Skip to main content

Laravel Basics & API Development

 Laravel Basics & Introduction 

How to install & create Laravel projects


Run these commands:

  1. composer global require laravel/installer
  2. composer create-project --prefer-dist laravel/laravel [app-name]
  3. cd [app-name]


Open the project folder in VSCode, and find the ‘.env’ file.


Configure it like so:

DB_CONNECTION=mysql

DB_HOST=127.0.0.1

DB_PORT=8889

DB_DATABASE=laravel

DB_USERNAME=root

DB_PASSWORD=root


Note that the configurations above works on my mac running mamp. Your machine may vary.


Run the project by using this command:

  1. php artisan serve
  2. (optional) php artisan serve —port 8002


Then go to this link

-> http://127.0.0.1:8000


Create a controller

  1. php artisan make:controller [controller-name]


Create a model

  1. php artisan make:model [model-name]


API Development with Laravel


API - Application Programming Interface


How API works:

  1. Request - client initiate
  2. Receive - the API provider receive your request
  3. Response - API returns the requested data, usually in JSON format


API ada banyak jenis


|——————————————————————————————————————————|


HTTP (RESTful) methods:

  1. GET - Fetch data, takde writing, hanya read
  2. POST - Create satu resouce baru (data/object), 
  3. PUT - (update) Biasa guna utk upload file
  4. PATCH - (update) Biasa guna utk update sesetengah maklumat sahaja, bukan full. Tapi nk guna utk update whole record pun boleh je
  5. DELETE - Obviously guna utk delete


RESTful - Representative State Transfer


Banyak methods boleh guna utk satu resouce. Resouce tu akan support utk operation berbeza.


Examples:

  1. get - products/{id} - akan retrieve data all products. kalau letak id akan retrieve yg id tu je
  2. post - products/ - akan insert new products
  3. put/patch - products/{id} - akan update products yg ada id tu
  4. delete - products/{id} - akan delete products yg ada id tu


|——————————————————————————————————————————|


Request

  1. ada header & body, all http method

Header

  1. Simpan semua metadata, includes authentication

Response

  1. ada header & body, uniform output (usually JSON), HTTP status code


Metadata - data yg explain pasal data. eg: data is gambar, metadata is format, size, resolution, date taken


|——————————————————————————————————————————|


Authentication

  1. basic auth - username & pass, encoded base64
    1. login page
  2. api token - bearer token per user
    1. login page, mobile app
  3. api key - server generated token/key.
    1. app to api, api to api
  4. Oauth 2.0 - combination username/pass & token. more robust and complex
    1. login page, mobile app, user based auth with scope

**bearer token under authorization header


Authenticate - check if user is legit or nah

Authorization - check if user is noob ah hell or chad admin


|——————————————————————————————————————————|


Best Practice & Design Principle

  1. Atomic/singularity
  2. Follow standard and consistent naming conventions
    1. adheres to HTTP methods
    2. endpoints uses nouns instead of verbs
    3. responses using JSON
    4. uniform response structure with appropriate status code
  3. user versioning to mitigate backward incompatibility
    1. eg: 
      1. /api/v4/products
      2. /api/v1/products
    2. bila ada major changes yg tambah param/tukar logik
  4. always validate input and properly handle errors
  5. capture errors in logs for easier troubleshooting/debugging
  6. provide good support documentation


|——————————————————————————————————————————|


php artisan make:controller [controller-name] --api

php artisan route:list

php artisan make:model [model-name] --migration


Notes:

  1. make sure there are no semicolons in env file or it wont work
  2. make sure the routes method are correct for page with post
Labels:

Comments

Post a Comment

Popular posts from this blog

Setup existing IONIC project in local

Setup existing IONIC project in local  Steps: clone git repo install ionic -  npm install -g @ionic/cli masuk folder repo project install npm dependencies -  npm install run ionic project -  ionic serve buka android studio / xcode -  ionic cap open $var  - $var = ‘android’ atau ‘ios’. ada dua je option, replace $var dgn dua option tu sync changes vscode & dkt android studio / xcode -  ionic cap sync good luck Common issues: dependency conflict check https://www.npmpeer.dev/ utk tengok version yg compatible try naikkan/turunkan version dependency yg keluar dkt error. tembak je sampai hilang error g radle issue try upgrade gradle. kalau tak boleh, try remove folder android & build semula e rror cocoapod make sure install xcode make sure install cocoapod error java  home not found utk mac, buka ~/.zshrc & masukkan chang es dkt VSC tak masuk android studio / xcode try ionic cap sync try quit & buka semula cordo va.variables.gradle no...
Post a Comment
Read more

🪄 Useful git spells

Navigating the world of Git can be akin to mastering an arcane art. For the savvy developer, knowing the right incantations can mean the difference between seamless collaboration and catastrophic code conflicts. Here's a compendium of Git commands that are essential for those critical moments. Handle them with care, for they wield great power. Reverting to a Specific Commit (Non-Shared Branches Only) When you need to undo changes and return to a known good state: `git reset --hard <commit-hash>` - This will reset your branch to the specified commit. `git push -f origin` - Force push the changes to overwrite the remote branch. Merging Branches Like a Pro To incorporate changes from one branch into another, follow these steps: `git checkout <branch-to-merge-to>` - Switch to the branch you want to update. `git fetch origin` - Fetch the latest changes from the remote. `git pull` - Pull the latest changes into your local branch. `git status` - Check the status of your branch...
Post a Comment
Read more

Vulnerabilities in dependencies used in projects

  Vulnerabilities in dependencies used in projects The case of 4Chan never updated any dependencies since 2009 one dependency used was publicly-known to have multiple critical vuln Ghostscript - https://security.snyk.io/vuln?search=ghostscript Local File Inclusion - process pdf files but never checked if the pdf is actually pdf Remote code execution - after injecting. can run scripts on the server The modern wake up call - this event reminded everyone to stay up to date with dependencies updates Dependencies we’re using: mPDF - fixed vuln for versions lower than 7.1.8 deserialization of untrusted data - similar with how 4chan got hacked aws/aws-sdk-php - fixed path traversal vuln for versions lower than 3.288.1 can go back and open directories that are not public arbitrary code execution vuln for versions lower than 3.2.1 Best practices: stay up to date with the tech world join forums like reddit and stackoverflow check websites that publish security reports snyk security - https:/...
Post a Comment
Read more