Deploy EventFlow to HF Spaces with Docker

.editorconfig

@@ -0,0 +1,18 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 4
+indent_style = space
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.md]
+trim_trailing_whitespace = false
+
+[*.{yml,yaml}]
+indent_size = 2
+
+[compose.yaml]
+indent_size = 4

.env.example

@@ -0,0 +1,65 @@
+APP_NAME=Laravel
+APP_ENV=local
+APP_KEY=
+APP_DEBUG=true
+APP_URL=http://localhost
+
+APP_LOCALE=en
+APP_FALLBACK_LOCALE=en
+APP_FAKER_LOCALE=en_US
+
+APP_MAINTENANCE_DRIVER=file
+# APP_MAINTENANCE_STORE=database
+
+# PHP_CLI_SERVER_WORKERS=4
+
+BCRYPT_ROUNDS=12
+
+LOG_CHANNEL=stack
+LOG_STACK=single
+LOG_DEPRECATIONS_CHANNEL=null
+LOG_LEVEL=debug
+
+DB_CONNECTION=sqlite
+# DB_HOST=127.0.0.1
+# DB_PORT=3306
+# DB_DATABASE=laravel
+# DB_USERNAME=root
+# DB_PASSWORD=
+
+SESSION_DRIVER=database
+SESSION_LIFETIME=120
+SESSION_ENCRYPT=false
+SESSION_PATH=/
+SESSION_DOMAIN=null
+
+BROADCAST_CONNECTION=log
+FILESYSTEM_DISK=local
+QUEUE_CONNECTION=database
+
+CACHE_STORE=database
+# CACHE_PREFIX=
+
+MEMCACHED_HOST=127.0.0.1
+
+REDIS_CLIENT=phpredis
+REDIS_HOST=127.0.0.1
+REDIS_PASSWORD=null
+REDIS_PORT=6379
+
+MAIL_MAILER=log
+MAIL_SCHEME=null
+MAIL_HOST=127.0.0.1
+MAIL_PORT=2525
+MAIL_USERNAME=null
+MAIL_PASSWORD=null
+MAIL_FROM_ADDRESS="hello@example.com"
+MAIL_FROM_NAME="${APP_NAME}"
+
+AWS_ACCESS_KEY_ID=
+AWS_SECRET_ACCESS_KEY=
+AWS_DEFAULT_REGION=us-east-1
+AWS_BUCKET=
+AWS_USE_PATH_STYLE_ENDPOINT=false
+
+VITE_APP_NAME="${APP_NAME}"

.gitattributes

@@ -1,35 +1,11 @@
-*.7z filter=lfs diff=lfs merge=lfs -text
-*.arrow filter=lfs diff=lfs merge=lfs -text
-*.bin filter=lfs diff=lfs merge=lfs -text
-*.bz2 filter=lfs diff=lfs merge=lfs -text
-*.ckpt filter=lfs diff=lfs merge=lfs -text
-*.ftz filter=lfs diff=lfs merge=lfs -text
-*.gz filter=lfs diff=lfs merge=lfs -text
-*.h5 filter=lfs diff=lfs merge=lfs -text
-*.joblib filter=lfs diff=lfs merge=lfs -text
-*.lfs.* filter=lfs diff=lfs merge=lfs -text
-*.mlmodel filter=lfs diff=lfs merge=lfs -text
-*.model filter=lfs diff=lfs merge=lfs -text
-*.msgpack filter=lfs diff=lfs merge=lfs -text
-*.npy filter=lfs diff=lfs merge=lfs -text
-*.npz filter=lfs diff=lfs merge=lfs -text
-*.onnx filter=lfs diff=lfs merge=lfs -text
-*.ot filter=lfs diff=lfs merge=lfs -text
-*.parquet filter=lfs diff=lfs merge=lfs -text
-*.pb filter=lfs diff=lfs merge=lfs -text
-*.pickle filter=lfs diff=lfs merge=lfs -text
-*.pkl filter=lfs diff=lfs merge=lfs -text
-*.pt filter=lfs diff=lfs merge=lfs -text
-*.pth filter=lfs diff=lfs merge=lfs -text
-*.rar filter=lfs diff=lfs merge=lfs -text
-*.safetensors filter=lfs diff=lfs merge=lfs -text
-saved_model/**/* filter=lfs diff=lfs merge=lfs -text
-*.tar.* filter=lfs diff=lfs merge=lfs -text
-*.tar filter=lfs diff=lfs merge=lfs -text
-*.tflite filter=lfs diff=lfs merge=lfs -text
-*.tgz filter=lfs diff=lfs merge=lfs -text
-*.wasm filter=lfs diff=lfs merge=lfs -text
-*.xz filter=lfs diff=lfs merge=lfs -text
-*.zip filter=lfs diff=lfs merge=lfs -text
-*.zst filter=lfs diff=lfs merge=lfs -text
-*tfevents* filter=lfs diff=lfs merge=lfs -text
+* text=auto eol=lf
+
+*.blade.php diff=html
+*.css diff=css
+*.html diff=html
+*.md diff=markdown
+*.php diff=php
+
+/.github export-ignore
+CHANGELOG.md export-ignore
+.styleci.yml export-ignore

.github/workflows/deploy.yml

@@ -0,0 +1,51 @@
+name: Build & Push Docker Image to GHCR
+
+on:
+  push:
+    branches: [main]
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels)
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=sha,prefix=,format=short
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./docker/Dockerfile.sumopod
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.gitignore

@@ -0,0 +1,24 @@
+*.log
+.DS_Store
+.env
+.env.backup
+.env.production
+.phpactor.json
+.phpunit.result.cache
+/.fleet
+/.idea
+/.nova
+/.phpunit.cache
+/.vscode
+/.zed
+/auth.json
+/node_modules
+/public/build
+/public/hot
+/public/storage
+/storage/*.key
+/storage/pail
+/vendor
+Homestead.json
+Homestead.yaml
+Thumbs.db

Dockerfile

@@ -0,0 +1,56 @@
+FROM php:8.4-apache
+
+# Enable Apache modules and ensure correct MPM for mod_php
+RUN a2dismod mpm_event mpm_worker || true \
+    && a2enmod mpm_prefork rewrite headers
+
+# Install system dependencies + PHP extensions (PostgreSQL)
+RUN apt-get update && apt-get install -y \
+    git curl libpng-dev libonig-dev libxml2-dev libpq-dev libzip-dev \
+    libfreetype6-dev libjpeg-dev libicu-dev zip unzip \
+    && docker-php-ext-configure gd --with-freetype --with-jpeg \
+    && docker-php-ext-install pdo pdo_pgsql pgsql mbstring exif pcntl bcmath gd zip intl \
+    && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+# PHP production settings
+RUN cp /usr/local/etc/php/php.ini-production /usr/local/etc/php/php.ini \
+    && sed -i 's/memory_limit = .*/memory_limit = 256M/' /usr/local/etc/php/php.ini \
+    && sed -i 's/upload_max_filesize = .*/upload_max_filesize = 10M/' /usr/local/etc/php/php.ini \
+    && sed -i 's/post_max_size = .*/post_max_size = 12M/' /usr/local/etc/php/php.ini \
+    && sed -i 's/max_execution_time = .*/max_execution_time = 60/' /usr/local/etc/php/php.ini
+
+# Install Composer
+COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
+
+# Set Apache document root to Laravel's public directory
+RUN sed -ri -e 's!/var/www/html!/var/www/public!g' /etc/apache2/sites-available/*.conf \
+    && sed -ri -e 's!/var/www/!/var/www/public/!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf
+
+# Allow .htaccess overrides (required for Laravel routing)
+RUN sed -i '/<Directory \/var\/www\/public\/>/,/<\/Directory>/ s/AllowOverride None/AllowOverride All/' /etc/apache2/apache2.conf \
+    || echo "<Directory /var/www/public/>\n    AllowOverride All\n    Require all granted\n</Directory>" >> /etc/apache2/apache2.conf
+
+WORKDIR /var/www
+
+# Install PHP dependencies (production only)
+COPY composer.json composer.lock* ./
+RUN composer install --no-dev --no-scripts --no-autoloader --prefer-dist
+
+# Copy application
+COPY . /var/www
+
+# Dump optimized autoloader
+RUN composer dump-autoload --optimize
+
+# HF Spaces runs as non-root (uid 1000), so open permissions
+RUN mkdir -p storage/logs storage/framework/cache storage/framework/sessions storage/framework/views bootstrap/cache storage/app/public \
+    && chmod -R 777 storage bootstrap/cache \
+    && chmod -R 755 public
+
+# Make start script executable
+RUN chmod +x /var/www/docker/start-hfspace.sh
+
+# HF Spaces expects port 7860
+EXPOSE 7860
+
+CMD ["bash", "/var/www/docker/start-hfspace.sh"]

README.md

@@ -1,10 +1,59 @@
----
-title: Eventflow
-emoji: 🔥
-colorFrom: indigo
-colorTo: red
-sdk: docker
-pinned: false
----
-
-Check out the configuration reference at https://huggingface.co/docs/hub/spaces-config-reference
+<p align="center"><a href="https://laravel.com" target="_blank"><img src="https://raw.githubusercontent.com/laravel/art/master/logo-lockup/5%20SVG/2%20CMYK/1%20Full%20Color/laravel-logolockup-cmyk-red.svg" width="400" alt="Laravel Logo"></a></p>
+
+<p align="center">
+<a href="https://github.com/laravel/framework/actions"><img src="https://github.com/laravel/framework/workflows/tests/badge.svg" alt="Build Status"></a>
+<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/dt/laravel/framework" alt="Total Downloads"></a>
+<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/v/laravel/framework" alt="Latest Stable Version"></a>
+<a href="https://packagist.org/packages/laravel/framework"><img src="https://img.shields.io/packagist/l/laravel/framework" alt="License"></a>
+</p>
+
+## About Laravel
+
+Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experience to be truly fulfilling. Laravel takes the pain out of development by easing common tasks used in many web projects, such as:
+
+- [Simple, fast routing engine](https://laravel.com/docs/routing).
+- [Powerful dependency injection container](https://laravel.com/docs/container).
+- Multiple back-ends for [session](https://laravel.com/docs/session) and [cache](https://laravel.com/docs/cache) storage.
+- Expressive, intuitive [database ORM](https://laravel.com/docs/eloquent).
+- Database agnostic [schema migrations](https://laravel.com/docs/migrations).
+- [Robust background job processing](https://laravel.com/docs/queues).
+- [Real-time event broadcasting](https://laravel.com/docs/broadcasting).
+
+Laravel is accessible, powerful, and provides tools required for large, robust applications.
+
+## Learning Laravel
+
+Laravel has the most extensive and thorough [documentation](https://laravel.com/docs) and video tutorial library of all modern web application frameworks, making it a breeze to get started with the framework. You can also check out [Laravel Learn](https://laravel.com/learn), where you will be guided through building a modern Laravel application.
+
+If you don't feel like reading, [Laracasts](https://laracasts.com) can help. Laracasts contains thousands of video tutorials on a range of topics including Laravel, modern PHP, unit testing, and JavaScript. Boost your skills by digging into our comprehensive video library.
+
+## Laravel Sponsors
+
+We would like to extend our thanks to the following sponsors for funding Laravel development. If you are interested in becoming a sponsor, please visit the [Laravel Partners program](https://partners.laravel.com).
+
+### Premium Partners
+
+- **[Vehikl](https://vehikl.com)**
+- **[Tighten Co.](https://tighten.co)**
+- **[Kirschbaum Development Group](https://kirschbaumdevelopment.com)**
+- **[64 Robots](https://64robots.com)**
+- **[Curotec](https://www.curotec.com/services/technologies/laravel)**
+- **[DevSquad](https://devsquad.com/hire-laravel-developers)**
+- **[Redberry](https://redberry.international/laravel-development)**
+- **[Active Logic](https://activelogic.com)**
+
+## Contributing
+
+Thank you for considering contributing to the Laravel framework! The contribution guide can be found in the [Laravel documentation](https://laravel.com/docs/contributions).
+
+## Code of Conduct
+
+In order to ensure that the Laravel community is welcoming to all, please review and abide by the [Code of Conduct](https://laravel.com/docs/contributions#code-of-conduct).
+
+## Security Vulnerabilities
+
+If you discover a security vulnerability within Laravel, please send an e-mail to Taylor Otwell via [taylor@laravel.com](mailto:taylor@laravel.com). All security vulnerabilities will be promptly addressed.
+
+## License
+
+The Laravel framework is open-sourced software licensed under the [MIT license](https://opensource.org/licenses/MIT).

app/Console/Commands/ExpirePendingOrders.php

@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Order;
+use App\Services\OrderService;
+use Illuminate\Console\Command;
+
+class ExpirePendingOrders extends Command
+{
+    protected $signature = 'orders:expire-pending';
+    protected $description = 'Expire pending orders that have passed their expiry time and restore stock';
+
+    public function handle(OrderService $orderService): int
+    {
+        $orders = Order::where('status', 'pending')
+            ->where('expires_at', '<', now())
+            ->get();
+
+        $count = 0;
+        foreach ($orders as $order) {
+            $orderService->expireOrder($order);
+            $count++;
+        }
+
+        $this->info("Expired {$count} pending orders.");
+        return Command::SUCCESS;
+    }
+}

app/Http/Controllers/Admin/CategoryController.php

@@ -0,0 +1,39 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use App\Models\Category;
+use Illuminate\Http\Request;
+
+class CategoryController extends Controller
+{
+    public function index()
+    {
+        $categories = Category::withCount('events')->orderBy('name')->paginate(20);
+        return view('admin.categories.index', compact('categories'));
+    }
+
+    public function store(Request $request)
+    {
+        $request->validate(['name' => 'required|string|max:100|unique:categories,name']);
+        Category::create(['name' => $request->name]);
+        return back()->with('success', 'Kategori berhasil ditambahkan.');
+    }
+
+    public function update(Request $request, Category $category)
+    {
+        $request->validate(['name' => 'required|string|max:100|unique:categories,name,' . $category->id]);
+        $category->update(['name' => $request->name]);
+        return back()->with('success', 'Kategori berhasil diperbarui.');
+    }
+
+    public function destroy(Category $category)
+    {
+        if ($category->events()->exists()) {
+            return back()->with('error', 'Kategori tidak bisa dihapus karena masih digunakan oleh event.');
+        }
+        $category->delete();
+        return back()->with('success', 'Kategori berhasil dihapus.');
+    }
+}

app/Http/Controllers/Admin/DashboardController.php

@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use App\Models\Event;
+use App\Models\Order;
+use App\Models\User;
+
+class DashboardController extends Controller
+{
+    public function index()
+    {
+        $totalRevenue  = Order::where('status', 'paid')->sum('total');
+        $totalOrders   = Order::where('status', 'paid')->count();
+        $totalEvents   = Event::count();
+        $totalUsers    = User::count();
+        $pendingOrders = Order::where('status', 'pending')->count();
+
+        $recentOrders = Order::with('user', 'event')
+            ->latest()
+            ->take(10)
+            ->get();
+
+        return view('admin.dashboard', compact(
+            'totalRevenue', 'totalOrders', 'totalEvents', 'totalUsers', 'pendingOrders', 'recentOrders'
+        ));
+    }
+}

app/Http/Controllers/Admin/EventController.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use App\Models\Event;
+use Illuminate\Http\Request;
+
+class EventController extends Controller
+{
+    public function index(Request $request)
+    {
+        $query = Event::with('organizer', 'category');
+
+        if ($request->filled('status')) {
+            $query->where('status', $request->status);
+        }
+
+        $events = $query->latest()->paginate(15);
+
+        return view('admin.events.index', compact('events'));
+    }
+
+    public function updateStatus(Request $request, Event $event)
+    {
+        $request->validate(['status' => 'required|in:draft,published,ended,cancelled']);
+        $event->update(['status' => $request->status]);
+
+        return back()->with('success', "Status event diupdate ke \"{$request->status}\".");
+    }
+}

app/Http/Controllers/Admin/ReportController.php

@@ -0,0 +1,41 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use App\Models\Event;
+use App\Models\Order;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+
+class ReportController extends Controller
+{
+    public function index()
+    {
+        // Monthly revenue (last 6 months)
+        $monthlyRevenue = Order::where('status', 'paid')
+            ->where('paid_at', '>=', now()->subMonths(6))
+            ->select(
+                DB::raw("DATE_FORMAT(paid_at, '%Y-%m') as month"),
+                DB::raw('SUM(total) as revenue'),
+                DB::raw('COUNT(*) as order_count')
+            )
+            ->groupBy('month')
+            ->orderBy('month')
+            ->get();
+
+        // Top events by revenue
+        $topEvents = Event::withSum(['orders as revenue' => fn($q) => $q->where('status', 'paid')], 'total')
+            ->withCount(['orders as paid_orders' => fn($q) => $q->where('status', 'paid')])
+            ->orderByDesc('revenue')
+            ->take(10)
+            ->get();
+
+        // Order status breakdown
+        $statusBreakdown = Order::select('status', DB::raw('COUNT(*) as count'))
+            ->groupBy('status')
+            ->pluck('count', 'status');
+
+        return view('admin.reports', compact('monthlyRevenue', 'topEvents', 'statusBreakdown'));
+    }
+}

app/Http/Controllers/Admin/UserController.php

@@ -0,0 +1,42 @@
+<?php
+
+namespace App\Http\Controllers\Admin;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use Illuminate\Http\Request;
+
+class UserController extends Controller
+{
+    public function index(Request $request)
+    {
+        $query = User::query();
+
+        if ($request->filled('role')) {
+            $query->where('role', $request->role);
+        }
+        if ($request->filled('q')) {
+            $s = $request->q;
+            $query->where(fn($q) => $q->where('name', 'like', "%{$s}%")->orWhere('email', 'like', "%{$s}%"));
+        }
+
+        $users = $query->latest()->paginate(20);
+        return view('admin.users.index', compact('users'));
+    }
+
+    public function update(Request $request, User $user)
+    {
+        $request->validate(['role' => 'required|in:admin,organizer,customer']);
+        $user->update(['role' => $request->role]);
+        return back()->with('success', "Role user \"{$user->name}\" berhasil diupdate ke {$request->role}.");
+    }
+
+    public function destroy(User $user)
+    {
+        if ($user->id === auth()->id()) {
+            return back()->with('error', 'Tidak bisa menghapus akun sendiri.');
+        }
+        $user->delete();
+        return back()->with('success', 'User berhasil dihapus.');
+    }
+}

app/Http/Controllers/Auth/AuthenticatedSessionController.php

@@ -0,0 +1,47 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Http\Requests\Auth\LoginRequest;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\View\View;
+
+class AuthenticatedSessionController extends Controller
+{
+    /**
+     * Display the login view.
+     */
+    public function create(): View
+    {
+        return view('auth.login');
+    }
+
+    /**
+     * Handle an incoming authentication request.
+     */
+    public function store(LoginRequest $request): RedirectResponse
+    {
+        $request->authenticate();
+
+        $request->session()->regenerate();
+
+        return redirect()->intended(route('dashboard', absolute: false));
+    }
+
+    /**
+     * Destroy an authenticated session.
+     */
+    public function destroy(Request $request): RedirectResponse
+    {
+        Auth::guard('web')->logout();
+
+        $request->session()->invalidate();
+
+        $request->session()->regenerateToken();
+
+        return redirect('/');
+    }
+}

app/Http/Controllers/Auth/ConfirmablePasswordController.php

@@ -0,0 +1,40 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Validation\ValidationException;
+use Illuminate\View\View;
+
+class ConfirmablePasswordController extends Controller
+{
+    /**
+     * Show the confirm password view.
+     */
+    public function show(): View
+    {
+        return view('auth.confirm-password');
+    }
+
+    /**
+     * Confirm the user's password.
+     */
+    public function store(Request $request): RedirectResponse
+    {
+        if (! Auth::guard('web')->validate([
+            'email' => $request->user()->email,
+            'password' => $request->password,
+        ])) {
+            throw ValidationException::withMessages([
+                'password' => __('auth.password'),
+            ]);
+        }
+
+        $request->session()->put('auth.password_confirmed_at', time());
+
+        return redirect()->intended(route('dashboard', absolute: false));
+    }
+}

app/Http/Controllers/Auth/EmailVerificationNotificationController.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+
+class EmailVerificationNotificationController extends Controller
+{
+    /**
+     * Send a new email verification notification.
+     */
+    public function store(Request $request): RedirectResponse
+    {
+        if ($request->user()->hasVerifiedEmail()) {
+            return redirect()->intended(route('dashboard', absolute: false));
+        }
+
+        $request->user()->sendEmailVerificationNotification();
+
+        return back()->with('status', 'verification-link-sent');
+    }
+}

app/Http/Controllers/Auth/EmailVerificationPromptController.php

@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\View\View;
+
+class EmailVerificationPromptController extends Controller
+{
+    /**
+     * Display the email verification prompt.
+     */
+    public function __invoke(Request $request): RedirectResponse|View
+    {
+        return $request->user()->hasVerifiedEmail()
+                    ? redirect()->intended(route('dashboard', absolute: false))
+                    : view('auth.verify-email');
+    }
+}

app/Http/Controllers/Auth/NewPasswordController.php

@@ -0,0 +1,62 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use Illuminate\Auth\Events\PasswordReset;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Support\Facades\Password;
+use Illuminate\Support\Str;
+use Illuminate\Validation\Rules;
+use Illuminate\View\View;
+
+class NewPasswordController extends Controller
+{
+    /**
+     * Display the password reset view.
+     */
+    public function create(Request $request): View
+    {
+        return view('auth.reset-password', ['request' => $request]);
+    }
+
+    /**
+     * Handle an incoming new password request.
+     *
+     * @throws \Illuminate\Validation\ValidationException
+     */
+    public function store(Request $request): RedirectResponse
+    {
+        $request->validate([
+            'token' => ['required'],
+            'email' => ['required', 'email'],
+            'password' => ['required', 'confirmed', Rules\Password::defaults()],
+        ]);
+
+        // Here we will attempt to reset the user's password. If it is successful we
+        // will update the password on an actual user model and persist it to the
+        // database. Otherwise we will parse the error and return the response.
+        $status = Password::reset(
+            $request->only('email', 'password', 'password_confirmation', 'token'),
+            function (User $user) use ($request) {
+                $user->forceFill([
+                    'password' => Hash::make($request->password),
+                    'remember_token' => Str::random(60),
+                ])->save();
+
+                event(new PasswordReset($user));
+            }
+        );
+
+        // If the password was successfully reset, we will redirect the user back to
+        // the application's home authenticated view. If there is an error we can
+        // redirect them back to where they came from with their error message.
+        return $status == Password::PASSWORD_RESET
+                    ? redirect()->route('login')->with('status', __($status))
+                    : back()->withInput($request->only('email'))
+                        ->withErrors(['email' => __($status)]);
+    }
+}

app/Http/Controllers/Auth/PasswordController.php

@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Validation\Rules\Password;
+
+class PasswordController extends Controller
+{
+    /**
+     * Update the user's password.
+     */
+    public function update(Request $request): RedirectResponse
+    {
+        $validated = $request->validateWithBag('updatePassword', [
+            'current_password' => ['required', 'current_password'],
+            'password' => ['required', Password::defaults(), 'confirmed'],
+        ]);
+
+        $request->user()->update([
+            'password' => Hash::make($validated['password']),
+        ]);
+
+        return back()->with('status', 'password-updated');
+    }
+}

app/Http/Controllers/Auth/PasswordResetLinkController.php

@@ -0,0 +1,44 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Password;
+use Illuminate\View\View;
+
+class PasswordResetLinkController extends Controller
+{
+    /**
+     * Display the password reset link request view.
+     */
+    public function create(): View
+    {
+        return view('auth.forgot-password');
+    }
+
+    /**
+     * Handle an incoming password reset link request.
+     *
+     * @throws \Illuminate\Validation\ValidationException
+     */
+    public function store(Request $request): RedirectResponse
+    {
+        $request->validate([
+            'email' => ['required', 'email'],
+        ]);
+
+        // We will send the password reset link to this user. Once we have attempted
+        // to send the link, we will examine the response then see the message we
+        // need to show to the user. Finally, we'll send out a proper response.
+        $status = Password::sendResetLink(
+            $request->only('email')
+        );
+
+        return $status == Password::RESET_LINK_SENT
+                    ? back()->with('status', __($status))
+                    : back()->withInput($request->only('email'))
+                        ->withErrors(['email' => __($status)]);
+    }
+}

app/Http/Controllers/Auth/RegisteredUserController.php

@@ -0,0 +1,50 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+use Illuminate\Auth\Events\Registered;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Hash;
+use Illuminate\Validation\Rules;
+use Illuminate\View\View;
+
+class RegisteredUserController extends Controller
+{
+    /**
+     * Display the registration view.
+     */
+    public function create(): View
+    {
+        return view('auth.register');
+    }
+
+    /**
+     * Handle an incoming registration request.
+     *
+     * @throws \Illuminate\Validation\ValidationException
+     */
+    public function store(Request $request): RedirectResponse
+    {
+        $request->validate([
+            'name' => ['required', 'string', 'max:255'],
+            'email' => ['required', 'string', 'lowercase', 'email', 'max:255', 'unique:'.User::class],
+            'password' => ['required', 'confirmed', Rules\Password::defaults()],
+        ]);
+
+        $user = User::create([
+            'name' => $request->name,
+            'email' => $request->email,
+            'password' => Hash::make($request->password),
+        ]);
+
+        event(new Registered($user));
+
+        Auth::login($user);
+
+        return redirect(route('dashboard', absolute: false));
+    }
+}

app/Http/Controllers/Auth/VerifyEmailController.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Auth\Events\Verified;
+use Illuminate\Foundation\Auth\EmailVerificationRequest;
+use Illuminate\Http\RedirectResponse;
+
+class VerifyEmailController extends Controller
+{
+    /**
+     * Mark the authenticated user's email address as verified.
+     */
+    public function __invoke(EmailVerificationRequest $request): RedirectResponse
+    {
+        if ($request->user()->hasVerifiedEmail()) {
+            return redirect()->intended(route('dashboard', absolute: false).'?verified=1');
+        }
+
+        if ($request->user()->markEmailAsVerified()) {
+            event(new Verified($request->user()));
+        }
+
+        return redirect()->intended(route('dashboard', absolute: false).'?verified=1');
+    }
+}

app/Http/Controllers/CheckoutController.php

@@ -0,0 +1,83 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\Event;
+use App\Models\Order;
+use App\Services\OrderService;
+use App\Services\TicketService;
+use Illuminate\Http\Request;
+
+class CheckoutController extends Controller
+{
+    public function store(Request $request, Event $event, OrderService $orderService)
+    {
+        $request->validate([
+            'tiers'           => 'required|array|min:1',
+            'tiers.*.tier_id' => 'required|exists:ticket_tiers,id',
+            'tiers.*.qty'     => 'required|integer|min:1',
+            'promo_code'      => 'nullable|string|max:32',
+        ]);
+
+        // Filter out zero-qty tiers
+        $items = collect($request->tiers)->filter(fn($t) => ($t['qty'] ?? 0) > 0)->values()->toArray();
+
+        if (empty($items)) {
+            return back()->with('error', 'Pilih minimal 1 tiket.');
+        }
+
+        try {
+            $order = $orderService->createOrder(auth()->user(), $event, $items, $request->promo_code);
+            return redirect()->route('checkout.summary', $order);
+        } catch (\Exception $e) {
+            return back()->with('error', $e->getMessage());
+        }
+    }
+
+    public function summary(Order $order)
+    {
+        abort_unless($order->user_id === auth()->id(), 403);
+        $order->load('event', 'items.ticketTier', 'user');
+
+        // Check if already expired
+        if ($order->isExpirable()) {
+            app(OrderService::class)->expireOrder($order);
+            return redirect()->route('events.show', $order->event->slug)
+                ->with('error', 'Order sudah expired. Silakan order ulang.');
+        }
+
+        return view('checkout.summary', compact('order'));
+    }
+
+    public function pay(Order $order, TicketService $ticketService)
+    {
+        abort_unless($order->user_id === auth()->id(), 403);
+
+        if (!$order->isPending()) {
+            return redirect()->route('orders.show', $order)
+                ->with('error', 'Order tidak dalam status pending.');
+        }
+
+        // Check expiry
+        if ($order->isExpirable()) {
+            app(OrderService::class)->expireOrder($order);
+            return redirect()->route('events.show', $order->event->slug)
+                ->with('error', 'Order sudah expired. Silakan order ulang.');
+        }
+
+        try {
+            $ticketService->processPayment($order, 'mock_gateway');
+            return redirect()->route('checkout.success', $order);
+        } catch (\Exception $e) {
+            return back()->with('error', $e->getMessage());
+        }
+    }
+
+    public function success(Order $order)
+    {
+        abort_unless($order->user_id === auth()->id(), 403);
+        $order->load('event', 'items.ticketTier', 'attendees');
+
+        return view('checkout.success', compact('order'));
+    }
+}

app/Http/Controllers/Controller.php

@@ -0,0 +1,8 @@
+<?php
+
+namespace App\Http\Controllers;
+
+abstract class Controller
+{
+    //
+}

app/Http/Controllers/DashboardController.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\Order;
+use Illuminate\Http\Request;
+
+class DashboardController extends Controller
+{
+    public function index()
+    {
+        $user = auth()->user();
+
+        $activeTickets = $user->orders()
+            ->where('status', 'paid')
+            ->withCount('attendees')
+            ->get()
+            ->sum('attendees_count');
+
+        $totalOrders = $user->orders()->count();
+
+        $recentOrders = $user->orders()
+            ->with('event')
+            ->latest()
+            ->take(5)
+            ->get();
+
+        return view('dashboard', compact('activeTickets', 'totalOrders', 'recentOrders'));
+    }
+}

app/Http/Controllers/EventController.php

@@ -0,0 +1,74 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\Category;
+use App\Models\Event;
+use Illuminate\Http\Request;
+
+class EventController extends Controller
+{
+    public function index(Request $request)
+    {
+        $query = Event::with('category', 'ticketTiers', 'organizer')->published();
+
+        // Search
+        if ($request->filled('q')) {
+            $s = $request->q;
+            $query->where(function ($q) use ($s) {
+                $q->where('title', 'like', "%{$s}%")
+                  ->orWhere('city', 'like', "%{$s}%")
+                  ->orWhere('venue_name', 'like', "%{$s}%")
+                  ->orWhere('description', 'like', "%{$s}%");
+            });
+        }
+
+        // Filter: category
+        if ($request->filled('category')) {
+            $query->where('category_id', $request->category);
+        }
+
+        // Filter: city
+        if ($request->filled('city')) {
+            $query->where('city', $request->city);
+        }
+
+        // Filter: date
+        if ($request->filled('date_from')) {
+            $query->where('start_at', '>=', $request->date_from);
+        }
+        if ($request->filled('date_to')) {
+            $query->where('start_at', '<=', $request->date_to . ' 23:59:59');
+        }
+
+        // Filter: free only
+        if ($request->boolean('free')) {
+            $query->whereHas('ticketTiers', fn($q) => $q->where('price', 0));
+        }
+
+        // Sort
+        $sort = $request->input('sort', 'date');
+        $query = match ($sort) {
+            'popular' => $query->withCount(['orders' => fn($q) => $q->where('status', 'paid')])->orderByDesc('orders_count'),
+            'price'   => $query->orderByRaw('(SELECT MIN(price) FROM ticket_tiers WHERE event_id = events.id)'),
+            default   => $query->orderBy('start_at'),
+        };
+
+        $events = $query->paginate(12)->withQueryString();
+
+        $categories = Category::orderBy('name')->get();
+        $cities = Event::published()->whereNotNull('city')->distinct()->pluck('city');
+
+        return view('events.index', compact('events', 'categories', 'cities'));
+    }
+
+    public function show(string $slug)
+    {
+        $event = Event::where('slug', $slug)
+            ->published()
+            ->with(['category', 'organizer', 'ticketTiers'])
+            ->firstOrFail();
+
+        return view('events.show', compact('event'));
+    }
+}

app/Http/Controllers/HomeController.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\Category;
+use App\Models\Event;
+
+class HomeController extends Controller
+{
+    public function index()
+    {
+        $featuredEvents = Event::with('category', 'ticketTiers', 'organizer')
+            ->published()
+            ->where('start_at', '>=', now())
+            ->orderBy('start_at')
+            ->take(6)
+            ->get();
+
+        $categories = Category::withCount(['events' => fn($q) => $q->published()])
+            ->having('events_count', '>', 0)
+            ->orderBy('name')
+            ->get();
+
+        $totalEvents = Event::published()->count();
+
+        return view('welcome', compact('featuredEvents', 'categories', 'totalEvents'));
+    }
+}

app/Http/Controllers/MyTicketsController.php

@@ -0,0 +1,42 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\Attendee;
+use App\Models\Order;
+use Illuminate\Http\Request;
+
+class MyTicketsController extends Controller
+{
+    public function index()
+    {
+        $attendees = Attendee::whereHas('orderItem.order', function ($q) {
+            $q->where('user_id', auth()->id())->where('status', 'paid');
+        })
+        ->with('orderItem.ticketTier', 'orderItem.order.event')
+        ->latest()
+        ->paginate(12);
+
+        return view('tickets.index', compact('attendees'));
+    }
+
+    public function show(Attendee $attendee)
+    {
+        abort_unless($attendee->orderItem->order->user_id === auth()->id(), 403);
+        $attendee->load('orderItem.ticketTier', 'orderItem.order.event');
+
+        return view('tickets.show', compact('attendee'));
+    }
+
+    public function downloadPdf(Attendee $attendee)
+    {
+        abort_unless($attendee->orderItem->order->user_id === auth()->id(), 403);
+        $attendee->load('orderItem.ticketTier', 'orderItem.order.event');
+
+        $pdf = app('dompdf.wrapper')
+            ->loadView('tickets.pdf', compact('attendee'))
+            ->setPaper('a5', 'landscape');
+
+        return $pdf->download('ticket-' . $attendee->ticket_code . '.pdf');
+    }
+}

app/Http/Controllers/OrdersController.php

@@ -0,0 +1,73 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\Order;
+use App\Services\OrderService;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\StreamedResponse;
+
+class OrdersController extends Controller
+{
+    public function index(Request $request)
+    {
+        $query = Order::where('user_id', auth()->id())->with('event');
+
+        if ($request->filled('status')) {
+            $query->where('status', $request->status);
+        }
+
+        $orders = $query->latest()->paginate(10);
+
+        return view('orders.index', compact('orders'));
+    }
+
+    public function show(Order $order)
+    {
+        abort_unless($order->user_id === auth()->id(), 403);
+        $order->load('event', 'items.ticketTier', 'attendees');
+
+        return view('orders.show', compact('order'));
+    }
+
+    public function cancel(Order $order, OrderService $orderService)
+    {
+        abort_unless($order->user_id === auth()->id(), 403);
+
+        if (!$order->isPaid()) {
+            return back()->with('error', 'Hanya order yang sudah dibayar yang bisa dibatalkan.');
+        }
+
+        $success = $orderService->cancelOrder($order);
+
+        if (!$success) {
+            return back()->with('error', 'Tidak bisa membatalkan order. Batas waktu refund sudah lewat (minimal 24 jam sebelum event).');
+        }
+
+        return back()->with('success', 'Order berhasil dibatalkan dan akan direfund.');
+    }
+
+    public function exportCsv(): StreamedResponse
+    {
+        $orders = Order::where('user_id', auth()->id())
+            ->with('event')
+            ->latest()
+            ->get();
+
+        return response()->streamDownload(function () use ($orders) {
+            $handle = fopen('php://output', 'w');
+            fputcsv($handle, ['Order Code', 'Event', 'Total', 'Status', 'Tanggal']);
+
+            foreach ($orders as $order) {
+                fputcsv($handle, [
+                    $order->order_code,
+                    $order->event->title,
+                    'Rp ' . number_format($order->total, 0, ',', '.'),
+                    $order->status,
+                    $order->created_at->format('d/m/Y H:i'),
+                ]);
+            }
+            fclose($handle);
+        }, 'orders-' . now()->format('Ymd') . '.csv', ['Content-Type' => 'text/csv']);
+    }
+}

app/Http/Controllers/Organizer/DashboardController.php

@@ -0,0 +1,34 @@
+<?php
+
+namespace App\Http\Controllers\Organizer;
+
+use App\Http\Controllers\Controller;
+use App\Models\Event;
+use App\Models\Order;
+use Illuminate\Http\Request;
+
+class DashboardController extends Controller
+{
+    public function index()
+    {
+        $user = auth()->user();
+        $events = $user->events()->withCount('orders')->get();
+
+        $totalRevenue   = Order::whereIn('event_id', $events->pluck('id'))
+            ->where('status', 'paid')->sum('total');
+        $totalOrders    = Order::whereIn('event_id', $events->pluck('id'))
+            ->where('status', 'paid')->count();
+        $totalSold      = $events->sum(fn ($e) => $e->ticketTiers->sum('sold_count'));
+        $activeEvents   = $events->where('status', 'published')->count();
+
+        $recentOrders = Order::whereIn('event_id', $events->pluck('id'))
+            ->with('user', 'event')
+            ->latest()
+            ->take(10)
+            ->get();
+
+        return view('organizer.dashboard', compact(
+            'events', 'totalRevenue', 'totalOrders', 'totalSold', 'activeEvents', 'recentOrders'
+        ));
+    }
+}

app/Http/Controllers/Organizer/EventController.php

@@ -0,0 +1,123 @@
+<?php
+
+namespace App\Http\Controllers\Organizer;
+
+use App\Http\Controllers\Controller;
+use App\Models\Category;
+use App\Models\Event;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Storage;
+
+class EventController extends Controller
+{
+    public function index()
+    {
+        $events = auth()->user()->events()
+            ->with('category', 'ticketTiers')
+            ->latest()
+            ->paginate(10);
+
+        return view('organizer.events.index', compact('events'));
+    }
+
+    public function create()
+    {
+        $categories = Category::orderBy('name')->get();
+        return view('organizer.events.create', compact('categories'));
+    }
+
+    public function store(Request $request)
+    {
+        $validated = $request->validate([
+            'title'          => 'required|string|max:255',
+            'category_id'    => 'required|exists:categories,id',
+            'description'    => 'required|string',
+            'venue_name'     => 'nullable|string|max:255',
+            'venue_address'  => 'nullable|string|max:500',
+            'city'           => 'nullable|string|max:100',
+            'is_online'      => 'boolean',
+            'start_at'       => 'required|date|after:now',
+            'end_at'         => 'required|date|after:start_at',
+            'status'         => 'required|in:draft,published',
+            'banner'         => 'nullable|image|max:2048',
+            'terms'          => 'nullable|string',
+            'refund_policy'  => 'nullable|string',
+        ]);
+
+        if ($request->hasFile('banner')) {
+            $validated['banner'] = $request->file('banner')->store('banners', 'public');
+        }
+
+        $validated['organizer_id'] = auth()->id();
+        $validated['is_online'] = $request->boolean('is_online');
+
+        $event = Event::create($validated);
+
+        return redirect()->route('organizer.events.edit', $event)
+            ->with('success', 'Event berhasil dibuat! Sekarang tambahkan tiket tier.');
+    }
+
+    public function edit(Event $event)
+    {
+        $this->authorizeOrganizer($event);
+        $categories = Category::orderBy('name')->get();
+        $event->load('ticketTiers');
+
+        return view('organizer.events.edit', compact('event', 'categories'));
+    }
+
+    public function update(Request $request, Event $event)
+    {
+        $this->authorizeOrganizer($event);
+
+        $validated = $request->validate([
+            'title'          => 'required|string|max:255',
+            'category_id'    => 'required|exists:categories,id',
+            'description'    => 'required|string',
+            'venue_name'     => 'nullable|string|max:255',
+            'venue_address'  => 'nullable|string|max:500',
+            'city'           => 'nullable|string|max:100',
+            'is_online'      => 'boolean',
+            'start_at'       => 'required|date',
+            'end_at'         => 'required|date|after:start_at',
+            'status'         => 'required|in:draft,published,ended,cancelled',
+            'banner'         => 'nullable|image|max:2048',
+            'terms'          => 'nullable|string',
+            'refund_policy'  => 'nullable|string',
+        ]);
+
+        if ($request->hasFile('banner')) {
+            if ($event->banner) Storage::disk('public')->delete($event->banner);
+            $validated['banner'] = $request->file('banner')->store('banners', 'public');
+        }
+
+        $validated['is_online'] = $request->boolean('is_online');
+
+        $event->update($validated);
+
+        return redirect()->route('organizer.events.index')
+            ->with('success', 'Event berhasil diperbarui!');
+    }
+
+    public function destroy(Event $event)
+    {
+        $this->authorizeOrganizer($event);
+
+        if ($event->orders()->where('status', 'paid')->exists()) {
+            return back()->with('error', 'Event tidak bisa dihapus karena sudah memiliki order yang dibayar.');
+        }
+
+        if ($event->banner) Storage::disk('public')->delete($event->banner);
+        $event->delete();
+
+        return redirect()->route('organizer.events.index')
+            ->with('success', 'Event berhasil dihapus.');
+    }
+
+    private function authorizeOrganizer(Event $event): void
+    {
+        if ($event->organizer_id !== auth()->id() && !auth()->user()->isAdmin()) {
+            abort(403, 'Anda tidak memiliki akses ke event ini.');
+        }
+    }
+}

app/Http/Controllers/Organizer/OrderController.php

@@ -0,0 +1,71 @@
+<?php
+
+namespace App\Http\Controllers\Organizer;
+
+use App\Http\Controllers\Controller;
+use App\Models\Attendee;
+use App\Models\Event;
+use App\Models\Order;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\StreamedResponse;
+
+class OrderController extends Controller
+{
+    public function index(Event $event)
+    {
+        $this->authorizeOrganizer($event);
+
+        $orders = Order::where('event_id', $event->id)
+            ->with('user', 'items.ticketTier')
+            ->latest()
+            ->paginate(20);
+
+        return view('organizer.orders.index', compact('event', 'orders'));
+    }
+
+    public function show(Event $event, Order $order)
+    {
+        $this->authorizeOrganizer($event);
+        abort_unless($order->event_id === $event->id, 404);
+
+        $order->load('user', 'items.ticketTier', 'attendees');
+
+        return view('organizer.orders.show', compact('event', 'order'));
+    }
+
+    public function exportCsv(Event $event): StreamedResponse
+    {
+        $this->authorizeOrganizer($event);
+
+        $attendees = Attendee::whereHas('orderItem.order', function ($q) use ($event) {
+            $q->where('event_id', $event->id)->where('status', 'paid');
+        })->with('orderItem.ticketTier', 'orderItem.order')->get();
+
+        $filename = 'attendees-' . $event->slug . '-' . now()->format('Ymd') . '.csv';
+
+        return response()->streamDownload(function () use ($attendees) {
+            $handle = fopen('php://output', 'w');
+            fputcsv($handle, ['No', 'Nama', 'Email', 'Telepon', 'Ticket Tier', 'Ticket Code', 'Checked In']);
+
+            foreach ($attendees as $i => $att) {
+                fputcsv($handle, [
+                    $i + 1,
+                    $att->full_name,
+                    $att->email,
+                    $att->phone ?? '-',
+                    $att->orderItem->ticketTier->name,
+                    $att->ticket_code,
+                    $att->checkin_at ? $att->checkin_at->format('d/m/Y H:i') : 'Belum',
+                ]);
+            }
+            fclose($handle);
+        }, $filename, ['Content-Type' => 'text/csv']);
+    }
+
+    private function authorizeOrganizer(Event $event): void
+    {
+        if ($event->organizer_id !== auth()->id() && !auth()->user()->isAdmin()) {
+            abort(403);
+        }
+    }
+}

app/Http/Controllers/Organizer/ScannerController.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace App\Http\Controllers\Organizer;
+
+use App\Http\Controllers\Controller;
+use App\Services\TicketService;
+use Illuminate\Http\Request;
+
+class ScannerController extends Controller
+{
+    public function index()
+    {
+        return view('organizer.scanner');
+    }
+
+    public function checkIn(Request $request, TicketService $ticketService)
+    {
+        $request->validate(['ticket_code' => 'required|string|max:16']);
+
+        $result = $ticketService->checkIn($request->ticket_code);
+
+        if ($request->wantsJson()) {
+            return response()->json($result, $result['success'] ? 200 : 422);
+        }
+
+        return back()->with(
+            $result['success'] ? 'scan_success' : 'scan_error',
+            $result['message']
+        )->with('scan_attendee', $result['attendee']);
+    }
+}

app/Http/Controllers/Organizer/TicketTierController.php

@@ -0,0 +1,74 @@
+<?php
+
+namespace App\Http\Controllers\Organizer;
+
+use App\Http\Controllers\Controller;
+use App\Models\Event;
+use App\Models\TicketTier;
+use Illuminate\Http\Request;
+
+class TicketTierController extends Controller
+{
+    public function store(Request $request, Event $event)
+    {
+        $this->authorizeOrganizer($event);
+
+        $validated = $request->validate([
+            'name'           => 'required|string|max:255',
+            'price'          => 'required|numeric|min:0',
+            'quota'          => 'required|integer|min:1',
+            'max_per_order'  => 'required|integer|min:1|max:50',
+            'is_refundable'  => 'boolean',
+            'sales_start'    => 'nullable|date',
+            'sales_end'      => 'nullable|date|after:sales_start',
+        ]);
+
+        $validated['is_refundable'] = $request->boolean('is_refundable');
+        $validated['event_id'] = $event->id;
+
+        TicketTier::create($validated);
+
+        return back()->with('success', 'Ticket tier berhasil ditambahkan!');
+    }
+
+    public function update(Request $request, Event $event, TicketTier $tier)
+    {
+        $this->authorizeOrganizer($event);
+        abort_unless($tier->event_id === $event->id, 404);
+
+        $validated = $request->validate([
+            'name'           => 'required|string|max:255',
+            'price'          => 'required|numeric|min:0',
+            'quota'          => 'required|integer|min:' . $tier->sold_count,
+            'max_per_order'  => 'required|integer|min:1|max:50',
+            'is_refundable'  => 'boolean',
+            'sales_start'    => 'nullable|date',
+            'sales_end'      => 'nullable|date|after:sales_start',
+        ]);
+
+        $validated['is_refundable'] = $request->boolean('is_refundable');
+        $tier->update($validated);
+
+        return back()->with('success', 'Ticket tier berhasil diperbarui!');
+    }
+
+    public function destroy(Event $event, TicketTier $tier)
+    {
+        $this->authorizeOrganizer($event);
+        abort_unless($tier->event_id === $event->id, 404);
+
+        if ($tier->sold_count > 0) {
+            return back()->with('error', 'Tidak bisa menghapus tier yang sudah terjual.');
+        }
+
+        $tier->delete();
+        return back()->with('success', 'Ticket tier berhasil dihapus.');
+    }
+
+    private function authorizeOrganizer(Event $event): void
+    {
+        if ($event->organizer_id !== auth()->id() && !auth()->user()->isAdmin()) {
+            abort(403);
+        }
+    }
+}

app/Http/Controllers/ProfileController.php

@@ -0,0 +1,60 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Http\Requests\ProfileUpdateRequest;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Redirect;
+use Illuminate\View\View;
+
+class ProfileController extends Controller
+{
+    /**
+     * Display the user's profile form.
+     */
+    public function edit(Request $request): View
+    {
+        return view('profile.edit', [
+            'user' => $request->user(),
+        ]);
+    }
+
+    /**
+     * Update the user's profile information.
+     */
+    public function update(ProfileUpdateRequest $request): RedirectResponse
+    {
+        $request->user()->fill($request->validated());
+
+        if ($request->user()->isDirty('email')) {
+            $request->user()->email_verified_at = null;
+        }
+
+        $request->user()->save();
+
+        return Redirect::route('profile.edit')->with('status', 'profile-updated');
+    }
+
+    /**
+     * Delete the user's account.
+     */
+    public function destroy(Request $request): RedirectResponse
+    {
+        $request->validateWithBag('userDeletion', [
+            'password' => ['required', 'current_password'],
+        ]);
+
+        $user = $request->user();
+
+        Auth::logout();
+
+        $user->delete();
+
+        $request->session()->invalidate();
+        $request->session()->regenerateToken();
+
+        return Redirect::to('/');
+    }
+}

app/Http/Middleware/RoleMiddleware.php

@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class RoleMiddleware
+{
+    public function handle(Request $request, Closure $next, string ...$roles): Response
+    {
+        if (!auth()->check()) {
+            return redirect()->route('login');
+        }
+
+        if (!in_array(auth()->user()->role, $roles)) {
+            abort(403, 'Anda tidak memiliki akses ke halaman ini.');
+        }
+
+        return $next($request);
+    }
+}

app/Http/Requests/Auth/LoginRequest.php

@@ -0,0 +1,85 @@
+<?php
+
+namespace App\Http\Requests\Auth;
+
+use Illuminate\Auth\Events\Lockout;
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\RateLimiter;
+use Illuminate\Support\Str;
+use Illuminate\Validation\ValidationException;
+
+class LoginRequest extends FormRequest
+{
+    /**
+     * Determine if the user is authorized to make this request.
+     */
+    public function authorize(): bool
+    {
+        return true;
+    }
+
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        return [
+            'email' => ['required', 'string', 'email'],
+            'password' => ['required', 'string'],
+        ];
+    }
+
+    /**
+     * Attempt to authenticate the request's credentials.
+     *
+     * @throws \Illuminate\Validation\ValidationException
+     */
+    public function authenticate(): void
+    {
+        $this->ensureIsNotRateLimited();
+
+        if (! Auth::attempt($this->only('email', 'password'), $this->boolean('remember'))) {
+            RateLimiter::hit($this->throttleKey());
+
+            throw ValidationException::withMessages([
+                'email' => trans('auth.failed'),
+            ]);
+        }
+
+        RateLimiter::clear($this->throttleKey());
+    }
+
+    /**
+     * Ensure the login request is not rate limited.
+     *
+     * @throws \Illuminate\Validation\ValidationException
+     */
+    public function ensureIsNotRateLimited(): void
+    {
+        if (! RateLimiter::tooManyAttempts($this->throttleKey(), 5)) {
+            return;
+        }
+
+        event(new Lockout($this));
+
+        $seconds = RateLimiter::availableIn($this->throttleKey());
+
+        throw ValidationException::withMessages([
+            'email' => trans('auth.throttle', [
+                'seconds' => $seconds,
+                'minutes' => ceil($seconds / 60),
+            ]),
+        ]);
+    }
+
+    /**
+     * Get the rate limiting throttle key for the request.
+     */
+    public function throttleKey(): string
+    {
+        return Str::transliterate(Str::lower($this->string('email')).'|'.$this->ip());
+    }
+}

app/Http/Requests/ProfileUpdateRequest.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Http\Requests;
+
+use App\Models\User;
+use Illuminate\Foundation\Http\FormRequest;
+use Illuminate\Validation\Rule;
+
+class ProfileUpdateRequest extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array<string, \Illuminate\Contracts\Validation\ValidationRule|array<mixed>|string>
+     */
+    public function rules(): array
+    {
+        return [
+            'name' => ['required', 'string', 'max:255'],
+            'email' => [
+                'required',
+                'string',
+                'lowercase',
+                'email',
+                'max:255',
+                Rule::unique(User::class)->ignore($this->user()->id),
+            ],
+        ];
+    }
+}

app/Models/Attendee.php

@@ -0,0 +1,57 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Str;
+
+class Attendee extends Model
+{
+    protected $fillable = ['order_item_id', 'full_name', 'email', 'phone', 'ticket_code', 'checkin_at'];
+
+    protected function casts(): array
+    {
+        return [
+            'checkin_at' => 'datetime',
+        ];
+    }
+
+    protected static function booted(): void
+    {
+        static::creating(function (Attendee $attendee) {
+            if (empty($attendee->ticket_code)) {
+                do {
+                    $code = 'TKT-' . strtoupper(Str::random(8));
+                } while (static::where('ticket_code', $code)->exists());
+                $attendee->ticket_code = $code;
+            }
+        });
+    }
+
+    // ── Relationships ────────────────────────────────────
+
+    public function orderItem()
+    {
+        return $this->belongsTo(OrderItem::class);
+    }
+
+    public function order()
+    {
+        return $this->hasOneThrough(Order::class, OrderItem::class, 'id', 'id', 'order_item_id', 'order_id');
+    }
+
+    // ── Helpers ──────────────────────────────────────────
+
+    public function isCheckedIn(): bool
+    {
+        return $this->checkin_at !== null;
+    }
+
+    public function checkIn(): bool
+    {
+        if ($this->isCheckedIn()) return false;
+
+        $this->update(['checkin_at' => now()]);
+        return true;
+    }
+}

app/Models/Category.php

@@ -0,0 +1,27 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Str;
+
+class Category extends Model
+{
+    protected $fillable = ['name', 'slug'];
+
+    protected static function booted(): void
+    {
+        static::creating(function (Category $cat) {
+            if (empty($cat->slug)) {
+                $cat->slug = Str::slug($cat->name);
+            }
+        });
+    }
+
+    // ── Relationships ────────────────────────────────────
+
+    public function events()
+    {
+        return $this->hasMany(Event::class);
+    }
+}

app/Models/Event.php

@@ -0,0 +1,100 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Str;
+
+class Event extends Model
+{
+    protected $fillable = [
+        'organizer_id', 'category_id', 'title', 'slug', 'description', 'banner',
+        'venue_name', 'venue_address', 'city', 'is_online',
+        'start_at', 'end_at', 'status', 'terms', 'refund_policy',
+    ];
+
+    protected function casts(): array
+    {
+        return [
+            'start_at'  => 'datetime',
+            'end_at'    => 'datetime',
+            'is_online' => 'boolean',
+        ];
+    }
+
+    protected static function booted(): void
+    {
+        static::creating(function (Event $event) {
+            if (empty($event->slug)) {
+                $base = Str::slug($event->title);
+                $slug = $base;
+                $i = 1;
+                while (static::where('slug', $slug)->exists()) {
+                    $slug = $base . '-' . $i++;
+                }
+                $event->slug = $slug;
+            }
+        });
+    }
+
+    // ── Relationships ────────────────────────────────────
+
+    public function organizer()
+    {
+        return $this->belongsTo(User::class, 'organizer_id');
+    }
+
+    public function category()
+    {
+        return $this->belongsTo(Category::class);
+    }
+
+    public function ticketTiers()
+    {
+        return $this->hasMany(TicketTier::class);
+    }
+
+    public function orders()
+    {
+        return $this->hasMany(Order::class);
+    }
+
+    // ── Scopes ───────────────────────────────────────────
+
+    public function scopePublished($query)
+    {
+        return $query->where('status', 'published');
+    }
+
+    public function scopeUpcoming($query)
+    {
+        return $query->published()->where('start_at', '>=', now());
+    }
+
+    // ── Helpers ──────────────────────────────────────────
+
+    public function getMinPrice(): float
+    {
+        return $this->ticketTiers->min('price') ?? 0;
+    }
+
+    public function getTotalQuota(): int
+    {
+        return $this->ticketTiers->sum('quota');
+    }
+
+    public function getTotalSold(): int
+    {
+        return $this->ticketTiers->sum('sold_count');
+    }
+
+    public function getAvailableStock(): int
+    {
+        return $this->getTotalQuota() - $this->getTotalSold();
+    }
+
+    public function isPublished(): bool
+    {
+        return $this->status === 'published';
+    }
+}

app/Models/Order.php

@@ -0,0 +1,70 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Support\Str;
+
+class Order extends Model
+{
+    protected $fillable = [
+        'user_id', 'event_id', 'order_code', 'subtotal', 'fee', 'tax',
+        'discount', 'total', 'status', 'payment_method', 'paid_at', 'expires_at',
+    ];
+
+    protected function casts(): array
+    {
+        return [
+            'subtotal'   => 'decimal:2',
+            'fee'        => 'decimal:2',
+            'tax'        => 'decimal:2',
+            'discount'   => 'decimal:2',
+            'total'      => 'decimal:2',
+            'paid_at'    => 'datetime',
+            'expires_at' => 'datetime',
+        ];
+    }
+
+    protected static function booted(): void
+    {
+        static::creating(function (Order $order) {
+            if (empty($order->order_code)) {
+                $order->order_code = 'ORD-' . now()->format('Ymd') . '-' . strtoupper(Str::random(5));
+            }
+        });
+    }
+
+    // ── Relationships ────────────────────────────────────
+
+    public function user()
+    {
+        return $this->belongsTo(User::class);
+    }
+
+    public function event()
+    {
+        return $this->belongsTo(Event::class);
+    }
+
+    public function items()
+    {
+        return $this->hasMany(OrderItem::class);
+    }
+
+    public function attendees()
+    {
+        return $this->hasManyThrough(Attendee::class, OrderItem::class);
+    }
+
+    // ── Status Helpers ───────────────────────────────────
+
+    public function isPending(): bool   { return $this->status === 'pending'; }
+    public function isPaid(): bool      { return $this->status === 'paid'; }
+    public function isExpired(): bool   { return $this->status === 'expired'; }
+    public function isRefunded(): bool  { return $this->status === 'refunded'; }
+
+    public function isExpirable(): bool
+    {
+        return $this->isPending() && $this->expires_at && now()->gte($this->expires_at);
+    }
+}

app/Models/OrderItem.php

@@ -0,0 +1,35 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+
+class OrderItem extends Model
+{
+    protected $fillable = ['order_id', 'ticket_tier_id', 'qty', 'unit_price', 'total'];
+
+    protected function casts(): array
+    {
+        return [
+            'unit_price' => 'decimal:2',
+            'total'      => 'decimal:2',
+        ];
+    }
+
+    // ── Relationships ────────────────────────────────────
+
+    public function order()
+    {
+        return $this->belongsTo(Order::class);
+    }
+
+    public function ticketTier()
+    {
+        return $this->belongsTo(TicketTier::class);
+    }
+
+    public function attendees()
+    {
+        return $this->hasMany(Attendee::class);
+    }
+}

app/Models/PromoCode.php

@@ -0,0 +1,43 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+
+class PromoCode extends Model
+{
+    protected $fillable = ['code', 'type', 'value', 'start_at', 'end_at', 'usage_limit', 'used_count'];
+
+    protected function casts(): array
+    {
+        return [
+            'value'    => 'decimal:2',
+            'start_at' => 'datetime',
+            'end_at'   => 'datetime',
+        ];
+    }
+
+    // ── Helpers ──────────────────────────────────────────
+
+    public function isValid(): bool
+    {
+        $now = now();
+
+        if ($this->start_at && $now->lt($this->start_at)) return false;
+        if ($this->end_at && $now->gt($this->end_at)) return false;
+        if ($this->usage_limit !== null && $this->used_count >= $this->usage_limit) return false;
+
+        return true;
+    }
+
+    public function applyDiscount(float $subtotal): float
+    {
+        if (!$this->isValid()) return 0;
+
+        if ($this->type === 'percent') {
+            return round($subtotal * ($this->value / 100), 2);
+        }
+
+        return min($this->value, $subtotal);
+    }
+}

app/Models/TicketTier.php

@@ -0,0 +1,53 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Model;
+
+class TicketTier extends Model
+{
+    protected $fillable = [
+        'event_id', 'name', 'price', 'quota', 'sold_count',
+        'sales_start', 'sales_end', 'max_per_order', 'is_refundable',
+    ];
+
+    protected function casts(): array
+    {
+        return [
+            'price'         => 'decimal:2',
+            'sales_start'   => 'datetime',
+            'sales_end'     => 'datetime',
+            'is_refundable' => 'boolean',
+        ];
+    }
+
+    // ── Relationships ────────────────────────────────────
+
+    public function event()
+    {
+        return $this->belongsTo(Event::class);
+    }
+
+    public function orderItems()
+    {
+        return $this->hasMany(OrderItem::class);
+    }
+
+    // ── Helpers ──────────────────────────────────────────
+
+    public function availableStock(): int
+    {
+        return max(0, $this->quota - $this->sold_count);
+    }
+
+    public function isOnSale(): bool
+    {
+        $now = now();
+
+        if ($this->sales_start && $now->lt($this->sales_start)) return false;
+        if ($this->sales_end && $now->gt($this->sales_end)) return false;
+        if ($this->availableStock() <= 0) return false;
+
+        return true;
+    }
+}

app/Models/User.php

@@ -0,0 +1,47 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Foundation\Auth\User as Authenticatable;
+use Illuminate\Notifications\Notifiable;
+
+class User extends Authenticatable
+{
+    use HasFactory, Notifiable;
+
+    protected $fillable = ['name', 'email', 'password', 'role', 'phone'];
+
+    protected $hidden = ['password', 'remember_token'];
+
+    protected function casts(): array
+    {
+        return [
+            'email_verified_at' => 'datetime',
+            'password'          => 'hashed',
+        ];
+    }
+
+    // ── Role Helpers ─────────────────────────────────────
+
+    public function isAdmin(): bool     { return $this->role === 'admin'; }
+    public function isOrganizer(): bool  { return $this->role === 'organizer'; }
+    public function isCustomer(): bool   { return $this->role === 'customer'; }
+
+    public function hasAdminAccess(): bool
+    {
+        return in_array($this->role, ['admin', 'organizer']);
+    }
+
+    // ── Relationships ────────────────────────────────────
+
+    public function events()
+    {
+        return $this->hasMany(Event::class, 'organizer_id');
+    }
+
+    public function orders()
+    {
+        return $this->hasMany(Order::class);
+    }
+}

app/Providers/AppServiceProvider.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Providers;
+
+use Illuminate\Support\ServiceProvider;
+
+class AppServiceProvider extends ServiceProvider
+{
+    /**
+     * Register any application services.
+     */
+    public function register(): void
+    {
+        //
+    }
+
+    /**
+     * Bootstrap any application services.
+     */
+    public function boot(): void
+    {
+        //
+    }
+}

app/Services/OrderService.php

@@ -0,0 +1,154 @@
+<?php
+
+namespace App\Services;
+
+use App\Models\Event;
+use App\Models\Order;
+use App\Models\OrderItem;
+use App\Models\PromoCode;
+use App\Models\TicketTier;
+use App\Models\User;
+use Illuminate\Support\Facades\DB;
+
+class OrderService
+{
+    const FEE_RATE  = 0.03;  // 3% service fee
+    const TAX_RATE  = 0.11;  // 11% PPN
+    const EXPIRY_MINUTES = 15;
+
+    /**
+     * Create a pending order with race-condition-safe stock deduction.
+     *
+     * @param User   $user
+     * @param Event  $event
+     * @param array  $items  [['tier_id' => int, 'qty' => int], ...]
+     * @param string|null $promoCode
+     * @return Order
+     *
+     * @throws \Exception
+     */
+    public function createOrder(User $user, Event $event, array $items, ?string $promoCode = null): Order
+    {
+        return DB::transaction(function () use ($user, $event, $items, $promoCode) {
+
+            $subtotal = 0;
+            $orderItems = [];
+
+            foreach ($items as $item) {
+                // Lock the tier row to prevent oversell
+                $tier = TicketTier::where('id', $item['tier_id'])
+                    ->where('event_id', $event->id)
+                    ->lockForUpdate()
+                    ->firstOrFail();
+
+                if (!$tier->isOnSale()) {
+                    throw new \Exception("Tiket \"{$tier->name}\" tidak tersedia untuk dijual saat ini.");
+                }
+
+                $qty = (int) $item['qty'];
+
+                if ($qty > $tier->max_per_order) {
+                    throw new \Exception("Maksimal {$tier->max_per_order} tiket per order untuk \"{$tier->name}\".");
+                }
+
+                if ($tier->availableStock() < $qty) {
+                    throw new \Exception("Kuota tiket \"{$tier->name}\" tidak mencukupi. Sisa: {$tier->availableStock()}.");
+                }
+
+                // Deduct stock
+                $tier->increment('sold_count', $qty);
+
+                $lineTotal = $tier->price * $qty;
+                $subtotal += $lineTotal;
+
+                $orderItems[] = [
+                    'tier'       => $tier,
+                    'qty'        => $qty,
+                    'unit_price' => $tier->price,
+                    'total'      => $lineTotal,
+                ];
+            }
+
+            // Calculate fees
+            $fee  = round($subtotal * self::FEE_RATE, 2);
+            $tax  = round($subtotal * self::TAX_RATE, 2);
+            $discount = 0;
+
+            // Apply promo code
+            if ($promoCode) {
+                $promo = PromoCode::where('code', $promoCode)->first();
+                if ($promo && $promo->isValid()) {
+                    $discount = $promo->applyDiscount($subtotal);
+                    $promo->increment('used_count');
+                }
+            }
+
+            $total = max(0, $subtotal + $fee + $tax - $discount);
+
+            // Create order
+            $order = Order::create([
+                'user_id'    => $user->id,
+                'event_id'   => $event->id,
+                'subtotal'   => $subtotal,
+                'fee'        => $fee,
+                'tax'        => $tax,
+                'discount'   => $discount,
+                'total'      => $total,
+                'status'     => 'pending',
+                'expires_at' => now()->addMinutes(self::EXPIRY_MINUTES),
+            ]);
+
+            // Create order items
+            foreach ($orderItems as $oi) {
+                OrderItem::create([
+                    'order_id'       => $order->id,
+                    'ticket_tier_id' => $oi['tier']->id,
+                    'qty'            => $oi['qty'],
+                    'unit_price'     => $oi['unit_price'],
+                    'total'          => $oi['total'],
+                ]);
+            }
+
+            return $order->load('items.ticketTier', 'event');
+        });
+    }
+
+    /**
+     * Expire a pending order and restore stock.
+     */
+    public function expireOrder(Order $order): void
+    {
+        if (!$order->isPending()) return;
+
+        DB::transaction(function () use ($order) {
+            $order->update(['status' => 'expired']);
+
+            foreach ($order->items as $item) {
+                $item->ticketTier->decrement('sold_count', $item->qty);
+            }
+        });
+    }
+
+    /**
+     * Cancel/refund an order if the event's refund policy allows.
+     */
+    public function cancelOrder(Order $order): bool
+    {
+        if (!$order->isPaid()) return false;
+
+        // Check refund deadline: must be at least 24h before event start
+        $event = $order->event;
+        if ($event->start_at->subDay()->isPast()) return false;
+
+        DB::transaction(function () use ($order) {
+            $order->update(['status' => 'refunded']);
+
+            foreach ($order->items as $item) {
+                $item->ticketTier->decrement('sold_count', $item->qty);
+                $item->attendees()->delete();
+            }
+        });
+
+        return true;
+    }
+}

app/Services/TicketService.php

@@ -0,0 +1,77 @@
+<?php
+
+namespace App\Services;
+
+use App\Models\Attendee;
+use App\Models\Order;
+use Illuminate\Support\Facades\DB;
+
+class TicketService
+{
+    /**
+     * Process payment (mock) and generate attendees + ticket codes.
+     */
+    public function processPayment(Order $order, string $paymentMethod = 'mock_gateway'): Order
+    {
+        if (!$order->isPending()) {
+            throw new \Exception('Order tidak dalam status pending.');
+        }
+
+        return DB::transaction(function () use ($order, $paymentMethod) {
+            $order->update([
+                'status'         => 'paid',
+                'payment_method' => $paymentMethod,
+                'paid_at'        => now(),
+            ]);
+
+            // Generate attendees for each order item
+            foreach ($order->items as $item) {
+                for ($i = 0; $i < $item->qty; $i++) {
+                    Attendee::create([
+                        'order_item_id' => $item->id,
+                        'full_name'     => $order->user->name,
+                        'email'         => $order->user->email,
+                        'phone'         => $order->user->phone,
+                    ]);
+                }
+            }
+
+            return $order->fresh(['items.ticketTier', 'attendees', 'event', 'user']);
+        });
+    }
+
+    /**
+     * Check in an attendee by ticket code.
+     *
+     * @return array{success: bool, message: string, attendee: ?Attendee}
+     */
+    public function checkIn(string $ticketCode): array
+    {
+        $attendee = Attendee::where('ticket_code', $ticketCode)
+            ->with('orderItem.ticketTier', 'orderItem.order.event')
+            ->first();
+
+        if (!$attendee) {
+            return ['success' => false, 'message' => 'Kode tiket tidak ditemukan.', 'attendee' => null];
+        }
+
+        // Verify order is paid
+        $order = $attendee->orderItem->order;
+        if (!$order->isPaid()) {
+            return ['success' => false, 'message' => 'Order belum dibayar (status: ' . $order->status . ').', 'attendee' => $attendee];
+        }
+
+        // Check if already scanned
+        if ($attendee->isCheckedIn()) {
+            return [
+                'success'  => false,
+                'message'  => 'Tiket sudah di-check-in pada ' . $attendee->checkin_at->format('d M Y H:i') . '.',
+                'attendee' => $attendee,
+            ];
+        }
+
+        $attendee->checkIn();
+
+        return ['success' => true, 'message' => 'Check-in berhasil! ✅', 'attendee' => $attendee->fresh()];
+    }
+}

artisan

@@ -0,0 +1,18 @@
+#!/usr/bin/env php
+<?php
+
+use Illuminate\Foundation\Application;
+use Symfony\Component\Console\Input\ArgvInput;
+
+define('LARAVEL_START', microtime(true));
+
+// Register the Composer autoloader...
+require __DIR__.'/vendor/autoload.php';
+
+// Bootstrap Laravel and handle the command...
+/** @var Application $app */
+$app = require_once __DIR__.'/bootstrap/app.php';
+
+$status = $app->handleCommand(new ArgvInput);
+
+exit($status);