive.Collection, :show live "/products/:id", ShopLive.ProductShow, :show live "/cart", ShopLive.Cart, :index live "/checkout/success", ShopLive.CheckoutSuccess, :show end # Checkout (POST — creates Stripe session and redirects) post "/checkout", CheckoutController, :create end # Cart API (session persistence for LiveView) scope "/api", SimpleshopThemeWeb do pipe_through [:browser] post "/cart", CartController, :update end # Image serving routes (public, no auth required) scope "/images", SimpleshopThemeWeb do pipe_through :browser get "/:id", ImageController, :show get "/:id/thumbnail", ImageController, :thumbnail get "/:id/variant/:width", ImageController, :variant get "/:id/recolored/:color", ImageController, :recolored_svg end # Webhook endpoints (no CSRF, signature verified) scope "/webhooks", SimpleshopThemeWeb do pipe_through [:api, :printify_webhook] post "/printify", WebhookController, :printify end scope "/webhooks", SimpleshopThemeWeb do pipe_through [:api] post "/stripe", StripeWebhookController, :handle end # Enable LiveDashboard and Swoosh mailbox preview in development if Application.compile_env(:simpleshop_theme, :dev_routes) do # If you want to use the LiveDashboard in production, you should put # it behind authentication and allow only admins to access it. # If your application does not have an admins-only section yet, # you can use Plug.BasicAuth to set up some basic authentication # as long as you are also using SSL (which you should anyway). import Phoenix.LiveDashboard.Router scope "/dev" do pipe_through :browser live_dashboard "/dashboard", metrics: SimpleshopThemeWeb.Telemetry forward "/mailbox", Plug.Swoosh.MailboxPreview # Preview error pages get "/errors/404", SimpleshopThemeWeb.ErrorPreviewController, :not_found get "/errors/500", SimpleshopThemeWeb.ErrorPreviewController, :server_error end end ## Authentication routes # /admin redirects to theme editor (requires auth, will redirect to login if needed) scope "/admin", SimpleshopThemeWeb do pipe_through [:browser, :require_authenticated_user] get "/", AdminController, :index end scope "/", SimpleshopThemeWeb do pipe_through [:browser, :require_authenticated_user] live_session :require_authenticated_user, on_mount: [{SimpleshopThemeWeb.UserAuth, :require_authenticated}] do live "/users/settings", UserLive.Settings, :edit live "/users/settings/confirm-email/:token", UserLive.Settings, :confirm_email live "/admin/theme", ThemeLive.Index, :index live "/admin/providers", ProviderLive.Index, :index live "/admin/providers/new", ProviderLive.Form, :new live "/admin/providers/:id/edit", ProviderLive.Form, :edit end post "/users/update-password", UserSessionController, :update_password end scope "/", SimpleshopThemeWeb do pipe_through [:browser] live_session :current_user, on_mount: [{SimpleshopThemeWeb.UserAuth, :mount_current_scope}] do live "/users/register", UserLive.Registration, :new live "/users/log-in", UserLive.Login, :new live "/users/log-in/:token", UserLive.Confirmation, :new end post "/users/log-in", UserSessionController, :create delete "/users/log-out", UserSessionController, :delete end end