# Route Patterns

## Route File Structure
File: **app/Config/Routes.php**

## Public Routes
```php
$routes->get('/', 'Home::index');
$routes->get('/login', 'AuthController::loginPage', ['filter' => 'guest']);
$routes->post('/login', 'AuthController::login', ['filter' => 'guest']);
$routes->get('/logout', 'AuthController::logout');
$routes->patch('/setPassword', 'AuthController::setPassword');
```

## Label Routes (Public)
```php
$routes->get('label/coll/(:any)', 'LabelController::coll/$1');
$routes->get('label/dispatch/(:any)/(:any)', 'LabelController::dispatch/$1/$2');
$routes->get('label/all/(:any)', 'LabelController::print_all/$1');
```

## API Routes (Protected by Role Filter)
File: **app/Config/Routes.php** - `$routes->group('api', ...)` block

### Users Management
```php
$routes->group('users', ['filter' => 'role:0,1'], function ($routes) {
    $routes->get('', 'UsersController::index');         // Get all users
    $routes->post('', 'UsersController::create');      // Create user
    $routes->patch('(:any)', 'UsersController::update/$1'); // Update user
    $routes->delete('(:any)', 'UsersController::delete/$1'); // Delete user
});
```

### Requests
```php
$routes->group('requests', ['filter' => 'role:0,1,2,3,4'], function ($routes) {
    $routes->get('', 'RequestsController::index');           // Dashboard data
    $routes->get('(:any)/audit', 'ApiRequestsAuditController::show/$1'); // Audit trail
    $routes->post('validate/(:any)', 'RequestsController::val/$1'); // Validate request
    $routes->delete('validate/(:any)', 'RequestsController::unval/$1'); // Unvalidate request
});
```

### Validate API
```php
$routes->group('validate', ['filter' => 'role:0,1,2'], function ($routes) {
    $routes->get('unvalidated', 'ApiValidateController::unvalidated'); // Get unvalidated requests
});
```

### Samples
```php
$routes->group('samples', function ($routes) {
    // Collect & Show - All Roles
    $routes->group('', ['filter' => 'role:0,1,2,3,4'], function ($routes) {
        $routes->post('collect/(:any)', 'SamplesController::collect/$1');
        $routes->get('(:any)', 'SamplesController::show/$1');
    });

    // Unreceive - Only Superuser (0) and Admin (1)
    $routes->group('', ['filter' => 'role:0,1'], function ($routes) {
        $routes->delete('receive/(:any)', 'SamplesController::unreceive/$1');
    });
});
```

## Page Routes (Protected by Role Filter)

### Superuser (Role 0)
```php
$routes->group('superuser', ['filter' => 'role:0'], function ($routes) {
    $routes->get('', 'Pages\SuperuserController::index');
    $routes->get('users', 'Pages\SuperuserController::users');
    $routes->get('validate', 'Pages\SuperuserController::validatePage');
});
```

### Admin (Role 1)
```php
$routes->group('admin', ['filter' => 'role:1'], function ($routes) {
    $routes->get('', 'Pages\AdminController::index');
    $routes->get('users', 'Pages\AdminController::users');
    $routes->get('validate', 'Pages\AdminController::validationPage');
});
```

### Lab (Role 2)
```php
$routes->group('lab', ['filter' => 'role:2'], function ($routes) {
    $routes->get('', 'Pages\LabController::index');
    $routes->get('validate', 'Pages\LabController::validationPage');
});
```

### Phlebo (Role 3)
```php
$routes->group('phlebo', ['filter' => 'role:3'], function ($routes) {
    $routes->get('', 'Pages\PhlebotomistController::index');
});
```

### CS (Role 4)
```php
$routes->group('cs', ['filter' => 'role:4'], function ($routes) {
    $routes->get('', 'Pages\CsController::index');
});
```

## Error Handling
```php
$routes->set404Override(function () {
    $response = service('response');
    $response->setStatusCode(404);
    echo view('errors/notfound');
});
$routes->get('/unauthorized', 'ErrorPage::unauthorized');
```

## Route Filter Order
1. **Before filters** (run before request):
   - `forcehttps` - Force HTTPS
   - `pagecache` - Web page caching
   - `role` - Role-based access (on protected routes)
   - `guest` - Guest-only (on public routes)

2. **After filters** (run after response):
   - `pagecache` - Web page caching
   - `performance` - Performance metrics
   - `toolbar` - Debug toolbar

## Route Naming Conventions
- API endpoints: kebab-case, under `/api/` prefix
- Page routes: kebab-case, grouped by role
- Resource endpoints: standard REST pattern (`/resource/{id}`)
- Action endpoints: kebab-case, snake_case for parameters