# API, Routes & Controleurs

## Vue d'ensemble

L'API est organisee en **API REST v1** avec des groupes de routes distincts selon le role et le contexte d'authentification. Tous les endpoints API retournent du JSON.

**Fichiers de routes :**
- `routes/api.php` — Routes API v1 (~380 lignes)
- `routes/web.php` — Routes web (admin, webhooks, frontend booking)
- `routes/chatbot.php` — Routes chatbot IA
- `routes/channels.php` — Canaux de broadcasting temps reel
- `routes/console.php` — Commandes console

---

## Authentification

**Methode :** Laravel Sanctum (Bearer Token)
- Header : `Authorization: Bearer {token}`
- Middleware : `auth:sanctum`
- Les tokens sont generes au login/register et retournes dans la reponse
- Chaque token a des abilities (permissions)

**Middleware d'autorisation :**
| Middleware | Description |
|-----------|-------------|
| `auth:sanctum` | Authentification par token |
| `customer` | Restreint aux profils Customer |
| `coach` | Restreint aux profils Coach |
| `EnsureEmployeeOfPlace` | Verifie que l'employe est rattache au lieu demande |
| `apikey.auth` | Authentification par cle API (chatbot) |
| `ability:ABILITY_FULL` | Verification de permission specifique |
| `ForceAcceptJson` | Force le header Accept: application/json |
| `SetLocale` | Definit la langue de l'utilisateur |

---

## Routes API v1

### Routes Publiques (sans authentification)

**Prefix :** `/v1`

| Methode | Endpoint | Controleur | Description |
|---------|----------|------------|-------------|
| POST | `/register` | `RegisterController` | Inscription utilisateur |
| POST | `/login` | `LoginController` | Connexion |
| POST | `/social-login` | `SocialLoginController` | Connexion OAuth (Google, Facebook, LinkedIn, Instagram, Apple) |
| POST | `/forgotten` | `RequestForgottenCodeController` | Demande code de reinitialisation mot de passe |
| POST | `/forgotten/verify/{code}` | `VerifyForgottenCodeController` | Verification code + generation token |
| GET | `/categories` | `ListCategoriesController` | Liste des categories |
| GET | `/places` | `ListPlacesController` | Liste des lieux (pagine) |
| GET | `/places/{place}` | `ShowPlaceController` | Details d'un lieu |
| GET | `/places/{place}/facilities` | `ListFacilitiesController` | Installations d'un lieu |
| GET | `/places/{place}/categories` | `ListPlaceCategoriesController` | Categories d'un lieu |
| GET | `/places/{place}/services` | `ListServicesController` | Services d'un lieu |
| GET | `/places/{place}/activities` | `ListActivitiesController` | Activites d'un lieu |
| GET | `/places/{place}/personal-courses` | `ListPersonalCoursesController` | Cours perso d'un lieu |
| GET | `/places/{place}/group-courses` | `ListGroupCoursesController` | Cours collectifs d'un lieu |
| GET | `/places/{place}/wellness-courses` | `ListWellnessCoursesController` | Cours wellness d'un lieu |
| GET | `/places/{place}/events` | `ListEventsController` | Evenements d'un lieu |
| GET | `/places/{place}/banners` | `ListBannersController` | Bannieres promotionnelles |
| GET | `/places/{place}/flex-memberships` | `ListFlexMembershipsController` | Abonnements flex |
| GET | `/packs` | `ListPacksController` | Liste des forfaits |
| GET | `/global-search` | `SearchGlobalController` | Recherche globale multi-modeles |
| GET | `/search` | `SearchController` | Recherche geographique (bounding box) |
| GET | `/addresses` | `SearchAddressController` | Recherche adresse (Google Geocoder) |
| GET | `/languages/{lang}` | `LanguageController@show` | Traductions par langue |
| GET | `/languages` | `LanguageController@index` | Liste des langues |
| GET | `/coaches/recommended` | `ListRecommendedCoachesController` | Coaches recommandes |
| GET | `/coaches/{coach}` | `ShowCoachController` | Details d'un coach |

---

### Routes Authentifiees (tous roles)

**Prefix :** `/v1` | **Middleware :** `auth:sanctum`

| Methode | Endpoint | Controleur | Description |
|---------|----------|------------|-------------|
| GET | `/account` | `ShowAccountController` | Profil utilisateur |
| PUT | `/account` | `UpdateAccountController` | Modifier profil |
| PUT | `/account/password` | `UpdatePasswordController` | Changer mot de passe |
| DELETE | `/account` | `DeleteAccountController` | Supprimer compte |
| POST | `/profile` | `SetProfileController` | Changer profil actif |
| GET | `/favourites` | `ListFavouritesController` | Liste favoris |
| POST | `/favourites/coaches/{coach}` | `ToggleFavouriteCoachController` | Toggle favori coach |
| POST | `/favourites/categories/{category}` | `ToggleFavouriteCategoryController` | Toggle favori categorie |
| GET | `/notifications` | `ListNotificationsController` | Liste notifications |
| POST | `/notifications/mark` | `MarkNotificationsController` | Marquer comme lues |
| GET | `/guest-invitations` | `ListGuestInvitationsController` | Invitations reçues |
| POST | `/device/subscribe` | `SubscribeController` | Enregistrer device push |
| POST | `/device/unsubscribe` | `UnsubscribeController` | Desenregistrer device |
| POST | `/logout` | `LogoutController` | Deconnexion |

---

### Routes Customer

**Prefix :** `/v1` | **Middleware :** `auth:sanctum`, `customer`

| Methode | Endpoint | Controleur | Description |
|---------|----------|------------|-------------|
| GET | `/stripe/config` | `ShowStripeConfig` | Config Stripe (cle publique) |
| GET | `/wallet` | `ShowWalletController` | Solde wallet |
| GET | `/wallet/transactions` | `ShowWalletTransactionsController` | Historique transactions |
| GET | `/bookings` | `ListBookingsController` | Mes reservations (filtres: past/upcoming/today/canceled) |
| GET | `/bookings/{booking}` | `ShowBookingController` | Detail reservation |
| DELETE | `/bookings/{booking}` | `CancelAttendeeBookingController` | Annuler reservation |
| GET | `/bookings/daypasses/active` | `ListActiveDaypassesController` | Day passes actifs |
| GET | `/bookings/guest-passes/active` | `ListActiveGuestPassesController` | Guest passes actifs |
| GET | `/orders` | `ListOrdersController` | Mes commandes |
| POST | `/orders` | `UpsertOrderController` | Creer/modifier commande |
| POST | `/orders/{order}/stripe-pay` | `StripePayOrderController` | Payer via Stripe |
| POST | `/orders/{order}/wallet-pay` | `WalletPayOrderController` | Payer via wallet |
| POST | `/orders/{order}/nowpayments-pay` | `NowPaymentsPayOrderController` | Payer via crypto |
| GET | `/guests` | `ListGuestsController` | Mes invites |
| POST | `/guests` | `CreateGuestController` | Ajouter un invite |
| DELETE | `/guests/{guest}` | `DeleteGuestController` | Supprimer un invite |
| GET | `/kids` | `ListKidsController` | Mes enfants |
| POST | `/kids` | `CreateKidController` | Ajouter un enfant |
| PUT | `/kids/{kid}` | `UpdateKidController` | Modifier un enfant |
| DELETE | `/kids/{kid}` | `DeleteKidController` | Supprimer un enfant |
| POST | `/tracking` | `CreateTrackingEntryController` | Enregistrer activite |
| GET | `/tracking` | `ListTrackingEntriesController` | Historique activites |

**Disponibilites (sous `/v1/places/{place}/availabilities`) :**

| Methode | Endpoint | Description |
|---------|----------|-------------|
| GET | `/personal-courses` | Creneaux cours perso disponibles |
| GET | `/wellness-courses` | Creneaux wellness disponibles |
| GET | `/group-courses` | Cours collectifs disponibles |
| GET | `/services` | Creneaux services disponibles |
| GET | `/activities` | Creneaux activites disponibles |
| GET | `/events` | Evenements disponibles |

---

### Routes Coach

**Prefix :** `/v1` | **Middleware :** `auth:sanctum`, `coach`

| Methode | Endpoint | Controleur | Description |
|---------|----------|------------|-------------|
| GET | `/availabilities` | `ListAvailabilitiesController` | Mes disponibilites |
| POST | `/availabilities/sync` | `SyncAvailabilitiesController` | Synchroniser disponibilites |
| GET | `/customers` | `ListCoachCustomersController` | Mes clients |
| GET | `/planning` | `ListPlanningEntriesController` | Mon planning |
| POST | `/planning/{booking}/seen` | `SeenPlanningBookingController` | Marquer vu |
| POST | `/planning/{booking}/report` | `ReportAttendanceController` | Reporter presence |
| POST | `/bookings/past` | `CreatePastBookingController` | Creer booking passe |

---

### Routes Employee

**Prefix :** `/v1/places/{place}` | **Middleware :** `auth:sanctum`, `ability:ABILITY_FULL`, `EnsureEmployeeOfPlace`

**Dashboard & Acces :**

| Methode | Endpoint | Description |
|---------|----------|-------------|
| GET | `/dashboard` | Dashboard coordinateur |
| GET | `/access-logs` | Logs d'acces du lieu |
| POST | `/access-logs/{accessLog}/tag` | Taguer un log d'acces |
| PUT | `/access-logs/{accessLog}` | Modifier un log d'acces |

**Gestion Clients :**

| Methode | Endpoint | Description |
|---------|----------|-------------|
| GET | `/customers` | Liste clients du lieu |
| GET | `/employees` | Liste employes du lieu |
| GET | `/customers/{user}/bookings` | Reservations d'un client |
| GET | `/customers/{user}/bookings/{booking}` | Detail reservation client |
| DELETE | `/customers/{user}/bookings/{booking}` | Annuler reservation client |
| GET | `/customers/{user}/bookings/{booking}/rebooking-fees` | Calculer frais re-reservation |

**Commandes Employee :**

| Methode | Endpoint | Description |
|---------|----------|-------------|
| GET | `/customers/{user}/orders` | Commandes d'un client |
| POST | `/customers/{user}/orders` | Creer commande pour client |
| POST | `/customers/{user}/orders/{order}/stripe-pay` | Payer Stripe |
| POST | `/customers/{user}/orders/{order}/wallet-pay` | Payer wallet |
| POST | `/customers/{user}/orders/{order}/nowpayments-pay` | Payer crypto |
| POST | `/customers/{user}/otp` | Generer OTP |

**Taches :**

| Methode | Endpoint | Description |
|---------|----------|-------------|
| GET | `/tasks` | Liste taches |
| POST | `/tasks` | Creer tache |
| PUT | `/tasks/{task}` | Modifier tache |

**Disponibilites Employee :**

| Methode | Endpoint | Description |
|---------|----------|-------------|
| GET | `/availabilities/services` | Services disponibles |
| GET | `/availabilities/activities` | Activites disponibles |
| GET | `/availabilities/personal-courses` | Cours perso disponibles |
| GET | `/availabilities/wellness-courses` | Wellness disponibles |
| GET | `/availabilities/group-courses` | Collectifs disponibles |
| GET | `/availabilities/events` | Evenements disponibles |

**Invitations & Rapports :**

| Methode | Endpoint | Description |
|---------|----------|-------------|
| GET | `/guest-invitations` | Invitations guests |
| POST | `/guest-invitations` | Creer invitation |
| DELETE | `/guest-invitations/{invitation}` | Annuler invitation |
| GET | `/daily-bookings` | Reservations du jour |
| GET | `/daily-bookings/per-user` | Reservations par utilisateur |
| GET | `/daily-service-usages` | Utilisations services du jour |
| POST | `/bookings/{booking}/report` | Reporter presence |

---

### Routes Shop Manager

**Prefix :** `/v1/places/{place}/shop` | **Middleware :** `auth:sanctum`, `ability:ABILITY_FULL`, `EnsureShopManagerMiddleware`

**Produits :**

| Methode | Endpoint | Controleur | Description |
|---------|----------|------------|-------------|
| GET | `/products` | `ListProductsController` | Liste des produits (filtrable, paginee) |
| GET | `/products/{product}` | `ShowProductController` | Detail produit avec stats de vente |
| PATCH | `/products/{product}/toggle` | `ToggleProductActiveController` | Activer/desactiver un produit |
| GET | `/products/barcode/{code}` | `LookupProductByBarcodeController` | Recherche produit par code-barres |
| POST | `/products/{product}/variations/{variation}/barcode` | `GenerateVariationBarcodeController` | Generer un code-barres |

**Panier (Cart) :**

| Methode | Endpoint | Controleur | Description |
|---------|----------|------------|-------------|
| GET | `/carts` | `ListCartsController` | Carts actifs du vendeur |
| POST | `/carts` | `CreateCartController` | Creer un cart |
| GET | `/carts/{order}` | `ShowCartController` | Detail cart |
| PUT | `/carts/{order}` | `UpdateCartController` | Modifier cart |
| DELETE | `/carts/{order}` | `DeleteCartController` | Supprimer cart |
| POST | `/carts/{order}/items` | `AddCartItemController` | Ajouter item |
| PATCH | `/carts/{order}/items/{item}` | `UpdateCartItemQuantityController` | Modifier quantite |
| DELETE | `/carts/{order}/items/{item}` | `RemoveCartItemController` | Supprimer item |
| POST | `/carts/{order}/customer` | `ChangeCartCustomerController` | Changer client |

**Clients :**

| Methode | Endpoint | Controleur | Description |
|---------|----------|------------|-------------|
| GET | `/customers` | `SearchCustomersController` | Recherche clients |
| POST | `/customers` | `CreateCustomerController` | Creation rapide de client |

**Inventaire :**

| Methode | Endpoint | Controleur | Description |
|---------|----------|------------|-------------|
| POST | `/products/{product}/stock` | `AdjustStockController` | Ajuster le stock |

**Commandes :**

| Methode | Endpoint | Controleur | Description |
|---------|----------|------------|-------------|
| GET | `/orders` | `ListOrdersController` | Historique commandes |
| GET | `/orders/{order}` | `ShowOrderController` | Detail commande |

**Paiements :**

| Methode | Endpoint | Controleur | Description |
|---------|----------|------------|-------------|
| POST | `/carts/{order}/pay/pos` | `PosPayOrderController` | Paiement par TPE |
| POST | `/carts/{order}/pay/cash` | `CashPayOrderController` | Paiement en especes |
| POST | `/carts/{order}/pay/wallet` | `WalletPayCartController` | Paiement par wallet |
| POST | `/carts/{order}/pay/stripe` | `StripePayCartController` | Paiement par carte (Stripe) |
| POST | `/carts/{order}/pay/crypto` | `CryptoPayCartController` | Paiement crypto |

**Factures :**

| Methode | Endpoint | Controleur | Description |
|---------|----------|------------|-------------|
| GET | `/orders/{order}/invoice` | `DownloadInvoiceController` | Telecharger PDF |
| POST | `/orders/{order}/invoice/send` | `SendInvoiceController` | Envoyer par email |

**Dashboard Analytics :**

| Methode | Endpoint | Controleur | Description |
|---------|----------|------------|-------------|
| GET | `/dashboard/revenue` | `RevenueController` | Revenus avec graphique (cache 5 min) |
| GET | `/dashboard/checkout-snapshot` | `CheckoutSnapshotController` | Checkout, panier moyen, risque |
| GET | `/dashboard/sales-performance` | `SalesPerformanceController` | Performance par jour de semaine |
| GET | `/dashboard/best-sellers` | `BestSellerController` | Produits les plus vendus |
| GET | `/dashboard/recent-activity` | `RecentActivityController` | Feed d'activite recente (cache 2 min) |
| GET | `/dashboard/top-categories` | `TopCategoriesController` | Categories par % de ventes |
| GET | `/dashboard/inventory-alerts` | `InventoryAlertsController` | Alertes stock bas (cache 2 min) |

---

### Routes Chat

**Prefix :** `/v1/chat` | **Middleware :** `auth:sanctum` + throttle chat

| Methode | Endpoint | Description |
|---------|----------|-------------|
| GET | `/conversations` | Liste conversations |
| POST | `/conversations` | Creer conversation |
| GET | `/conversations/{conversation}` | Detail conversation |
| PUT | `/conversations/{conversation}` | Modifier conversation |
| DELETE | `/conversations/{conversation}` | Supprimer conversation |
| POST | `/conversations/{conversation}/typing` | Indicateur de saisie |
| POST | `/conversations/{conversation}/ai/enable` | Activer IA |
| POST | `/conversations/{conversation}/ai/disable` | Desactiver IA |
| GET | `/conversations/{conversation}/messages` | Messages d'une conversation |
| POST | `/conversations/{conversation}/messages` | Envoyer message |
| GET | `/conversations/{conversation}/messages/{message}` | Detail message |
| DELETE | `/conversations/{conversation}/messages/{message}` | Supprimer message |
| POST | `/conversations/{conversation}/messages/{message}/receipts` | Accuse reception |
| POST | `/upload` | Upload fichier (piece jointe) |
| GET | `/contacts` | Liste contacts chat |

---

### Routes Chatbot

**Prefix :** `/v1/chatbot` | **Middleware :** `apikey.auth`

Routes optimisees pour l'integration chatbot/IA, structurees en sous-domaines :

**Customer :**

| Methode | Endpoint | Description |
|---------|----------|-------------|
| POST | `/customer/register` | Creer un customer via chatbot |
| GET | `/customer/{customer}/otp` | OTP customer |
| GET | `/customer/{customer}/orders` | Lister les commandes du customer (status/date/pagination) |
| POST | `/customer/{customer}/orders` | Creer une commande |
| PUT | `/customer/{customer}/orders/{order}` | Modifier une commande |
| GET | `/customer/{customer}/bookings` | Liste des reservations customer |
| GET | `/customer/{customer}/bookings/{booking}` | Detail reservation |
| POST | `/customer/{customer}/bookings/{booking}/cancel` | Annuler reservation |
| POST | `/customer/{customer}/orders/{order}/wallet-payment` | Paiement wallet |
| POST | `/customer/{customer}/orders/{order}/stripe-payment` | Paiement Stripe |
| POST | `/customer/{customer}/orders/{order}/nowpayments-payment` | Paiement crypto |

**Coach :**

| Methode | Endpoint | Description |
|---------|----------|-------------|
| GET | `/coach/{coach}/planning` | Planning coach |
| GET | `/coach/{coach}/availabilities` | Disponibilites coach |
| POST | `/coach/{coach}/availabilities` | Synchroniser disponibilites coach |

**Place - Booking Discovery :**

| Methode | Endpoint | Description |
|---------|----------|-------------|
| GET | `/places/{place?}` | Lister places ou detail place |
| GET | `/places/{place}/services` | Services disponibles |
| GET | `/places/{place}/activities` | Activites disponibles |
| GET | `/places/{place}/personal-courses/{coach_id?}/{category_id?}` | Cours perso disponibles |
| GET | `/places/{place}/wellness-courses/{coach_id?}/{category_id?}` | Cours wellness disponibles |
| GET | `/places/{place}/group-courses/{coach_id?}/{category_id?}` | Cours collectifs disponibles |
| GET | `/places/{place}/events` | Evenements disponibles |
| GET | `/places/{place}/categories` | Categories du lieu |
| GET | `/places/{place}/schedule` | Planning unifie par date (group_by: course_type ou department) |

**Place - Analytics (AI data analysis) :**

| Methode | Endpoint | Description |
|---------|----------|-------------|
| GET | `/places/{place}/analytics` | Vue globale KPI (access logs, bookings, orders) |
| GET | `/places/{place}/analytics/access-logs` | Analyse detaillee des logs d'acces (filtres + pagination) |
| GET | `/places/{place}/analytics/bookings` | Analyse detaillee des reservations (filtres + pagination) |
| GET | `/places/{place}/analytics/orders` | Analyse detaillee des commandes (filtres + pagination + aggregates) |

---

## Routes Web

### Webhooks

| Methode | Endpoint | Description |
|---------|----------|-------------|
| POST | `/webhooks/stripe` | Webhook Stripe (paiements) |
| POST | `/webhooks/stripe-connect` | Webhook Stripe Connect (coaches) |
| POST | `/webhooks/nowpayments` | Webhook NowPayments (crypto) |

### Frontend Booking

Routes multi-etapes pour le booking via interface web :
- `/booking/{place}` — Selection lieu
- `/booking/{place}/service` — Selection service
- `/booking/{place}/slot` — Selection creneau
- `/booking/{place}/guest-info` — Infos invite
- `/booking/{place}/user-info` — Infos utilisateur
- `/booking/{place}/confirmation` — Confirmation

### Day Pass Booking
- `/daypass/{place}` — Booking day pass
- `/daypass/{place}/guest-info` — Infos invite daypass

### Validation d'Acces
- `/access-validation/{place}` — Page de scan QR
- `/access-validation/{place}/member/{booking}` — Validation membre
- `/access-validation/{place}/guest/{booking}` — Validation invite
- `/access-validation/{place}/daypass/{booking}` — Validation daypass

### Rapports Admin
- `/admin/reports/clients` — Rapport clients
- `/admin/reports/coaches` — Rapport coaches
- `/admin/reports/courses` — Rapport cours
- `/admin/reports/memberships` — Rapport abonnements
- `/admin/reports/transactions` — Rapport transactions
- `/admin/reports/revenue` — Rapport revenus
- Et plus...

---

## Canaux de Broadcasting

Definis dans `routes/channels.php` :

```php
// Canal prive par conversation
Broadcast::channel('conversation.{conversationId}', function ($user, $conversationId) {
    // Autorise si l'utilisateur est participant de la conversation
});

// Canal par lieu (pour les employes)
Broadcast::channel('place.{placeId}', function ($user, $placeId) {
    // Autorise si l'utilisateur est employe du lieu
});
```

---

## Resources API (JSON Transformers)

Les Resources transforment les modeles Eloquent en JSON structure pour l'API.

**Localisation :** `app/Http/Resources/`

### Resources Principales

| Resource | Modele | Champs cles |
|----------|--------|-------------|
| `UserResource` | User | Profil complet, coaches, employees, conversations, guests |
| `PlaceResource` | Place | Details lieu, installations, coaches, pricing, config |
| `CoachResource` | Coach | Profil coach, specialisations, pricing |
| `CustomerBookingResource` | Booking | Details booking, attendee, coach, place, QR codes |
| `OrderResource` | Order | Commande, items, pricing, status, payment intent |
| `ConversationResource` | Conversation | Conversation, participants, dernier message |
| `MessageResource` | Message | Message, attachments, receipts |
| `WalletResource` | Wallet | Soldes (credits, daypasses, guest passes) |
| `NotificationResource` | Notification | Notification formatee |

### Resources Secondaires

CategoryResource, ActivityResource, ServiceResource, EventResource, GroupCourseResource, PersonalCourseResource, WellnessCourseResource, PackResource, FacilityResource, GuestResource, KidResource, BannerResource, FlexMembershipResource, etc.

### Resources Shop Manager (`app/Http/Resources/ShopManager/`)

| Resource | Modele | Champs cles |
|----------|--------|-------------|
| `VendorProductResource` | Product | id, name, category, price, total_sold, stock_remaining, is_active |
| `VendorProductDetailResource` | Product | Detail complet, badge (TOP PERFORMER/TOP RATED/NEW), variations, sales_performance, inventory_snapshot, latest_feedback |
| `CartResource` | Order | Cart items, client, totaux |
| `CartItemResource` | OrderItem | Produit, variation, quantite, prix |
| `VendorOrderResource` | Order | Commande resume (type_label, status, montant) |
| `VendorOrderDetailResource` | Order | Detail complet commande + items + paiement |
| `InvoiceResource` | Invoice | PDF, status, montant |
| `PaymentDetailsResource` | Order | Details paiement (provider, amounts, receipt) |

---

## Form Requests (Validation)

Les Form Requests encapsulent la validation des donnees d'entree.

**Localisation :** `app/Http/Requests/`

| Request | Description | Regles cles |
|---------|-------------|-------------|
| `CreateUserRequest` | Inscription | email unique, password min 8 |
| `LoginRequest` | Connexion | email, password required |
| `UpdateAccountRequest` | Modifier profil | email unique (sauf self), phone |
| `UpsertOrderRequest` | Creer/modifier commande | items array, orderable validation |
| `ListBookingsRequest` | Lister bookings | filter: past/upcoming/today/canceled |
| `StoreConversationRequest` | Creer conversation | participants array |
| `StoreMessageRequest` | Envoyer message | body ou attachment required |

### Form Requests Shop Manager (`app/Http/Requests/ShopManager/`)

| Request | Description | Regles cles |
|---------|-------------|-------------|
| `CreateCartRequest` | Creer un cart | customer_id (optional public_id) |
| `UpdateCartRequest` | Modifier un cart | notes (optional) |
| `AddCartItemRequest` | Ajouter item au cart | product_id, variation_id, quantity |
| `UpdateCartItemQuantityRequest` | Changer quantite | quantity (0 = suppression) |
| `ChangeCartCustomerRequest` | Changer le client du cart | customer_id (public_id) |
| `CreateCustomerRequest` | Creation rapide client | firstname, lastname, email, phone |
| `AdjustStockRequest` | Ajuster stock | variation_id, quantity, reason |
| `PosPaymentRequest` | Paiement TPE | receipt_photo (image), amounts |
| `CashPaymentRequest` | Paiement especes | amounts, receipt_photo, cash_given, change |
| `SendInvoiceRequest` | Envoyer facture | email (optional, defaut client) |

---

## Middleware Personnalises

| Fichier | Description |
|---------|-------------|
| `EnsureEmployeeOfPlace` | Verifie que l'employe authentifie est rattache au lieu dans l'URL |
| `ApiKeyAuthMiddleware` | Valide la cle API (header `X-API-Key`) pour les routes chatbot |
| `OnlyCustomerUser` | Restreint l'acces aux utilisateurs avec profil Customer actif |
| `OnlyCoachUser` | Restreint l'acces aux utilisateurs avec profil Coach actif |
| `ForceAcceptJson` | Ajoute `Accept: application/json` a toutes les requetes API |
| `SetLocale` | Definit la locale de l'application selon la langue de l'utilisateur |
| `VerifyStripeWebhookSignature` | Verifie la signature HMAC des webhooks Stripe |
| `EnsureShopManagerMiddleware` | Verifie que l'employe a le role `is_shop_manager` et est rattache au lieu |