Auth: convert auth views and verification email to Nova layout

routes/api.php

@@ -38,12 +38,16 @@ Route::prefix('v1')->name('api.v1.')->group(function () {
         ->name('feed');
 });
 
-Route::middleware(['web', 'auth'])->prefix('artworks')->name('api.artworks.')->group(function () {
+Route::middleware(['web', 'normalize.username', 'throttle:30,1'])
+    ->get('username/availability', \App\Http\Controllers\Api\UsernameAvailabilityController::class)
+    ->name('api.username.availability');
+
+Route::middleware(['web', 'auth', 'normalize.username'])->prefix('artworks')->name('api.artworks.')->group(function () {
     Route::post('/', [\App\Http\Controllers\Api\ArtworkController::class, 'store'])
         ->name('store');
 });
 
-Route::middleware(['web', 'auth'])->prefix('uploads')->name('api.uploads.')->group(function () {
+Route::middleware(['web', 'auth', 'normalize.username'])->prefix('uploads')->name('api.uploads.')->group(function () {
     Route::post('init', [\App\Http\Controllers\Api\UploadController::class, 'init'])
         ->middleware('throttle:uploads-init')
         ->name('init');
@@ -102,6 +106,19 @@ Route::middleware(['web', 'auth', 'admin.moderation'])->prefix('admin/reports')-
         ->name('feed-performance');
 });
 
+Route::middleware(['web', 'auth', 'admin.moderation'])->prefix('admin/usernames')->name('api.admin.usernames.')->group(function () {
+    Route::get('pending', [\App\Http\Controllers\Api\Admin\UsernameApprovalController::class, 'pending'])
+        ->name('pending');
+
+    Route::post('{id}/approve', [\App\Http\Controllers\Api\Admin\UsernameApprovalController::class, 'approve'])
+        ->whereNumber('id')
+        ->name('approve');
+
+    Route::post('{id}/reject', [\App\Http\Controllers\Api\Admin\UsernameApprovalController::class, 'reject'])
+        ->whereNumber('id')
+        ->name('reject');
+});
+
 Route::post('analytics/similar-artworks', [\App\Http\Controllers\Api\SimilarArtworkAnalyticsController::class, 'store'])
     ->middleware('throttle:uploads-status')
     ->name('api.analytics.similar-artworks.store');
@@ -110,19 +127,19 @@ Route::middleware(['web', 'auth'])->post('analytics/feed', [\App\Http\Controller
     ->middleware('throttle:uploads-status')
     ->name('api.analytics.feed.store');
 
-Route::middleware(['web', 'auth'])->prefix('discovery')->name('api.discovery.')->group(function () {
+Route::middleware(['web', 'auth', 'normalize.username'])->prefix('discovery')->name('api.discovery.')->group(function () {
     Route::post('events', [\App\Http\Controllers\Api\DiscoveryEventController::class, 'store'])
         ->middleware('throttle:uploads-status')
         ->name('events.store');
 });
 
 // Tag system (auth-protected; 404-only ownership checks handled in requests/controllers)
-Route::middleware(['web', 'auth'])->prefix('tags')->name('api.tags.')->group(function () {
+Route::middleware(['web', 'auth', 'normalize.username'])->prefix('tags')->name('api.tags.')->group(function () {
     Route::get('search', [\App\Http\Controllers\Api\TagController::class, 'search'])->name('search');
     Route::get('popular', [\App\Http\Controllers\Api\TagController::class, 'popular'])->name('popular');
 });
 
-Route::middleware(['web', 'auth'])->prefix('artworks')->name('api.artworks.tags.')->group(function () {
+Route::middleware(['web', 'auth', 'normalize.username'])->prefix('artworks')->name('api.artworks.tags.')->group(function () {
     Route::get('{id}/tags', [\App\Http\Controllers\Api\ArtworkTagController::class, 'index'])->whereNumber('id')->name('index');
     Route::post('{id}/tags', [\App\Http\Controllers\Api\ArtworkTagController::class, 'store'])->whereNumber('id')->name('store');
     Route::put('{id}/tags', [\App\Http\Controllers\Api\ArtworkTagController::class, 'update'])->whereNumber('id')->name('update');