joshgallagher24

Experience

11,570

0 Best Reply Awards

  • Member Since 1 Year Ago
  • 88 Lessons Completed
  • 0 Favorites

16th March, 2017

joshgallagher24 left a reply on Problem With Laravel Mix • 2 months ago

I just found it - skipped over it!

For anyone else using Sass with fonts or is having problems with URL rewriting add this:

   .options({
      processCssUrls: false
   });

joshgallagher24 started a new conversation Problem With Laravel Mix • 2 months ago

Hi everyone!

I am using Laravel Mix in a project outside of Laravel - a static website. However, I am having an issue with the config.

I have fonts in a font folder, which I add through a SASS file as shown below:

@font-face 
    font-family: 'Graphik-bold'
    font-weight: 500
    src:  url('../fonts/GraphikSemibold.woff') format('woff')

@font-face 
    font-family: 'Graphik-reg'
    font-weight: 300
    src:  url('../fonts/GraphikReg.woff') format('woff')

Here, in the paths I set "../fonts/GraphikSemibold.woff", however, upon compilation this path is changed to "/fonts/GraphikSemibold.woff".

How do I stop Laravel Mix from changing the file path?

13th February, 2017

joshgallagher24 left a reply on Passport - Customising Token Response • 3 months ago

@cisco The class I have to edit is not part of Passport - it is part of the League OAuth package.

The specific class is 'PasswordGrant.php'. I have looked and I am not sure how to implement it still.

joshgallagher24 left a reply on Passport - Customising Token Response • 3 months ago

bump

11th February, 2017

joshgallagher24 started a new conversation Passport - Customising Token Response • 3 months ago

Hi all,

I am working on an API at the moment and have hit a brick wall. I am using Passport with the 'Password' grant type.

I want to return the user's username with the access tokens, however, I am not sure how to.

For example, currently this is returned:

  "token_type": "Bearer",
  "expires_in": 31536000,
  "access_token": "token omitted",
  "refresh_token": "token omitted"
}

However, I would like this to be returned instead:

  "token_type": "Bearer",
  "expires_in": 31536000,
  "access_token": "token omitted",
  "refresh_token": "token omitted",
    "user": {
        "username": "a username"
    }
}

Thanks in advance!

21st January, 2017

joshgallagher24 left a reply on Forum Help • 4 months ago

Ok, if I go with duplicate posts how can I deal with them?

If a user posts a post called "laravel" and another user posts "laravel" - the exact same title. In this instance, if the user clicked on either one of these posts, they would be directed to the latest one only. This would only be a problem with slugs - which is what I want to use.

How would I overcome this in an API design for an SPA?

20th January, 2017

joshgallagher24 left a reply on Getting Too Many Requests Error On API • 4 months ago

You should not comment out this middleware. Imagine, if I decide to attack your API now - it will sink. You are not limiting the amount of requests that can be made to it, thus enabling someone to send millions of requests if they wanted to.

18th January, 2017

joshgallagher24 started a new conversation Forum Help • 4 months ago

Hello everyone,

I am building out a forum, and wanted your feedback on an area. Should I allow duplicate posts? For example, someone creates a post called 'what is laravel?' and then 2 months down the road someone posts the exact same thing. Should I allow this, or force them to post in an old thread?

Thanks!

14th January, 2017

joshgallagher24 left a reply on Don't Want To Use Vue In Laravel 5.3 • 4 months ago

Yes, just remove it! Then, just use blade templates etc.

16th December, 2016

joshgallagher24 left a reply on Can You Help Me To Rank Up My Website?? • 5 months ago

Of course. Any clients that come my way, I'll forward them to you. I don't need them.

11th December, 2016

joshgallagher24 left a reply on How To Make Table For Student Attendance System? • 5 months ago

ER and EAR diagrams FTW!

8th December, 2016

joshgallagher24 left a reply on Laravel 5.3 Passport For Mobile Client App • 5 months ago

In response to storing the client Id and secret in your app. You can store the client id in the manifest file and then create some middleware to inject the secret on every request. Do this for both SPA and mobile apps. As for the tokens being pruned, you don't have to. It is an optional setting that can be turned on or off I believe.

4th December, 2016

joshgallagher24 left a reply on Do I Have To Create Password Reset Routes? • 5 months ago

I found the routes in Router.php and implemented them!

joshgallagher24 left a reply on Do I Have To Create Password Reset Routes? • 5 months ago

I'm creating an API so I don't want to run that. It will bloat up the project. How do u go about creating the routes, because the methods are in a trait not the controller?

joshgallagher24 left a reply on Do I Have To Create Password Reset Routes? • 5 months ago

I have and they are not listed. However, I though they come pre-installed?

joshgallagher24 started a new conversation Do I Have To Create Password Reset Routes? • 5 months ago

Hi all,

I am creating an API and have come across an issue I don't really understand. I am setting up password resets to work with my api, but when I post through to the password/reset route in Postman with an email address i get an 'NotFoundHttpException'.

Do I have to create these routes manually, and how when I am using a trait with no available methods in my controller?

Thanks!

joshgallagher24 left a reply on How To Configure Password Resets For An API • 5 months ago

When I post to 'myapp.dev/password/reset' within postman with the correct headers and the users email I get a 'NotFoundHttpException'.

joshgallagher24 started a new conversation How To Configure Password Resets For An API • 5 months ago

Hi all,

I just wanted some help on how I could configure the password reset functionality into an API. I am not to sure on how to achieve this, because it is built around views etc.

Any help would be appreciated!

29th November, 2016

joshgallagher24 left a reply on Temporarily Lock A User Into A Certain Route • 5 months ago

Personally, I would go with what you have suggested. I would add a column to your Users table where you would set it to true if the user was required to change their password. Then, couple this with middleware and check this field on all routes you do not want the user to navigate to.

Other than that, I do not know of any other way to achieve this. Also, I do not think this is re-creating the wheel so it should be all good!

27th November, 2016

joshgallagher24 left a reply on API Authentication (with Passport) • 5 months ago

@adiachenko I've been speaking with Alex Bilbie - the creator of PHP's OAuth2 Lib. I clarified with him that, firstly using the Password Grant for a first party SPA was correct which he agreed upon. However, I am awaiting his reply on the cookie situation.

I am in two minds about the cookie use, because in either situation - cookie or no cookie we still create angles of attack through CSFR and XSRF.

I am still messing around with this concept, and I will push my project up soon so you all can give feedback and PR's. I am, also hoping that I can have a package done in the coming weeks to support this functionality.

Finally, to address what you have said are you referring to cross domain cookies?

joshgallagher24 left a reply on Passport Grant Client- Unsupported Grant Type Error • 5 months ago

Double check in your DB that you're not using the 'Personal Access Token' that is auto generated by Laravel Passport.

25th November, 2016

joshgallagher24 left a reply on API Authentication (with Passport) • 5 months ago

Hello all,

The PR I was trying to push through was closed. here it is: PR.

However, I will try and create a package out of this implementation! I'm not sure when I will have time due to Uni.

Do you all agree that this should be a package, or should we self implement this functionality on a per project basis?

16th November, 2016

joshgallagher24 left a reply on API Authentication (with Passport) • 6 months ago

I have also been on a mission to solve this issue!

I wrote about it here, and provided some possible implementations: Post.

Also, why are you hiding the Client ID? it does not matter if that is shown in the sources code. The only thing that should not be shared is the Client Secret. Plus, it makes it easier to send the Client ID with the request as then multiple first party apps can use it, rather than storing a single one in the .env file.

7th November, 2016

joshgallagher24 left a reply on Using ReactJS With Passport? • 6 months ago

@dshields This works if you build your React in blade views? I want to build my SPA seperate and then consume my API with it.

31st October, 2016

joshgallagher24 left a reply on Cloud SaaS Model, Single Database • 6 months ago

I think one database with the correctly structured tables would be fine. I can see where you're coming from, but you are overcomplicating it in my opinion. Also, you have to take cost into consideration. If you are a startup, are you charging your customers enough to give them there own db instance and all the other stuff your doing? If you are then good, but I would still rethink it!

However, I have uni tomorrow and my databases lecture so I'll ask my lecturer.

joshgallagher24 left a reply on Cloud SaaS Model, Single Database • 6 months ago

I do not see why you would use multiple database instances. Just think of the running costs that you would incur. I would suggest 1 database that is correctly structured and you should be fine. Then, in the future you would add more clusters if your site grows. I am not sure how Shopify do it, but I do not think they have multiple databases instances per client.

21st October, 2016

joshgallagher24 left a reply on Using ReactJS With Passport? • 7 months ago

@pmall You can use it with the password grant, however, you have to share the client secret which removes the point of using OAuth2.0. This is why I was asking if anyone knows a way to get around this or if Passport offered functionality like this. BTW it does not.

18th October, 2016

joshgallagher24 left a reply on Using ReactJS With Passport? • 7 months ago

Sorry for the late reply... Uni work. I am still unsure about this area. Is there any updates that give us this type of functionality? Or can we only use vue and the createFreshApiToken still. Haven't touched on this in a while but getting back to work so any suggestions or help would be great.

4th September, 2016

joshgallagher24 left a reply on Using ReactJS With Passport? • 8 months ago

Bump!

30th August, 2016

joshgallagher24 left a reply on Using ReactJS With Passport? • 8 months ago

I understand that Vue is not required, however, Laravel is heavily built around it now. I wanted to know whether I could use Laravel Passport's use of encrypted cookies in an API with a ReactJS app running on node for example.

joshgallagher24 started a new conversation Using ReactJS With Passport? • 8 months ago

Hello everybody!

Now that L5.3 has been released for a couple of days, I have decided to delve into it - specifically Passport.

To make it clear, I prefer ReactJS to VueJS and want to continue using it.

What I wanted to ask is can I use Passport with a ReactJS app? I have read some of the docs, specifically 'consuming your API with Javascript' and it seems that I have to use VueJS with the 'web' routes? However, I want to create an API with Laravel and Passport that communicates with my ReactJS app in a secure way.

Q: Is there a way that I can send the encrypted cookies to my ReactJS app whilst using the API routes?

Also, anybody who has any other suggestions please state them!

16th August, 2016

joshgallagher24 left a reply on OAuth Client Credentials Grant Question • 9 months ago

Is the app that is making HTTP calls a Javascript app?

13th August, 2016

joshgallagher24 left a reply on Help Me Convince My Friend To Use Vue Over React! • 9 months ago

VueJs IMO is a micro Javascript Framework, whereas, React is more powerful and can be used for both small and larger apps with the help of Redux and Relay. Your friend has a point!

11th August, 2016

joshgallagher24 left a reply on Challenging Bcrypt Question • 9 months ago

What you are doing is correct on the PHP and Java side. Don't remove the app key, that is for encrypting sessions. Also, what update are you talking about? An update to your Java or Laravel app?

joshgallagher24 left a reply on Challenging Bcrypt Question • 9 months ago

Is your Laravel side an API? Are you encrypting strings correctly in Java?

joshgallagher24 left a reply on Challenging Bcrypt Question • 9 months ago

The app key is generated and stored in your .env file. The app key is used to encrypt things like sessions and passwords. The problem is that in the java application you are encrypting the password with a different key. This can be fixed by sing the same app key in your java app. Store the laravel app key in your xml and pull it out when needed. I have had this problem before.

9th August, 2016

joshgallagher24 left a reply on Trying To Understand This Relation • 9 months ago

You need to read up on normalization! It is essential that you understand this concept if you want to be able to create robust databases. By your reply, I am getting the vibe that you don't understand this concept. Also, because it doesn't make sense saying it out aloud, does not mean it is not correct.

Anyway, to answer your question. its a one to many relationship from User and Projects to the Project Users table... i.e. the intersection table.

joshgallagher24 left a reply on Trying To Understand This Relation • 9 months ago

You would have a many to many relationship in this instance. The Project and User Tables would link to the intersection Table of Project Users. For example, in the intersection/Project Users Table you would have the ID of the row, Project ID, User ID and role.

7th August, 2016

joshgallagher24 left a reply on Event Guest List - Database Structure • 9 months ago

IMO I would have a M:N relationship between the User and Guest list table. The intersection table would be Status.

15th July, 2016

joshgallagher24 left a reply on Best Practice For A User-likes System Schema (json Vs Regular Rows) • 10 months ago

Hey, just to add to what @martinbean said. You should look into normalisation and database design, this way you will be able to understand and resolve problems like this in the future. In many cases, these problems come down to the lack of knowledge concerning advanced database design.

11th July, 2016

joshgallagher24 left a reply on Consuming My Own API, Which Uses JWT, How Do I Handle Authorization? • 10 months ago

In my experience with API development and Laravel I would break it down into two applications. The first being the Laravel API and then a ReactJS/VueJS application that consumes the API. Typically, it is better doing it this way!

10th July, 2016

joshgallagher24 left a reply on Composite Keys • 10 months ago

Ok, so these are the type of keys you could come across:

Primary Key - It must be unique, can not be null and a table must have one. Foreign Key - This key points to a Primary Key in another table. It also inherits the Primary Keys attributes. Composite Key - This key consists of two columns in a table which creates uniqueness. This is used when a single column can not guarantee uniqueness. Compound Key - This is used when we have a N:N relationship and is used in the intersection table as it forms an identifying relationship. It inherits the attributes from the Composite Key.

I thought that would be useful for you and anyone who stumbles upon this in the future! It's basic, but it there.

Anyway, back to your question - Is it possible to use composite keys as primary key? The answer is yes! This is because a Primary Key must be unique, and if a single column can not be unique on its own we then create a Composite Key consisting of two Candidate Keys. Now, is it bad practice to use Composite Keys... well that may start a war ;)

Also, you may want to read into normalization and the stages!

joshgallagher24 left a reply on Custom Validation UK Postcode • 10 months ago

Instead of creating a custom validation rule, you could use this: https://laravel.com/docs/5.2/validation#rule-regex

joshgallagher24 left a reply on How To Integrate Taxamo In Spark? • 10 months ago

It's not Taxamo but it does the job: https://github.com/mpociot/vat-calculator

4th July, 2016

joshgallagher24 left a reply on Need Help With Query In Db With Huge Row • 10 months ago

Try changing the PHP ini file's memory limit?

joshgallagher24 left a reply on BSc. In Computer Science - Worth The Money? • 10 months ago

I am about to start my CS Degree in the UK. I have been creating websites and programming for around six years and have no problem finding a job. However, I want to become a better programmer and think like a computer scientist. Also, I know that even if I want to stay in web dev, I will have a better chance in getting a higher job role because I am self taught but had the gumption to do a CS Degree.

1st July, 2016

joshgallagher24 started a new conversation JWT Vs OAuth 2.0 • 10 months ago

Just a quick note, I know that JWT is a protocol and OAuth 2.0 is a authorization framework.

The question is concerning these two package for Laravel:

OAuth 2.0 for Laravel: https://github.com/lucadegasperi/oauth2-server-laravel
JWT for Laravel: https://github.com/tymondesigns/jwt-auth

So, the question. The API I am creating will be consumed by a ReactJS web app, Android and iOS app and possibly third parties. Now, in this case it makes sense to implement OAuth 2.0 because of the possibility of 'third parties'. However, after examining the OAuth 2.0 package against the PHP league's latest release it is out of date. This was also confirmed by the creator of the Laravel OAuth 2.0 package. This means that I do not have access to the implicit grant which causes a whole heap of trouble, which led me to explore the JWT package. However, I am not sure if it provides the same amount of security and flexibility as OAuth if leveraged properly? Also, will this be a problem for a large production API? Is there a way I can still use OAuth without the Implicit Grant? I have been told to use a proxy with the Password Grant to get around this issue.

So, is the JWT package acceptable in a large API or do I have to go with OAuth 2.0?

26th June, 2016

joshgallagher24 left a reply on Laravel 5.3 Wish List • 10 months ago

I would like to see better authentication methods out of the box in Lumen like JWT or OAuth2.0.

8th June, 2016

joshgallagher24 left a reply on Authenticating With External API Using JWT? • 11 months ago

I am confused with what you are trying to achieve. Do you want to use VueJS with a Laravel API? I don't understand. If you have no database then how are you storing the users credentials to validate them and thus send out an access token?

joshgallagher24 left a reply on Authenticating With External API Using JWT? • 11 months ago

The JWT library provides you with this:

JWTAuth::attempt();

Very similar to Laravel where you pass in the request object. Then you would wrap this in a try/catch and implement the exceptions that are provides by this package:

catch(JWTException $e)

Then if all goes well, you issue the JWT token in a JSON response.

Edit Your Profile
Update

Want to change your profile photo? We pull from gravatar.com.