lotteryLaravel/README.md

<p align="center"><a href="https://laravel.com" target="_blank"><img src="https://raw.githubusercontent.com/laravel/art/master/logo-lockup/5%20SVG/2%20CMYK/1%20Full%20Color/laravel-logolockup-cmyk-red.svg" width="400" alt="Laravel Logo"></a></p>

<p align="center">
<a href="https://github.com/laravel/framework/actions"><img src="https://github.com/laravel/framework/workflows/tests/badge.svg" alt="Build Status"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/dt/laravel/framework" alt="Total Downloads"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/v/laravel/framework" alt="Latest Stable Version"></a>
<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/l/laravel/framework" alt="License"></a>
</p>

## 后台 RBAC

侧栏与 `prd.*` 权限目录见 [`docs/admin-rbac.md`](docs/admin-rbac.md)。维护命令：`php artisan lottery:admin-auth-sync --audit`。

## About Laravel

Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experience to be truly fulfilling. Laravel takes the pain out of development by easing common tasks used in many web projects, such as:

- [Simple, fast routing engine](https://laravel.com/docs/routing).
- [Powerful dependency injection container](https://laravel.com/docs/container).
- Multiple back-ends for [session](https://laravel.com/docs/session) and [cache](https://laravel.com/docs/cache) storage.
- Expressive, intuitive [database ORM](https://laravel.com/docs/eloquent).
- Database agnostic [schema migrations](https://laravel.com/docs/migrations).
- [Robust background job processing](https://laravel.com/docs/queues).
- [Real-time event broadcasting](https://laravel.com/docs/broadcasting).

Laravel is accessible, powerful, and provides tools required for large, robust applications.

## Learning Laravel

Laravel has the most extensive and thorough [documentation](https://laravel.com/docs) and video tutorial library of all modern web application frameworks, making it a breeze to get started with the framework.

In addition, [Laracasts](https://laracasts.com) contains thousands of video tutorials on a range of topics including Laravel, modern PHP, unit testing, and JavaScript. Boost your skills by digging into our comprehensive video library.

You can also watch bite-sized lessons with real-world projects on [Laravel Learn](https://laravel.com/learn), where you will be guided through building a Laravel application from scratch while learning PHP fundamentals.

## Agentic Development

Laravel's predictable structure and conventions make it ideal for AI coding agents like Claude Code, Cursor, and GitHub Copilot. Install [Laravel Boost](https://laravel.com/docs/ai) to supercharge your AI workflow:

```bash
composer require laravel/boost --dev

php artisan boost:install
```

Boost provides your agent 15+ tools and skills that help agents build Laravel applications while following best practices.

## 本地开发（可复制启动）

在 **本仓库根目录**（即含 `artisan` 的 `lotterLaravel` 目录）开 **3 个终端**，每段整段复制即可。若已用 Herd / Valet / Sail / 自有 Web 服务器指到 `public`，可不跑「终端 1」。

**前置（首次）**：`cp .env.example .env`，`composer install`，`php artisan key:generate`，`php artisan migrate`（及你的库表/种子）。本地重置演示数据可用 `php artisan migrate:fresh --seed`（会清空当前库）。若只改了 `AdminAuthorizationRegistry` 而未新增迁移，还需 `php artisan lottery:admin-auth-sync --audit`。

**终端 1 — HTTP API**

```bash
php artisan serve
```

**终端 2 — WebSocket（`.env` 里 `BROADCAST_CONNECTION=reverb` 时必开）**

```bash
php artisan reverb:start
```

**终端 3 — 任务调度（`draw.countdown` 每秒 + `lottery:draw-tick` 每 10 秒）**

```bash
php artisan schedule:work
```

> 仅用系统 cron 每分钟执行一次 `schedule:run` **无法覆盖「每秒」的 `lottery:hall-countdown`**，开发大厅实时倒计时时请用 `schedule:work`（或生产上等价常驻调度进程）。

只做 HTTP / 降级轮询、不测 WebSocket 时：**终端 2、3 可先不开**；要完整大厅 WS，则 **三项都开**。

## 统一配置说明

这套后端把「运行监听地址」和「对外访问地址」分开管理，避免上线时到处改常量：

- `APP_URL`：对外生成链接、邮件、重定向时使用的应用根地址
- `APP_BIND_HOST`：`php artisan serve` 监听哪块网卡
- `VITE_HOST`：`npm run dev` / Vite 监听哪块网卡
- `REVERB_SERVER_HOST`：`php artisan reverb:start` 监听哪块网卡
- `REVERB_HOST`：浏览器连接 Reverb 时看到的主机名或 IP
- `SANCTUM_STATEFUL_DOMAINS`：允许带 Cookie 的前端来源列表

如果你要用局域网地址访问，比如 `http://192.168.0.101:8000`，通常只需要：

1. 把 `APP_BIND_HOST`、`VITE_HOST` 和 `REVERB_SERVER_HOST` 改成 `0.0.0.0`
2. 把 `APP_URL`、`REVERB_HOST`、`SANCTUM_STATEFUL_DOMAINS` 改成你的局域网 IP
3. 前端的 `NEXT_PUBLIC_*` 变量也同步改成同一个局域网地址

## 后台权限体检

后台权限现在提供了一条可直接接入 CI 的体检命令，用来检查：

- 受保护后台路由是否都已登记到 `admin_api_resources`
- `permission_required` 资源是否已在 `admin_api_resource_bindings` 绑定 `admin_menu_actions`（鉴权由 `admin_role_menu_actions` + bindings 推导，不再使用已删除的 `admin_role_api_resources` 表）

本地可直接执行：

```bash
php artisan lottery:admin-auth-audit
```

如果你新增了后台接口、权限动作或资源绑定，推荐按这条标准流程走：

1. 只改 `app/Support/AdminAuthorizationRegistry.php`：
   - 新接口资源加到 `resources()`
   - 如需新的 legacy 权限分组，再补 `permissionDefinitions()` / 导航分组
2. 执行同步命令，把注册表写回数据库：

```bash
php artisan lottery:admin-auth-sync --audit
```

3. 确认体检通过后再提交代码

除非是历史数据修复或首发引导场景，后续不要再为单个后台接口单独写 `admin_api_resources` 补丁 migration，优先走“注册表 + 同步命令”这条主路径。

或通过 Composer 脚本执行：

```bash
composer test:admin-auth
```

如果后续接 GitHub Actions、GitLab CI 或其他流水线，直接复用 `composer test:admin-auth` 即可。

## Contributing

Thank you for considering contributing to the Laravel framework! The contribution guide can be found in the [Laravel documentation](https://laravel.com/docs/contributions).

## Code of Conduct

In order to ensure that the Laravel community is welcoming to all, please review and abide by the [Code of Conduct](https://laravel.com/docs/contributions#code-of-conduct).

## Security Vulnerabilities

If you discover a security vulnerability within Laravel, please send an e-mail to Taylor Otwell via [taylor@laravel.com](mailto:taylor@laravel.com). All security vulnerabilities will be promptly addressed.

## License

The Laravel framework is open-sourced software licensed under the [MIT license](https://opensource.org/licenses/MIT).