- Swagger
- Docker
- Testing
- TDD Unit & Feature
- Mocking External (Third Party) APIs and Services (CoinGecko Cryptocurrency Data API)
- Service Container and Service Providers
- Eloquent Techniques
- One-to-One Relationship:
- Many-to-Many Relationship
- Polymorphic Relationship
- Eager Loading
- Lazy Loading
- Advance Querying Techniques
- Subqueries
- Custom Scopes
- Advance Eloquent Techniques
- Mutators
- Accessors
- Events and Observers
- API
- Authentication with Sanctum
- Versioning
- Rate Limiting & Throtteling
- API Request validation
- API Resource for transforming Responses
- Advance Migrations
- Customized Exceptions Handling with Json Responses, Logging and Sentry integration
- Centralized Application Constants
- Security Best Practices used
- Protect Against Common Vulnerabilities
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- SQL Injection
- Use of Laravel's Built-in Security Features
- Authentication with Sanctum
- Sanctum Token Security
- Password Hashing
- Rate Limiting & Throtteling
- Authentication with Sanctum
- Additional Security Measures
- HTTPS
- Environment Configuration
- Data Encryption
- Protect Against Common Vulnerabilities
- Middlewares
- Role-Based Access Control Middleware
- Logging User Activity Middleware
- Throttle Middleware with Custom Limits
- Localization Middleware
- CORS Middleware
- "Below sections - Coming in Next Week.................."
- Scheduling
- Scheduling Queued Jobs
- Scheduling Artisan Commands
- Caching with Redis
- Mails
- Uses Mailable, Queueable, SerializesModels, Envelope, Content etc.
- Notifications
- Events
- Listeners
- Queueable
- ServiceProvider
- DB tables
- Event Broadcasting (WebSockets)
- AWS services
- AWS SDK for PHP
- File Storage - AWS S3
- Parameter Store:
- AWS Parameter Store Encryption AWS Parameter Store supports two types of parameters: Standard and SecureString. SecureString parameters are encrypted at rest using a customer-managed AWS Key Management Service (KMS) key. When you store a parameter as a SecureString, AWS handles the encryption and decryption processes for you. AWS enforces strict IAM policies, and auditing access.
- Install AWS SDK for PHP:
composer require aws/aws-sdk-php
- Retrieve the Parameter:
$ssm = new SsmClient([ 'version' => 'latest', 'region' => 'your-region', 'credentials' => [ 'key' => 'your-aws-access-key', 'secret' => 'your-aws-secret-key', ], ]); $result = $ssm->getParameter([ 'Name' => 'API_KEY', 'WithDecryption' => true, ]); $apiKey = $result['Parameter']['Value'];
- Set the Environment Variable during Deployment in YML files:
aws:elasticbeanstalk:application:environment: API_KEY: "the-api-key"
- Access the API Key:
$apiKey = env('API_KEY');
- CI/CD with buildspec.yml (AWS CodeBuild, Pipeline, Elasticbeanstalk, IAM, S3 will be used)
- Elasticbeanstalk Extensions (.ebexensions)
- SES (To do)
- SQS (To do)
-
Swagger
- Swagger UI library to generate interactive documentation - commands:
npm install swagger-ui-dist
composer require darkaonline/l5-swagger tymon/jwt-auth
php artisan vendor:publish --provider=”Tymon\JWTAuth\Providers\LaravelServiceProvider”
- Generate the Swagger documentation:
php artisan l5-swagger:generate
- Access Swagger API Documentation URL:
http://your-app-url/api/documentation
- Swagger UI library to generate interactive documentation - commands:
-
Docker
- Files:
Dockerfile
docker-compose.yml
docker-compose-sample.yml
(another sample file with set of different commands)
- Dockerfile commands:
docker build
docker run
- docker-compose.yml commands:
docker-compose up
docker-compose down
docker-compose ps
docker-compose build
docker ps
(all containers)docker ps -a
(all containers, including stopped)docker stop <container_id>
docker rm <container_id>
docker images
docker pull <image_name>
docker exec -it <container_id> bash
(enter running container)docker commit <container_id> <new_image_name>
(create new image from container)
- Files:
-
Unit & Feature Testing (TDD)
- Common commands:
- Make:
php artisan make:test FaqsTableSeederTest
- Run all:
php artisan test
- To run a specific test class, provide the path to the test file:
php artisan test --filter ExampleTest
- Run a Specific Test Method:
php artisan test --filter 'ExampleTest::testBasicExample'
- Make:
- Enable Detailed Error Messages in Tests:
- Check Log files
- Update phpunit.xml:
<env name="APP_DEBUG" value="true"/>
- Create File:
tests/CreatesApplication.php
- Modify the exception handling in your TestCase class to throw exceptions instead of rendering them. See
tests\TestCase.php
- Post Controller testing:
php artisan make:factory PostFactory --model=Post
- Change
database\factories\PostFactory.php
- Make sure your Post model uses the HasFactory trait.
- Test:
php artisan test --filter 'PostControllerTest::it_can_list_all_posts'
- Mocking External (Third Party) APIs and Services (CoinGecko Cryptocurrency Data API)
- Create a Service for CoinGecko API:
app/Services/CoinGeckoService.php
- Create a Controller:
app/Http/Controllers/CoinGeckoController.php
- Define Routes:
routes/api.php
- Get Cryptocurrency Data by URL: http://127.0.0.1:8000/api/cryptocurrency/bitcoin
- Get Market Data by URL: http://127.0.0.1:8000/api/market-data
- Create Unit Test Cases for the Service:
tests/Unit/CoinGeckoServiceTest.php
- Create Feature Test Cases for the Controller:
tests/Feature/CoinGeckoControllerTest.php
- Run the Tests:
php artisan test
- Create a Service for CoinGecko API:
- Common commands:
-
Service Container and Service Providers
- Service Class:
app/Services/S3Service.php
- Service Provider:
- Artisan command:
php artisan make:provider S3ServiceProvider
- File:
app/Providers/S3ServiceProvider.php
- Artisan command:
- Register the Service Provider in
config/app.php
- Use in a Controller:
app/Http/Controllers/S3Controller.php
- Service Class:
-
Eloquent Techniques
- One-to-One Relationship:
app\Models\CategoryDetail.php
>>category()
app\Models\Category.php
>>detail()
- Migration (not required but best practice to maintain relationships also in DB):
database\migrations\2024_07_20_131424_create_category_details_table.php
>>$table->foreign('category_id')->references('id')->on('categories')->onDelete('cascade');
- One-to-Many Relationship:
app\Models\Category.php
>>posts()
app\Models\Post.php
>>category()
- Migration (not required but best practice to maintain relationships also in DB):
$table->unsignedBigInteger('category_id')->default(1); // 1 = uncategorized - if CSV doesn't have a category, default to uncategorized
$table->foreign('category_id')->references('id')->on('categories')->onDelete('cascade');
- Many-to-Many Relationship - uses a Pivot table
app\Models\Tag.php
>>posts()
>>belongsToMany()
app\Models\Post.php
>>tags()
>>belongsToMany()
- Migration (required):
- Create Pivot table -
post_tag
:php artisan make:migration create_post_tag_table
database\migrations\2024_07_21_050652_create_post_tag_table.php
>>$table->foreignId('post_id')->constrained()->onDelete('cascade');
&$table->foreignId('tag_id')->constrained()->onDelete('cascade');
- Create Pivot table -
- Has-Many-Through Relationship: A has-many-through relationship provides a convenient shortcut for accessing distant relations via an intermediate relation. E.g.: a Country has many Posts through a User.
app\Models\Country.php
>>posts()
>>hasManyThrough()
app\Models\Post.php
>>user()
>>belongsTo()
app\Models\User.php
:country()
>>belongsTo()
posts()
>>hasMany()
- Migration (not required but best practice to maintain relationships also in DB):
- Nothing to add for relationship in:
database\migrations\2024_07_21_051334_create_countries_table.php
php artisan make:migration add_country_id_to_users_table
database\migrations\2024_07_21_052413_add_country_id_to_users_table.php
php artisan make:migration add_user_id_to_posts_table
database\migrations\2024_07_21_052857_add_user_id_to_posts_table.php
- Nothing to add for relationship in:
- Polymorphic Relationship: A polymorphic relationship allows a model to belong to more than one other model on a single association. E.g: Suppose both Posts and Categories can have Comments.
app\Models\Comment.php
>>commentable()
app\Models\Post.php
>>comments()
app\Models\Category.php
>>comments()
- Migration (not required but best practice to maintain relationships also in DB):
database\migrations\2024_07_21_033147_create_comments_table.php
>>$table->morphs('commentable');
. Themorphs()
method creates bothcommentable_id
andcommentable_type
columns together.
- Usage:
app\Http\Controllers\Api\V2\CategoryController.php
>>addCategoryComment()
app\Http\Controllers\Api\V2\PostController.php
>>addCategoryComment()
- Also a sample available in Laravel generated
database\migrations\2024_06_01_083834_create_personal_access_tokens_table.php
- Eager Loading:
app\Http\Controllers\Api\V2\CategoryController.php
- Lazy Loading:
app\Http\Controllers\Api\V2\CategoryController.php
- Advance Querying Techniques
- Subqueries:
app\Http\Controllers\Api\V2\CategoryController.php
>>getCategoriesWithPostsCount()
- Custom Scopes:
- Create:
app\Models\Post.php
>>scopePublished($query)
- Usage:
app\Http\Controllers\Api\V2\PostController.php
>>getPublishedPosts(Request $request)
- Create:
- Subqueries:
- Advance Eloquent Techniques
- Mutators:
app\Models\Post.php
>>setTitleAttribute($value)
- Accessors:
app\Models\Post.php
>>getTitleAttribute($value)
- Events and Observers: Eloquent lifecycle events and observers in Laravel allow you to handle model lifecycle events, keeping your code clean and organized by separating concerns.
- Eloquent Events: retrieved, creating, created, updating, updated, saving, saved, deleting, deleted, restoring, restored
- Usage of Eloquent Events: Automatically setting attributes, sending notifications, logging activities, validating data, enforcing business rules
- Benefits of Using Observers: Separation of concerns, reusability, organization, improved code readability, maintainability, centralized event handling logic
- Create an Observer:
php artisan make:observer PostObserver --model=Post
- Created file:
App\Observers\PostObserver.php
- Register the Observer:
App\Providers\AppServiceProvider.php
- Mutators:
- One-to-One Relationship:
-
API
- Authentication with Sanctum
- Commands:
composer require laravel/sanctum
php artisan cache:clear
php artisan vendor:publish --provider="Laravel\Sanctum\SanctumServiceProvider"
php artisan migrate
- Model
app/Models/User.php
update to include theHasApiTokens
trait - Route change:
routes/api.php
- AuthController:
app\Http\Controllers\Api\V2\AuthController.php
>>register()
>>$user()->createToken()
app\Http\Controllers\Api\V2\AuthController.php
>>login()
>>auth()->user()->createToken()
- Client-Side React:
- Make API request by passing User email, password to received token
- Store the received token securely (e.g., in local storage) and include it in the Authorization header for subsequent authenticated requests
- Token Security: Store tokens in cookies with the
HttpOnly
flag andSameSite
attribute for better security.
- Commands:
- Versioning
app\Providers\RouteServiceProvider.php
>>boot()
routes\api_v1.php
routes\api_v2.php
app\Http\Controllers\Api\V1\UserController.php
app\Http\Controllers\Api\V2\UserController.php
- Add
v1
orv2
to Postman requests
- Rate Limiting & Throtteling
app\Providers\RouteServiceProvider.php
routes\api_v1.php
- Test it by setting ‘1’ to
app\Providers\RouteServiceProvider.php
>>configureRateLimiting()
>>Limit::perMinute(1)
- When accessed on Postman it will get
“429: Too Many Attempts.”
- API Request validation
- By using Request validation, you don't need to use Validator class to validate in Controller Actions
php artisan make:request CreateUserRequest
app\Http\Requests\CreateUserRequest.php
will be created extendingIlluminate\Foundation\Http\FormRequest
- Add validation rules to:
app\Http\Requests\CreateUserRequest.php
>>rules()
- Use the CreateUserRequest in
app\Http\Controllers\Api\V2\UserController.php
- E.g.:
public function store(CreateUserRequest $request)
- E.g.:
- API Resource for transforming Models into JSON responses.
php artisan make:resource PostResource
app\Http\Resources\PostResource.php
will be created extendingIlluminate\Http\Resources\Json\JsonResource
- Add fields to transform in
app\Http\Resources\PostResource.php
>>toArray()
- Use the PostResource in
app\Http\Controllers\Api\V2\PostController.php
- E.g.1:
PostResource::collection($posts)
- E.g.2:
new PostResource($post)
- E.g.1:
- Authentication with Sanctum
-
Advance Migrations
- Defining Relationships in Migrations
- It is not compulsory, but a good practice and try to do always. See above "Eloquent Techniques" relationships.
- Benifits (When to Use): Defining relationships in migrations ensures data integrity, enables automatic cascading of related records, provides clear schema documentation, and allows for complete and clean rollbacks of the database schema, making it easier for new developers to understand the database structure.
- When NOT to Use Database Relationships in Migrations: Avoid defining database relationships in migrations for legacy databases (to prevent issues with existing data), high-throughput applications (to reduce overhead), and specialized use cases (where constraints might be unnecessary or counterproductive).
- It is not compulsory, but a good practice and try to do always. See above "Eloquent Techniques" relationships.
- Files related:
database\migrations\2024_07_20_131414_create_categories_table.php
database\migrations\2024_07_20_131424_create_category_details_table.php
- Foreign Key Constrains: (See these got created in
MySQL WorkBench
>Alter Table
>Foreign Keys
)- Short method to define Constrains: Using
foreignId()
,constrained()
,cascadeOnDelete()
etc. - Long method to define Constrains: Using
foreign()
,references()
,on()
etc. - Droping FK with
down()
>>dropForeign()
- Use it carefully to avoid compromising data integrity and handle potential orphaned data.database\migrations\2024_07_21_052413_add_country_id_to_users_table.php
>>down()
- Short method to define Constrains: Using
- Delete Cascade with
onDelete('cascade')
&cascadeOnDelete()
- Update Cascade with
onUpdate('cascade')
- Indexing (See these got created in
MySQL WorkBench
>Alter Table
>Indexes
)- Benefits of Indexing:
- Improved performance for queries that involve filtering or sorting on indexed columns.
- Faster data retrieval by allowing the database to efficiently locate relevant records.
index()
index([])
- Creates indexes for given column namesindex(,)
- Creates index for the given colmn with given custom index name
unique()
- Enforces unique values across indexed columnfullTextIndex()
&fullText()
- For full-text search capabilities on text columnsfullText()
- to mark a column as searchable within Laravel's Eloquent queries.fullTextIndex()
- to create a dedicated full-text index for optimal search performance on large datasets.
- Benefits of Indexing:
- Soft Deletes with
deleted_at
in ``up()
>>softDeletes()
down()
>>dropSoftDeletes()
id()
,increment()
&bigIncrements()
id()
- Laravel 8+: creates an auto-incrementing primary key column namedid
. It chooses the right data type (oftenBIGINT
) based on your database.increment()
- Old method before Laravel 8 to do above withINT
bigIncrements()
- Old method before Laravel 8 to do above withBIGINT
unsignedBigInteger()
: Foreign Keys: When creating a column to reference another table's primary key (oftenid
), you'll typically useunsignedBigInteger()
. This ensures sufficient storage and avoids negative values for foreign key references. E.g.:database\migrations\2024_05_30_102005_create_posts_table.php
>>$table->unsignedBigInteger('category_id')->nullable();
- morphs() - Used in Polypolymorphic relationship. See above "Eloquent Techniques" relationships.
- Defining Relationships in Migrations
-
Customized Exceptions Handling with Json Responses, Logging and Sentry integration
php artisan make:exception CustomExceptionHandler
- File will be created:
app\Exceptions\CustomExceptionHandler.php
- File will be created:
- Binding the Custom Exception Handler to the service container in
bootstrap\app.php
- Testing the Custom Exception Handler:
- Make some change like a change in class name in
app\Http\Controllers\Api\V2\AuthController.php
to make the process go intocatch
and throw an exception - Access the Login route on Postman: http://127.0.0.1:8000/api/v2/login
- Response will be:
"message": "A custom exception occurred:....
- If you remove the service container registration of
CustomExceptionHandler
frombootstrap\app.php
>>singleton()
the response will be the Laravel default exception"message": "Class \"App\\Http\\Controllers\\Api\\V2\\DDDValidator\" not found.....",
etc.
- Make some change like a change in class name in
- Laravel logs will be updated with Logs added in
CustomExceptionHandler
>>report()
&render()
methods - Sentry integration:
- Install Sentry Laravel SDK:
composer require sentry/sentry-laravel
- Publish the Sentry Configuration File:
php artisan vendor:publish --provider="Sentry\Laravel\ServiceProvider"
- Configure Sentry in
config/sentry.php
- Add Sentry DSN to Environment File:
.env
>>SENTRY_LARAVEL_DSN=https://[email protected]/project-id
- Add Sentry logging to
app\Exceptions\CustomExceptionHandler.php
>>report()
- Install Sentry Laravel SDK:
-
Centralized Application Constants
- Benefits:
-
Centralized Configuration: Centralizes configuration values, making it easier to manage and update them in one place.
-
Readability: Enhances code readability by using meaningful names instead of magic numbers or strings.
-
Maintainability: Simplifies maintenance by allowing updates to values in a single class without changing multiple code occurrences.
-
Avoiding Magic Numbers/Strings: Prevents bugs and confusion by giving meaningful names to values, avoiding direct use of numbers or strings.
-
Consistency: Ensures consistent use of values throughout the application, reducing the risk of typos and inconsistencies.
-
- Define constants in
src\app\Constants\AppConstants.php
- How to use:
- Importing the Constants Class:
use App\Constants\AppConstants;
where you want to use it $status = AppConstants::POST_STATUS[$post->status];
$categoryType = AppConstants::CATEGORY_TYPE[$post->category_type];
- Importing the Constants Class:
- Benefits:
-
Security Best Practices used
- Protect Against Common Vulnerabilities
- Cross-Site Scripting (XSS):
- Sanitize Inputs:
- Common usage Laravel’s built-in validations
- Also can use
filter_var()
method to sanitize user inputs additionaly, but not a common practice:filter_var($request->input('name'), FILTER_SANITIZE_STRING);
- Escape Outputs:
- For APIs, the escaping of outputs is usually handled by ensuring the data returned is properly encoded as JSON, which Laravel does by default.
- Also can use
e()
method to escape outputs additionaly, but not a common practice:$comment->name = e($comment->name);
- For Blade templates, outputting variables is done using
{{ }}
which automatically escapes HTML:{{ $comment->name }}
- Sanitize Inputs:
- Cross-Site Request Forgery (CSRF):
- Laravel API projects: CSRF protection is typically disabled for
api
routes, using Laravel Sanctum stateless authentication tokens for secure token-based authentication and authorization. - Laravel Web projects:
-
CSRF Tokens: Laravel automatically generates a CSRF token for each active user session managed by the application. This token is used to verify that the authenticated user is the one actually making the requests to the application.
<form method="POST" action="/example">@csrf<!-- Other inputs --></form>
-
CSRF Middleware: Ensure that the
VerifyCsrfToken
middleware is enabled inKernel.php
file:protected $middlewareGroups = ['web' => [ \App\Http\Middleware\VerifyCsrfToken::class,],];
-
- Laravel API projects: CSRF protection is typically disabled for
- SQL Injection: Use Laravel’s query builder(Parameterized Queries) or Eloquent ORM to prevent SQL injection.
- Query Builder:
$users = DB::table('users')->where('email', $email)->get();
- Eloquent ORM:
$user = User::where('email', $email)->first();
- Query Builder:
- Cross-Site Scripting (XSS):
- Use Laravel's Built-in Security Features
- Authentication:
php artisan make:auth
OR Use Sanctum for API authentication - Password Hashing using Laravel’s Hash facade.
app\Http\Controllers\Api\V2\AuthController.php
>>$user->password = Hash::make($request->password);
- Throttle Requests: Use Laravel’s rate limiting to protect application from Brute-Force Attacks.
routes\api_v1.php
>>Route::middleware('throttle:api').....
- Authentication:
- Additional Security Measures
- Force HTTPS
- Web Server Configuration: Make sure the web server (e.g., Apache, Nginx) is configured to use HTTPS and redirect HTTP requests to HTTPS.
- Ensure the correct environment set in .env:
APP_ENV=production
- Set forceScheme in the
app/Providers/AppServiceProvider.php
>>boot()
- Environment Configuration Secure .env file by not exposed to the public and sensitive information like database credentials and API keys are kept secure. See AWS Parameter Store implementation below.
- Encrypt Sensitive Data: Use Laravel’s encryption to store sensitive data securely.
- What should be encrypted:
-
Personal Identifiable Information (PII): Social Security Numbers (SSN), Driver's License Numbers, Passport Numbers, National Identification Numbers
-
Financial Information: Credit Card Numbers, Bank Account Numbers, Credit Reports, Tax Information
-
Authentication Credentials: Passwords (typically hashed rather than encrypted, but still considered sensitive), Security Questions and Answers, Authentication Tokens
-
Health Information: Medical Records, Health Insurance Information, Prescription Information, Patient History
-
Contact Information: Email Addresses, Phone Numbers, Home Addresses
-
Business Information: Trade Secrets, Proprietary Formulas, Strategic Plans, Internal Communications
-
Communication Data: Chat Logs, Emails, Text Messages
-
Biometric Data: Fingerprints, Facial Recognition Data, Iris Scans, Voice Recognition Data
-
Legal Information: Legal Contracts, Court Orders, Legal Agreements
-
Intellectual Property: Source Code, Design Documents, Patents
-
Sensitive Configuration Data: API Keys, Access Tokens, Encryption Keys, Database Credentials
-
- Example 1: Using encrypted keys using AWS ParameterStore >>
SecureString
type parameters. But this doesn't use LaravelIlluminate\Support\Facades\Crypt
- Example 2: Encrypting & Decrypting Sensitive Data (e.g.: user SSN)
app\Http\Controllers\Api\V2\UserController.php
>>store()
&show()
- What should be encrypted:
- Content Security Policy (CSP): Implement CSP: Use a content security policy to mitigate XSS attacks by defining which sources are allowed to load content on the webapplication.
- Force HTTPS
- Protect Against Common Vulnerabilities
-
Middlewares
- Deafult (already available and non-custom middlewares)
- Sanctum Auth Middleware:
routes\api_v2.php
>>middleware('auth:sanctum')
&&'middleware' => 'auth:sanctum'
\config\sanctum.php
- Route Middleware for
api
&web
:app\Providers\RouteServiceProvider.php
>>Route::middleware('api')
&Route::middleware('web')
- Throttle Middleware with Custom Limits (See API throtteling section):
routes\api_v1.php
>>Route::middleware('throttle:api')
- CORS Middleware
- Verify CSRF Token Middleware
- Sanctum Auth Middleware:
- Custom middlewares (Created using Artisan commands and will be created inside
app/Http/Middleware
folder)- Steps:
php artisan make:middleware MyMiddleware
- File will be created:
app/Http/Middleware/MyMiddleware.php
- Register the middleware (no Kernel.php in Laravel 11) in:
bootstrap\app.php
>>Application::configure()
>>withMiddleware()
- Use midlware in route files:
routes\api_v2.php
>>middleware()
- Use routes without a certain middlware in a route group:
withoutMiddleware()
- Role-Based Access Control Middleware:
php artisan make:middleware RoleManagement
createsapp/Http/Middleware/RoleManagement.php
- Testing route in:
routes\api_v2.php
- Example Postman Request: [GET] http://127.0.0.1:8000/api/v2/admin
- Headers: Key: Authorization | Value: Bearer
- Response:
- If the user is an admin: "Admin Area" [200]
- If the user is not an admin: [403] "message": "Unauthorized"
- Logging User Activity Middleware:
php artisan make:middleware LogUserActivity
createsapp\Http\Middleware\LogUserActivity.php
- Testing route in:
routes\api_v2.php
- Example Postman Request: [GET] http://127.0.0.1:8000/api/v2/profile
- Headers: Key: Authorization | Value: Bearer
- Response: "User Profile" [200]
- Check Laravel log files for the log entry
- Localization Middleware - with usage a middleware in route groups using
group()
:php artisan make:middleware Localization
createsapp\Http\Middleware\Localization.php
- Testing route in:
routes\api_v2.php
- Example Postman Request:
- Setting:
- [POST] http://127.0.0.1:8000/api/v2/set-locale?locale=es
- Response: "message" : "Set Locale" [200]
- Set application locale to
es
- Getting:
- [GET] http://127.0.0.1:8000/api/v2/current-locale
- Response: "locale": "es" [200]
- Ensure the application locale is set to
es
- Setting:
- Steps:
- Deafult (already available and non-custom middlewares)
-
"Other sections - Coming in Next Week.................."
- Install required Composer packages using:
composer i
- Set proper database configuration in
.env
- Run migration:
php artisan migrate
- Run seeder:
php artisan db:seed
- Run application locally:
php artisan serve
- Postman collection useful for testing the API end points is available in
postman-collection
directory - Access Swagger API Documentation URL:
http://your-app-url/api/documentation
######################################################################################
Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experience to be truly fulfilling. Laravel takes the pain out of development by easing common tasks used in many web projects, such as:
- Simple, fast routing engine.
- Powerful dependency injection container.
- Multiple back-ends for session and cache storage.
- Expressive, intuitive database ORM.
- Database agnostic schema migrations.
- Robust background job processing.
- Real-time event broadcasting.
Laravel is accessible, powerful, and provides tools required for large, robust applications.
Laravel has the most extensive and thorough documentation and video tutorial library of all modern web application frameworks, making it a breeze to get started with the framework.
You may also try the Laravel Bootcamp, where you will be guided through building a modern Laravel application from scratch.
If you don't feel like reading, Laracasts can help. Laracasts contains thousands of video tutorials on a range of topics including Laravel, modern PHP, unit testing, and JavaScript. Boost your skills by digging into our comprehensive video library.
We would like to extend our thanks to the following sponsors for funding Laravel development. If you are interested in becoming a sponsor, please visit the Laravel Partners program.
- Vehikl
- Tighten Co.
- WebReinvent
- Kirschbaum Development Group
- 64 Robots
- Curotec
- Cyber-Duck
- DevSquad
- Jump24
- Redberry
- Active Logic
- byte5
- OP.GG
Thank you for considering contributing to the Laravel framework! The contribution guide can be found in the Laravel documentation.
In order to ensure that the Laravel community is welcoming to all, please review and abide by the Code of Conduct.
If you discover a security vulnerability within Laravel, please send an e-mail to Taylor Otwell via [email protected]. All security vulnerabilities will be promptly addressed.
The Laravel framework is open-sourced software licensed under the MIT license.