FlightsAPI/app/Http/Controllers/FollowerController.php

<?php

namespace App\Http\Controllers;

use App\Models\Followee;
use App\Models\Notification;
use App\Models\User;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;

class FollowerController extends Controller
{
    public function index(): JsonResponse
    {
        $followers = Followee::with('user')
            ->where('followee_id', auth()->id())
            ->orderBy('verified') // unverified first
            ->get()
            ->map(fn (Followee $f) => [
                'user'     => $f->user,
                'verified' => $f->verified,
            ]);

        return response()->json($followers);
    }

    public function approve(User $follower): JsonResponse
    {
        $followee = Followee::where('user_id', $follower->id)
            ->where('followee_id', auth()->id())
            ->pending()
            ->firstOrFail();

        $followee->update(['verified' => true]);

        Notification::create([
            'user_id'        => $follower->id,
            'title'          => 'Follow request accepted',
            'body'           => auth()->user()->name . ' accepted your follow request.',
            'is_achievement' => false,
            'url'            => '/u/' . auth()->user()->name,
        ]);

        return response()->json(['status' => 'approved']);
    }

    public function deny(User $follower): JsonResponse
    {
        Followee::where('user_id', $follower->id)
            ->where('followee_id', auth()->id())
            ->pending()
            ->delete();

        return response()->json(['status' => 'denied']);
    }

    public function remove(User $follower): JsonResponse
    {
        Followee::where('user_id', $follower->id)
            ->where('followee_id', auth()->id())
            ->verified()
            ->delete();

        return response()->json(['status' => 'removed']);
    }
}