From 43ede6c523da5bef2f5116e371df8e4e9cc52679 Mon Sep 17 00:00:00 2001
From: Andras Bacsai <5845193+andrasbacsai@users.noreply.github.com>
Date: Fri, 12 Dec 2025 21:33:54 +0100
Subject: [PATCH] Fix upgrade-status auth to use web session instead of sanctum
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The endpoint is called from browser with session cookies, not API tokens.
Use 'web' and 'auth' middleware for proper session-based authentication.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 routes/api.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/routes/api.php b/routes/api.php
index 3453bdd09..4aae44930 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -26,12 +26,12 @@
 });
 
 Route::group([
-    'middleware' => ['auth:sanctum'],
+    'middleware' => ['web', 'auth'],
 ], function () {
     Route::get('/upgrade-status', [OtherController::class, 'upgradeStatus']);
 });
 Route::group([
-    'middleware' => ['auth:sanctum'],
+    'middleware' => ['web', 'auth'],
     'prefix' => 'v1',
 ], function () {
     Route::get('/upgrade-status', [OtherController::class, 'upgradeStatus']);