From 59b839111f5cd3ec954572e7545ea467295dd40b Mon Sep 17 00:00:00 2001
From: "allen.yan" <hungyi0816@gmail.com>
Date: Mon, 1 Sep 2025 17:35:41 +0800
Subject: [PATCH] =?UTF-8?q?202509011734=20=E5=8A=A0=E5=85=A5=20API=20Token?=
 =?UTF-8?q?=20=E9=A9=97=E8=AD=89?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 routes/api.php | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/routes/api.php b/routes/api.php
index 9ed2e6f..e7ef43a 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -8,12 +8,34 @@ use App\Http\Controllers\Api\SyncController;
 use App\Http\Controllers\Api\RoomControlController;
 use App\Http\Controllers\Api\RoomSongController;
 use App\Http\Controllers\Api\SongSearchController;
+use Illuminate\Http\Request;
+use Laravel\Sanctum\PersonalAccessToken;
 
 Route::get('/artists/search', [ArtistController::class, 'search'])->name('api.artists.search');
 
 Route::post('/login', [AuthController::class, 'login']);
 Route::post('/room/receiveRegister', [RoomControlController::class, 'receiveRegister']);
 
+Route::post('/token/validate', function (Request $request) {
+    $token = $request->bearerToken();
+
+    if (!$token) {
+        return response()->json(['valid' => false, 'message' => 'Token missing'], 401);
+    }
+
+    $accessToken = PersonalAccessToken::findToken($token);
+
+    if (!$accessToken) {
+        return response()->json(['valid' => false, 'message' => 'Invalid token'], 401);
+    }
+
+    return response()->json([
+        'valid' => true,
+        'user_id' => $accessToken->tokenable_id,
+        'abilities' => $accessToken->abilities,
+    ]);
+});
+
 Route::middleware('auth:sanctum')->group(function () {
     Route::get ('/profile', [AuthController::class, 'profile']);
     Route::get ('/branches',[BranchControlController::class, 'Branches']);