book

Laravel: Up & Running, 2nd Edition

Name: Laravel: Up & Running, 2nd Edition
Author: Matt Stauffer
ISBN: 9781492041214

by Matt Stauffer

April 2019

Intermediate to advanced

552 pages

12h 18m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Preface
What This Book Is AboutWho This Book Is ForHow This Book Is StructuredAbout the Second EditionConventions Used in This BookO’Reilly Online LearningHow to Contact UsAcknowledgments for the First EditionAcknowledgments for the Second Edition
1. Why Laravel?
Why Use a Framework?“I’ll Just Build It Myself”Consistency and FlexibilityA Short History of Web and PHP FrameworksRuby on RailsThe Influx of PHP FrameworksThe Good and the Bad of CodeIgniterLaravel 1, 2, and 3Laravel 4Laravel 5Laravel 6What’s So Special About Laravel?The Philosophy of LaravelHow Laravel Achieves Developer HappinessThe Laravel CommunityHow It WorksWhy Laravel?
2. Setting Up a Laravel Development Environment
System RequirementsComposerLocal Development EnvironmentsLaravel ValetLaravel HomesteadCreating a New Laravel ProjectInstalling Laravel with the Laravel Installer ToolInstalling Laravel with Composer’s create-project FeatureLambo: Super-Powered “Laravel New”Laravel’s Directory StructureThe FoldersThe Loose FilesConfigurationThe .env FileUp and RunningTestingTL;DR
3. Routing and Controllers
A Quick Introduction to MVC, the HTTP Verbs, and RESTWhat Is MVC?The HTTP VerbsWhat Is REST?Route DefinitionsRoute VerbsRoute HandlingRoute ParametersRoute NamesRoute GroupsMiddlewarePath PrefixesFallback RoutesSubdomain RoutingNamespace PrefixesName PrefixesSigned RoutesSigning a RouteModifying Routes to Allow Signed LinksViewsReturning Simple Routes Directly with Route::view()Using View Composers to Share Variables with Every ViewControllersGetting User InputInjecting Dependencies into ControllersResource ControllersAPI Resource ControllersSingle Action ControllersRoute Model BindingImplicit Route Model BindingCustom Route Model BindingRoute CachingForm Method SpoofingHTTP Verbs in LaravelHTTP Method Spoofing in HTML FormsCSRF ProtectionRedirectsredirect()->to()redirect()->route()redirect()->back()Other Redirect Methodsredirect()->with()Aborting the RequestCustom Responsesresponse()->make()response()->json() and ->jsonp()response()->download(), ->streamDownload(), and ->file()TestingTL;DR
4. Blade Templating
Echoing DataControl StructuresConditionalsLoopsTemplate InheritanceDefining Sections with @section/@show and @yieldIncluding View PartialsUsing StacksUsing Components and SlotsView Composers and Service InjectionBinding Data to Views Using View ComposersBlade Service InjectionCustom Blade DirectivesParameters in Custom Blade DirectivesExample: Using Custom Blade Directives for a Multitenant AppEasier Custom Directives for “if” StatementsTestingTL;DR
5. Databases and Eloquent
ConfigurationDatabase ConnectionsURL ConfigurationsOther Database Configuration OptionsMigrationsDefining MigrationsRunning MigrationsSeedingCreating a SeederModel FactoriesQuery BuilderBasic Usage of the DB FacadeRaw SQLChaining with the Query BuilderTransactionsIntroduction to EloquentCreating and Defining Eloquent ModelsRetrieving Data with EloquentInserts and Updates with EloquentDeleting with EloquentScopesCustomizing Field Interactions with Accessors, Mutators, and Attribute CastingEloquent CollectionsEloquent SerializationEloquent RelationshipsChild Records Updating Parent Record TimestampsEloquent EventsTestingTL;DR
6. Frontend Components
Laravel MixMix Folder StructureRunning MixWhat Does Mix Provide?Laravel UI: Frontend Presets and Auth ScaffoldingFrontend PresetsAuth ScaffoldingPaginationPaginating Database ResultsManually Creating PaginatorsMessage BagsNamed Error BagsString Helpers, Pluralization, and LocalizationThe String Helpers and PluralizationLocalizationTestingTesting Message and Error BagsTranslation and LocalizationTL;DR
7. Collecting and Handling User Data
Injecting a Request Object$request->all()$request->except() and $request->only()$request->has()$request->input()$request->method() and ->isMethod()Array InputJSON Input (and $request->json())Route DataFrom RequestFrom Route ParametersUploaded FilesValidationvalidate() on the Request ObjectManual ValidationCustom Rule ObjectsDisplaying Validation Error MessagesForm RequestsCreating a Form RequestUsing a Form RequestEloquent Model Mass Assignment{{ Versus {!!TestingTL;DR
8. Artisan and Tinker
An Introduction to ArtisanBasic Artisan CommandsOptionsThe Grouped CommandsWriting Custom Artisan CommandsA Sample CommandArguments and OptionsUsing InputPromptsOutputWriting Closure-Based CommandsCalling Artisan Commands in Normal CodeTinkerLaravel Dump ServerTestingTL;DR
9. User Authentication and Authorization
The User Model and MigrationUsing the auth() Global Helper and the Auth FacadeThe Auth ControllersRegisterControllerLoginControllerResetPasswordControllerForgotPasswordControllerVerificationControllerAuth::routes()The Auth Scaffold“Remember Me”Password ConfirmationManually Authenticating UsersManually Logging Out a UserInvalidating Sessions on Other DevicesAuth MiddlewareEmail VerificationBlade Authentication DirectivesGuardsChanging the Default GuardUsing Other Guards Without Changing the DefaultAdding a New GuardClosure Request GuardsCreating a Custom User ProviderCustom User Providers for Nonrelational DatabasesAuth EventsAuthorization (ACL) and RolesDefining Authorization RulesThe Gate Facade (and Injecting Gate)Resource GatesThe Authorize MiddlewareController AuthorizationChecking on the User InstanceBlade ChecksIntercepting ChecksPoliciesTestingTL;DR

10. Requests, Responses, and Middleware
Laravel’s Request LifecycleBootstrapping the ApplicationService ProvidersThe Request ObjectGetting a Request Object in LaravelGetting Basic Information About a RequestThe Response ObjectUsing and Creating Response Objects in ControllersSpecialized Response TypesLaravel and MiddlewareAn Introduction to MiddlewareCreating Custom MiddlewareBinding MiddlewarePassing Parameters to MiddlewareTrusted ProxiesTestingTL;DR
11. The Container
A Quick Introduction to Dependency InjectionDependency Injection and LaravelThe app() Global HelperHow the Container Is WiredBinding Classes to the ContainerBinding to a ClosureBinding to Singletons, Aliases, and InstancesBinding a Concrete Instance to an InterfaceContextual BindingConstructor Injection in Laravel Framework FilesMethod InjectionFacades and the ContainerHow Facades WorkReal-Time FacadesService ProvidersTestingTL;DR
12. Testing
Testing BasicsNaming TestsThe Testing EnvironmentThe Testing TraitsRefreshDatabaseWithoutMiddlewareDatabaseMigrationsDatabaseTransactionsSimple Unit TestsApplication Testing: How It WorksTestCaseHTTP TestsTesting Basic Pages with $this->get() and Other HTTP CallsTesting JSON APIs with $this->getJson() and Other JSON HTTP CallsAssertions Against $responseAuthenticating ResponsesA Few Other Customizations to Your HTTP TestsHandling Exceptions in Application TestsDebugging ResponsesDatabase TestsUsing Model Factories in TestsSeeding in TestsTesting Other Laravel SystemsEvent FakesBus and Queue FakesMail FakesNotification FakesStorage FakesMockingA Quick Introduction to MockingA Quick Introduction to MockeryFaking Other FacadesTesting Artisan CommandsAsserting Against Artisan Command SyntaxBrowser TestsChoosing a ToolTesting with DuskTL;DR
13. Writing APIs
The Basics of REST-Like JSON APIsController Organization and JSON ReturnsReading and Sending HeadersSending Response Headers in LaravelReading Request Headers in LaravelEloquent PaginationSorting and FilteringSorting Your API ResultsFiltering Your API ResultsTransforming ResultsWriting Your Own TransformerNesting and Relationships with Custom TransformersAPI ResourcesCreating a Resource ClassResource CollectionsNesting RelationshipsUsing Pagination with API ResourcesConditionally Applying AttributesMore Customizations for API ResourcesAPI Authentication with Laravel PassportA Brief Introduction to OAuth 2.0Installing PassportPassport’s APIPassport’s Available Grant TypesManaging Clients and Tokens with the Passport API and Vue ComponentsPassport ScopesDeploying PassportAPI Token AuthenticationCustomizing 404 ResponsesTriggering the Fallback RouteTestingTesting PassportTL;DR
14. Storage and Retrieval
Local and Cloud File ManagersConfiguring File AccessUsing the Storage FacadeAdding Additional Flysystem ProvidersBasic File Uploads and ManipulationSimple File DownloadsSessionsAccessing the SessionMethods Available on Session InstancesFlash Session StorageCacheAccessing the CacheMethods Available on Cache InstancesCookiesCookies in LaravelAccessing the Cookie ToolsLoggingWhen and Why to Use LogsWriting to the LogsLog ChannelsFull-Text Search with Laravel ScoutInstalling ScoutMarking Your Model for IndexingSearching Your IndexQueues and ScoutPerforming Operations Without IndexingConditionally Indexing ModelsManually Triggering Indexing via CodeManually Triggering Indexing via the CLITestingFile StorageSessionCacheCookiesLogScoutTL;DR
15. Mail and Notifications
Mail“Classic” MailBasic “Mailable” Mail UsageMail TemplatesMethods Available in build()Attachments and Inline ImagesMarkdown MailablesRendering Mailables to the BrowserQueuesLocal DevelopmentNotificationsDefining the via() Method for Your NotifiablesSending NotificationsQueueing NotificationsOut-of-the-Box Notification TypesTestingMailNotificationsTL;DR
16. Queues, Jobs, Events, Broadcasting, and the Scheduler
QueuesWhy Queues?Basic Queue ConfigurationQueued JobsRunning a Queue WorkerHandling ErrorsControlling the QueueQueues Supporting Other FunctionsLaravel HorizonEventsFiring an EventListening for an EventBroadcasting Events over WebSockets, and Laravel EchoConfiguration and SetupBroadcasting an EventReceiving the MessageAdvanced Broadcasting ToolsLaravel Echo (the JavaScript Side)SchedulerAvailable Task TypesAvailable Time FramesDefining Time Zones for Scheduled CommandsBlocking and OverlapHandling Task OutputTask HooksTestingTL;DR
17. Helpers and Collections
HelpersArraysStringsApplication PathsURLsMiscellaneousCollectionsThe BasicsA Few MethodsLazy CollectionsTL;DR
18. The Laravel Ecosystem
Tools Covered in This BookValetHomesteadThe Laravel InstallerMixDuskPassportHorizonEchoTools Not Covered in This BookForgeVaporEnvoyerCashierSocialiteNovaSparkLumenEnvoyTelescopeOther Resources
Glossary
Index

Content preview from Laravel: Up & Running, 2nd Edition

Chapter 9. User Authentication and Authorization

Setting up a basic user authentication system—including registration, login, sessions, password resets, and access permissions—can often be one of the more time-consuming pieces of creating the foundation of an application. It’s a prime candidate for extracting functionality out to a library, and there are quite a few such libraries.

But because of how much authentication needs vary across projects, most authentication systems grow bulky and unusable quickly. Thankfully, Laravel has found a way to make an authentication system that’s easy to use and understand, but flexible enough to fit in a variety of settings.

Every new install of Laravel has a create_users_table migration and a User model built in out of the box. If you bring in the laravel/ui package, Laravel offers an Artisan ui:auth command that seeds a collection of authentication-related views and routes. And every install comes with a group of Auth namespaced controllers for registration, login, and password resets. The APIs are clean and clear, and the conventions all work together to provide a simple—and seamless—authentication and authorization system.

Differences in Auth Structure in Laravel Before 6.0

Prior to Laravel 6, the auth scaffolding lived in the framework instead of a separate package.

Differences in Auth Structure in Laravel Before 5.3

Note that in Laravel 5.1 and 5.2, most of this functionality lived in the AuthController; in 5.3 and higher, this functionality ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781492041207Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design