feat: expose CRUD, onboarding, pubsub via web

lib/localiser/web/router.ex

@@ -0,0 +1,87 @@
+defmodule Localiser.Web.Router do
+  use Phoenix.Router, helpers: false
+
+  alias Localiser.Web.Plugs.{AuthRequired, AdminRequired, BootstrapGuard}
+
+  pipeline :api do
+    plug :accepts, ["json"]
+  end
+
+  pipeline :authenticated do
+    plug :accepts, ["json"]
+    plug AuthRequired
+  end
+
+  pipeline :admin do
+    plug :accepts, ["json"]
+    plug AuthRequired
+    plug AdminRequired
+  end
+
+  pipeline :bootstrap do
+    plug :accepts, ["json"]
+    plug BootstrapGuard
+  end
+
+  # OpenAPI spec (unauthenticated)
+  scope "/api" do
+    pipe_through :api
+    get "/openapi", OpenApiSpex.Plug.RenderSpec, []
+  end
+
+  # First-boot setup - forbidden once any user exists
+  scope "/api", Localiser.Web.Controllers do
+    pipe_through :bootstrap
+    post "/setup", SetupController, :create
+  end
+
+  # Auth - public
+  scope "/api", Localiser.Web.Controllers do
+    pipe_through :api
+    post "/session", SessionController, :create
+    delete "/session", SessionController, :delete
+  end
+
+  # Onboarding status - public
+  scope "/api", Localiser.Web.Controllers do
+    pipe_through :api
+    get "/onboarding", OnboardingController, :status
+  end
+
+  # User self-service (show own profile)
+  scope "/api", Localiser.Web.Controllers do
+    pipe_through :authenticated
+    get "/users/me", UserController, :me
+  end
+
+  # User admin CRUD
+  scope "/api", Localiser.Web.Controllers do
+    pipe_through :admin
+    get    "/users",          UserController, :index
+    get    "/users/:id",      UserController, :show
+    post   "/users",          UserController, :create
+    put    "/users/:id",      UserController, :update
+    delete "/users/:id",      UserController, :delete
+    put    "/users/:id/admin", UserController, :promote
+  end
+
+  # Floors / Rooms / Tags - auth required
+  scope "/api", Localiser.Web.Controllers do
+    pipe_through :authenticated
+
+    resources "/floors", FloorController, except: [:new, :edit]
+    resources "/floors/:floor_id/rooms", RoomController, except: [:new, :edit]
+    resources "/tags", TagController, except: [:new, :edit]
+
+    # Sensors
+    get    "/sensors",                         SensorController, :index
+    get    "/sensors/unplaced",                SensorController, :unplaced
+    get    "/sensors/:id",                     SensorController, :show
+    put    "/sensors/:id",                     SensorController, :update
+    delete "/sensors/:id",                     SensorController, :delete
+    put    "/sensors/:id/place",               SensorController, :place
+    delete "/sensors/:id/place",               SensorController, :unplace
+    post   "/sensors/:id/calibration/start",   SensorController, :calibration_start
+    post   "/sensors/:id/calibration/stop",    SensorController, :calibration_stop
+  end
+end