megaman7

megaman7

Member Since 1 Year Ago

Experience Points 3,590
Experience Level 1

1,410 experience to go until the next level!

In case you were wondering, you earn Laracasts experience when you:

  • Complete a lesson — 100pts
  • Create a forum thread — 50pts
  • Reply to a thread — 10pts
  • Leave a reply that is liked — 50pts
  • Receive a "Best Reply" award — 500pts
Lessons Completed 0
Lessons
Completed
Best Reply Awards 0
Best Reply
Awards
  • Start Your Engines Achievement

    Start Your Engines

    Earned once you have completed your first Laracasts lesson.

  • First Thousand Achievement

    First Thousand

    Earned once you have earned your first 1000 experience points.

  • One Year Member Achievement

    One Year Member

    Earned when you have been with Laracasts for 1 year.

  • Two Year Member Achievement

    Two Year Member

    Earned when you have been with Laracasts for 2 years.

  • Three Year Member Achievement

    Three Year Member

    Earned when you have been with Laracasts for 3 years.

  • Four Year Member Achievement

    Four Year Member

    Earned when you have been with Laracasts for 4 years.

  • Five Year Member Achievement

    Five Year Member

    Earned when you have been with Laracasts for 5 years.

  • School In Session Achievement

    School In Session

    Earned when at least one Laracasts series has been fully completed.

  • Welcome To The Community Achievement

    Welcome To The Community

    Earned after your first post on the Laracasts forum.

  • Full Time Learner Achievement

    Full Time Learner

    Earned once 100 Laracasts lessons have been completed.

  • Pay It Forward Achievement

    Pay It Forward

    Earned once you receive your first "Best Reply" award on the Laracasts forum.

  • Subscriber Achievement

    Subscriber

    Earned if you are a paying Laracasts subscriber.

  • Lifer Achievement

    Lifer

    Earned if you have a lifetime subscription to Laracasts.

  • Laracasts Evangelist Achievement

    Laracasts Evangelist

    Earned if you share a link to Laracasts on social media. Please email [email protected] with your username and post URL to be awarded this badge.

  • Chatty Cathy Achievement

    Chatty Cathy

    Earned once you have achieved 500 forum replies.

  • Laracasts Veteran Achievement

    Laracasts Veteran

    Earned once your experience points passes 100,000.

  • Ten Thousand Strong Achievement

    Ten Thousand Strong

    Earned once your experience points hits 10,000.

  • Laracasts Master Achievement

    Laracasts Master

    Earned once 1000 Laracasts lessons have been completed.

  • Laracasts Tutor Achievement

    Laracasts Tutor

    Earned once your "Best Reply" award count is 100 or more.

  • Laracasts Sensei Achievement

    Laracasts Sensei

    Earned once your experience points passes 1 million.

  • Top 50 Achievement

    Top 50

    Earned once your experience points ranks in the top 50 of all Laracasts users.

25 Feb
3 months ago

megaman7 started a new conversation Load Related Model When Using Find.

I know that

Model::find(1); is the same as Model::where('id',1)->first();

with the second query i would attatch a related model like this Model::where('id',1)->with('related_model')->first();

is it possible to add a related model when using the find() syntax?

08 Feb
3 months ago

megaman7 left a reply on API Error Display

@MONOOSO - do you mean something like having a status field in every API response which when an error is generated by the API has its value set to 'error'

Then somewhere in the project consuming the API having code which throws an error if {'status' => 'error'} is detected? preferably throw a custom error to distinguish it from other errors and maybe make sure the API always provides error message, code, trace ect

Is there a place i could put such logic, other than middleware, which would cause it to run for every route.

megaman7 started a new conversation API Error Display

I understand how error handling is supposed to occur for regular http calls.

Laravel has custom ways to handle specific error types and you can extend this by adding conditional logic to the App\Exceptions\Handler class which can detect errors based on anything you like (i have used error class type, route name and error message) In addition you can set a 404.blade.php file which will be used whenever there is a 404 status code (unless your conditional logic previously mentioned returns before laravel gets this far)

What is the best way to handle errors which are generated by an API?

currently i have conditional logic which detects any error other than a NotFoundHttpException (so i do not override the 404 behavior) and return a custom view. The API does return an error message but i do not display this on the custom error page because it may contain info i dont want a user to see.

Is my current way an acceptable way or can laravel handle this in some other way.

29 Jan
3 months ago

megaman7 left a reply on Jobs Final Fail

@TYKUS - Will using those methods only run the fail code on the FINAL failed attempt. That is important.

megaman7 started a new conversation Jobs Final Fail

When a job is attempted for the last time and fails is it possible to trigger code which only runs on this final failed attempt?

22 Jan
4 months ago

megaman7 left a reply on Validating \ Character

Can alpha_dash be modified to accept spaces

megaman7 started a new conversation Validating \ Character

I need to ban \ characters using validation

I have tried using Not_in and regex validation rules

The problem is if an odd number of \ are entered it returns a validation error as it should but if an even number of \ are entered it does not fail to validated

presumably when an even number are entered they "escape" each other in code somwwhere

i have tried the following validation rules

regex:[A-Za-z1-9 -] field_name' => array("not_in:^,&,~,,|"), "not_in:^,&,~,,|" 'not_in:^,&,~,,|' "not_in:^,&,~,\,|" 'not_in:^,&,~,\,|'

Note i have tried every combination or wrapping the rule in single and double quotes and placing a second escape \ in front of the .

I have also had problems with the | because these cannot be used as part of validation if there are multiple rules in the same string but i have solved this issue, right now i am only struggling with the \ problem.

19 Nov
6 months ago

megaman7 started a new conversation Logging Mailables

I am using the following code style to queue and dispatch emails

    Mail::to('recipiant email')
        ->queue(new MailableObject());

The Mailable object starts with the following code

class MailableObject extends Mailable { use Queueable, SerializesModels;

I need to be able to log a success message if the mail sends successfully.

I cant place my log immediately after the mail::to() function because all this does it confirm that it was queued.

I cant use the return response of mail::to() (ie $response = mail::to() ) to determine success or failier because this always returns a incrementing number even if the job fails.

and i cant find any way of running custom code or a second job on success.

When dispatching jobs normally you can list jobs to be run on success using the withChain() function

ie

DispatchEmail::withChain([ new LogSuccessfulSendingOfEmail ])->dispatch()

However the mailable class does not seam to have an equivilant function.

I have looked carefully at the Mailiable class and Queueable trait and neither seam to have a function which will trigger additional code to run if the job/mail is successful.

Mailiable class has a public array called $callbacks, Queueable trait has a public array called $chained (which has a comment ubove it saying it is a list of jobs which should run if the job succeeds), Both of these especially the $chained property sound promising but i cant find any way to trigger them. I tried overwriting them in the constructor for my mailiable (the class which extends Mailable) but this did not work.

when dispatching mails using the mailable classes built in queueing features rather than dispatching a job which then sends the mail it is possible to run a second job on success.

15 Nov
6 months ago

megaman7 started a new conversation Relation Not Working For Route Model Binded Model

i have a model called order

it has the following relationship declared

/**
 * {@inheritdoc}
 */
public function audits(): MorphMany
{
    return $this->morphMany(
        Config::get('audit.implementation', Models\Audit::class),
        'auditable'
    );
}

If i use the following controller code it works

public function showAudits(){

        $orders = Order::find(86);
        $audits = $gg->audits;

}

yet the following does not

public function showAudits(Order $order){

        $audits = $order->audits;

}

This variation also does not work

public function showAudits(Order $order){

    $order = $order->first();
        $audits = $order->audits;

}

Why?

06 Nov
6 months ago

megaman7 started a new conversation Oauth Authorization Error

I have a route which is oauth protected

it dispatches a job and passes the job a model when i try to call ->save() on the model from inside the job i get this

[2018-11-06 17:26:56] local.ERROR: The resource owner or authorization server denied the request. {"exception":"[object] (League\OAuth2\Server\Exception\OAuthServerException(code: 9): The resource owner or authorization server denied the request.

Is this happening because the model was created from a protected route and the job is not protected?

Do i need to pass the model id to the job and then create the model object in the job itself?

25 Oct
7 months ago

megaman7 started a new conversation Route Model Binding Security Question

I am using the following syntax in one of my controller

public function get_results(OrderBatch $OrderBatch) { $userId = Request()->user()->id; // users authenticate using Oauth and send an Oauth token with each request

$usersOrdersBatches = $OrderBatch->where('user_id',$userId).....

}

Since the User ID is determined by reference to the Oauth token and not any data the users sends this should be sufficient to prevent one user accessing another users OrderBatches.

However I have a concern with the way i instantiate the OrderBath object I understand that Laravel has route model binding which can be used if a model is instantiated in the controller in this way to select a specific database row

https://laravel.com/docs/5.7/routing#route-model-binding

My route does NOT have any variable parameters (ie there is no "/orderbatches/{orderBatchId}" route)

Is there any way a user can retrieve a orderBatch belonging to a different user by modifying their url?

Should i change the code to read $usersOrdersBatches = OrderBatch::where or $usersOrdersBatches = app('OrderBatch')?

24 Oct
7 months ago

megaman7 started a new conversation Database Testing - Mocking Vs Test Db

When testing anything which interfaces with things outside of the scope of your test (APIs, databases, file-systems, queues ect) you have a choice of mocking the thing you dont want to test or using a test version of it.

Which you should use differs in each case

My opinion is this. Mocking is usually easier and thus should be your first choice. However if the thing being mocked returns some complex object which cannot easily be defined then using a test version of that real thing should be used.

A slight edge case is things which are not easy to mock such as static classes. If issues like this get in the way and you cant force it to mock them refactoring the code to be more test friendly is a 3rd option.

anyway What is the best way to test Laravel database interactions?

Laravel has a range of database factory functions and eloquent asserts to aid with creating test data and testing it and a range of traits which automatically build and destroy your database at the start and end of the test.

By comparison it does not seam to have any mocking for eloquent.

Is there any particular reason for this?

17 Oct
7 months ago

megaman7 left a reply on Service Container Objects

So what are you supposed to do if you have a page which has an object which has multiple statuses which can change in the background (ie i shopping site may list the remaining stock which could change which the user is still on the page)

You may have a route which is accessed by AJAX calls, the result of which changes the stock number

But you would also want this information to be included in the inital page load.

In that situation i would want the function which initially loads the page to call the function for the AJAX route to get the current stock level and p[ass it to the view

megaman7 left a reply on Service Container Objects

"just a note: calling other controller methods from your controller counts as an anti pattern"

I assume that only applies to routes which are actions (directly mapped to routes)

megaman7 started a new conversation Service Container Objects

when resolving objects from th service container i prefer this syntax

public function some_controller_action(Customer $customer , Order $order){}

to this public function some_controller_action(){ $customer = $this->app->make('models\Customer'); $order = resolve('models\Order'); }

My prefered way forces declaration of dependencies before any logic which is considered to be a form of clean code.

anyway i have noticed that doing it this way prevents you from calling your function yourself (it only works if laravel calls the function

IE with the first syntax i CANNOT do the following, with the second syntax i can do the following

public function someFeature(){ $this->some_controller_action() }

Is there any way around this other than passing the dependancies into the some_controller_action() call (which would require declaring them somewhere thus defeating the point of this)

15 Oct
7 months ago

megaman7 started a new conversation Downloading File Issue

I am creating an API laravel project and a front end laravel project The flow of a typical request is

browser->laravel_web_project->laravel_api_project->datasource

certain actions result in the download of a file which is stored on the same machine as the laravel_api_project

previously i used the following code in the laravel_api_project

return response()->download($pathToFile);

and the following code in the laravel_web_project

$fileContent = httpClient->response(); return response()->streamDownload(function () { echo $fileContent; }, 'laravel-readme.md');

And this worked. But i figured this was not a "proper" way to do it because both of the laravel file responce functions create headers which tell a browser that a file is being delivered but i only need this when actually sending the response to the browser and because i in the responce from laravel_api_project i needed to be able to return a multi value json array in which one of the values would be the file data. and it would not let me do this when openeing the file using response()->download().

So i changed the code in laravel_api_project code to

Storage::get('file name')

        return Response()->json(
            [
                'action' => 'Download',
                'data' => $file
            ]);

This did not work as it threw a utf-8 corruption error so i had to use utf_encode() on the laravel_api_project end before adding the file content to the response()->json() array and use utf_decode in the web project when setting the file content.

I have 2 questions

  1. Why is it that I now need to encode/decode utf8 yet with my old code i did not need to do this. do the response->download() and responce->downloadstream() functions both encode and decode it? is yes at what point is decodeing done, if no how was i able to use both functions without effectivly double utf8 encodeing the data.

at once point i used PHPs native file_get_contents. but i gave up on this and switched to Storage::get before discovering the utf8 issue. would this work if i used file_get_contents instead and if yes is there any reason to use one function over the other?

09 Oct
7 months ago

megaman7 started a new conversation Saving File From Controller

I am using a library which creates PDFs

using the following code from a command saves the PDF in the projects root directory $pdf->save('file_name.pdf');

using the same command from a controller does not seam to save the file.

there is another function called $pdf->download('file_name.pdf'); which when used in a controller makes the browser download a PDF so this shows the pdf is being generated.

why am i not able to save the PDF to the server from the controller

i am using niklasravnsborg/laravel-pdf to generate pdfs

01 Oct
7 months ago

megaman7 started a new conversation Boot Vs Constructor

If i want code to run when a model is first created (say to run code which determines the value of a field)

is there any difference between putting my code in boot ie protected static function boot(){ parent::boot();

//My code goes here

}

and putting my code in the constructor ie public function __construct(array $attributes = array()) { //my code goes here

parent::__construct($attributes);

}

21 Aug
9 months ago

megaman7 started a new conversation API Vs Session

I have a project which has API users and Session users

I use FormRequest objects fro validation and these automatically detect if the request is a session or API request and return JSON for api requests and redirects for Session requests

Is there any way i can make this distinction in my controllers?

I have a controller which can serve both API and Session users - one needs a JSON response the other needs a redirect

15 Aug
9 months ago

megaman7 left a reply on Forms Empty On Redirect

Thanks guys Both of thoes solutions appear to be what i need

1 more question

when using ether of the suggested solutions will i still need to use

$old = session()->getOldInput();

in the edit controller function?

megaman7 started a new conversation WithInput() Vs Compact() Vs View('view','data')

Consider the following 3 ways of getting data and passing it to the view

public function edit(Customer $customer) { return view('greeting', ['customer' => $customer]); }

public function edit(Customer $customer) { return view('greeting')->compact($customer); }

Redirect::to('customer/edit')->withInput($customer);

the first 2 are effectively the same

my question is which is considered to be the proper way to pass data from a model to a view methods 1 and 2 or method 3 and when should you use the other

megaman7 started a new conversation Forms Empty On Redirect

I have forms which create and edit reasorces. The create and update form for each editable reasorce uses the same blade template.

i use value="isset($reasorce) ? $reasorce->property : null" to populate edit versions of the form with the existing data from the database. isset is needed so that empty fields (edit forms sometimes have empty fields create forms are always completely empty, do not throw an error.

When i get redirected back to a form after failing validation the value in the form gets reset to whatever it first was - not the invalid input.

I the case of create forms this can result in everything the user entered being lost.

(this problem does not happen when using the browser back button)

Is this normal behaviour?

To get arround this i have changed the isset line ubove to value="isset($reasorce) ? $reasorce->property : old('property')"

and in the controlers for the edit forms added some logic which checks if the old input is not and empty array and if it is not an empty array deletes the $reasorce object (which is a model fetched from the DB with the values stored in old) causing the isset() test to fail and the old() input to be entered into the form.

this way create forms when first loaded are empty. create forms when redirected to from a failed validator are populated with whatever the user just entered (without needed to put any extra code in the controller). edit forms when first loaded are populated with the data from the database for that reasorce. edit forms when redirected to from a failed validator are populated with whatever the user just entered and this requres a small bit of code which overwrites.

is there any way around this without the extra code in the edit controllers and the isset() line in the blade templates?

14 Aug
9 months ago

megaman7 started a new conversation DB::update() Question

I am using DB::update('some sql') variables from the user are inserted into the mysql so it looks something like this

UPDATE customer SET status = "Active" WHERE customer_id = "' . $Id . '"

does this function automatically parameter in order to prevent sql injection?

megaman7 left a reply on Injected Model In Middleware

"Why is a user updating themselves via a route that takes a parameter in the first place?"

user was a bad example my example could just as easily have been 'comment', 'post', 'customer', 'order' ect

megaman7 started a new conversation Injected Model In Middleware

In my which show or edit a single model i often use the model injection method as my means of getting the required model

ie

Route route::get('user/edit/{user}',...ect

public function edit_user(User $user, Request $request){

These routes a protected by oauth middleware so that only regestered users can make changes. However none of the middleware prevents a logged in user from appending the id of a different user to the end of the url.

So to protect against this at the top of any controller which shows/edits a reasorce i have code that looks something like this

    if($user->account_id != $request->user()->account_id){
        throw new ApiException('We could not find the user you were trying to update.','401');
    }

Note the $request->user() object is set by the users oauth token so it is not possible for a user to fake the id of a resource which does not belong to that user.

I want to move this logic into middleware.

However for it to work i would need middleware to have access to the resource (in this case the User $user) is there any way to inject a model into middleware in the fashon? or will i have to resort to manually fetchingit in the middle wares logic?

08 Aug
9 months ago

megaman7 started a new conversation Validation Field Wildcard

I have a form which is modified significantly by javascript.

The form submits one or more fields which are a name with a id appended ie car_2 car_3 ect

The required validation is that at least one of these "car_" fields exists

Is there any way to have a field name?

would 'car_*' => 'required', work (i cant easily test it because the js wont allow the form to be submitted unless at least one car is selected)

07 Aug
9 months ago

megaman7 started a new conversation Problem Dispatching New Request When Using FormRequest

I use the following code to add scopes when a user triees to log in via OAUTH

It receives the users log in data (username and password). Adds the required scope by finding the users role in the DB And forwards the request it to the /oauth/token route.

Doing this successfully returns an access token with a role associated with it

public function setScope(Request $request) {

    // retirve the users role
    $user = new User();

    $user = $user->where('email','=',$request->username)->with('userType')->first();
    $role = $user->userType->name;
    log::info('the role is ' . $role);

    // grant scopes based on the role that we get previously
    if ($role == 'admin') {

        $request->request->add([
            'scope' => 'admin'
        ]);
    }

//More if($role == 'XXX') go routes here, removed from this post from brevity.



    // forward the request to the oauth token request endpoint
    $tokenRequest = Request::create(
        '/oauth/token',
        'post'
    );

// $tokenRequest->request->add($request->all());

    return Route::dispatch($tokenRequest);

}

The problem is that i want to replace the Reqeust object with a formRequest object so that i can have validation.

If i do this a working token is still generated but no scope is associated with it.

Literally the only different is replacing Request $request with SomeFormRequest $request in the controllers arguments.

Everything works as it should (including the validation) except the the scope does not get assigned.

i have tried it with and with the $tokenRequest->request->add($request->all()); line

I have use Log::info to check the values of the $tokenRequest object and it is recieving all of the required fields including 'scope' => 'desired scope'

Can anyone tell me what is going wrong?

megaman7 started a new conversation Return All Validation Errors

I am using FormRequest for validation.

currently it only returns one error for each field

ie

if the rule is

'email' => 'required|email'

and the input is blank it only returns a message saying email is required i want it to return both email is required and input must be a valid email

how to i make it do this

02 Aug
9 months ago

megaman7 started a new conversation Authentication

Is it possible to change which table/model the authentication system uses to find users

Note - i want to change the table which web based authentication uses to find users but i want passport to continue to use the users table

01 Aug
9 months ago

megaman7 left a reply on Database Wont Update

nope it does not - i will try that. thanks

megaman7 started a new conversation Database Wont Update

I am attempting to update a database row using the following code

" $timeOut = Timeout::where('user_id','=',$request->user()->id)->first(); $timeOut->last_activity = Carbon::now(); $timeOut->save(); "

and i keep getting the following error.

[2018-08-01 16:38:29] local.ERROR: SQLSTATE[42S22]: Column not found: 1054 Unknown column 'id' in 'where clause' (SQL: update timeouts set last_activity = 2018-08-01 16:38:29, updated_at = 2018-08-01 16:38:29 where id is null) {"userId":1,"email":"[email protected]","exception":"[object] (Illuminate\Database\QueryException(code: 42S22): SQLSTATE[42S22]: Column not found: 1054 Unknown column 'id' in 'where clause' (SQL: update timeouts set last_activity = 2018-08-01 16:38:29, updated_at = 2018-08-01 16:38:29 where id is null) at /mnt/c/code/neuroordering/neuroordering_secure/vendor/laravel/framework/src/Illuminate/Database/Connection.php:664, PDOException(code: 42S22): SQLSTATE[42S22]: Column not found: 1054 Unknown column 'id' in 'where clause' at /mnt/c/code/neuroordering/neuroordering_secure/vendor/laravel/framework/src/Illuminate/Database/Connection.php:479)

I have checked that $timeOut::where() is returning a model. I have checked that my user_id is correct i have checked that Carbon::now() is returning a valid datetime string

yet as soon as i call the save() function that error appears.

Why?

30 Jul
9 months ago

megaman7 left a reply on Hide Unauthenticated Routes

That is not what i asked for That would deny him access if he does not have access But it would not stop the link being rendered to begin with.

megaman7 started a new conversation Hide Unauthenticated Routes

I use passport scopes to authenticate routes.

This is done in my api.php routes in this mannor

Route::middleware(['auth:api','scope:admin,individual'])->group(function(){ //routes });

I use route() to generate the routes where possible.

Is there any way to automatically hide URLs which the user does not currently have access to if yes can this be extended to objects arround it withich may no longer be needed ie

if i hav the followign code

  1. come in
  2. logged in users only

I would want the entire second

  • tag to be removed for unauthenticated users can this be done?

  • 24 Jul
    10 months ago

    megaman7 left a reply on Blank Password

    I would suggest a different approach. Instead of having blank passwords, generate a strong random password and then trigger a password reset request for the user.

    I have decieded to do this

    my password starts with the words "unusable password" followed by a random Hash (that way even database admins wont know what the full password is and have added another column to indicate the a reset is required.

    Upon account creation the forgot password functions of laravel are used to send a token protected reset link

    megaman7 left a reply on Blank Password

    How do you validate if the first log in is from the intended user? - The presence of a null password would indicate this.

    What happens if a third party tries to log in as a user before they get a chance to set a password - When the account is created the reset password functionality (which generates a random token) is used and the user recieves an email with a reset password link.

    megaman7 started a new conversation Blank Password

    I am creating an application in which accounts have many users. the first user of an account sets their password when they make the account.

    additional users can only be created by the first user, this means that a password is NOT SET when these user accounts are created.

    (the user is prompted to create a password on first log in)

    Is there any way to store no password and have authentication always fail if the password is not set (ie the user cannot log in using a blank password)

    Note login in based on laravel passport. so i will need a passport compatible way of doing this or separate middle-ware

    23 Jul
    10 months ago

    megaman7 started a new conversation Why Use With()/load()

    With eloquent it is possible to do this

    $Model->related_model

    and you have access to the related models

    so why do you ever need to do this

    $Model->load('related_model'); $Model->with('related_model');

    20 Jul
    10 months ago

    megaman7 started a new conversation Prevent Validator Redirecting Back

    I am making an API The API is written in laravel. The consuming application is also laravel.

    The code flow is Client->consuming server->api server->consuming server->Client

    The validation happens on the api server end and the errors display on the client.

    This means that i cannot use Laravels default behaviour which redirects back to the last page with an error bag set if validation fails.

    what i need to do is return the validation error messages to the consuming server and from the consuming server redirect back with the error bag.

    To illustrate what i mean One part of my API server code (which is en exception to the rest) uses an inline validator like so

        $validator = Validator::make($request->all(), $this->rules());
    
        if ($validator->fails()) {
            $response['result'] = false;
            $response['message'] = $validator->messages();
            return  response()->json($response);
        }
    

    However i prefer the ValidationRequest object way of validating.

    Is there any way to prevent ValidationRequest objects from redirecting back when validation fails? if yes, is there any way to make it automatically return the errors as json as a response, or will i need to do that manuaally in my controller with code like that displayed ubove?

    18 Jul
    10 months ago

    megaman7 started a new conversation Passing Variables To JS

    If JS is written inline a variable from the server can be passed to the JS like this

    var myVar = {{$data}}

    Easy

    Is there any way to pass server side variables to JS which is compiled using npm run dev? (other than printing the variable into the page on which it is needed and referencing it from the JS which is compiled)

    I need this so that i can use the output of route('some_route') in a javascript

    13 Jul
    10 months ago

    megaman7 left a reply on Csrf Problem

    yes, that is exactly what i was attempting to say. my cloned form IS in a different project.

    If all i was doing was making my own cloned form in the same project all i would need is to put the @csfr directive in the form.

    In any case i have it working now

    12 Jul
    10 months ago

    megaman7 left a reply on Csrf Problem

    Im not sure that would work the cloned form is in a different project.

    The blade file with the @csrf and session which stores the token are in different projects

    11 Jul
    10 months ago

    megaman7 started a new conversation Csrf Problem

    I want users to be able to request password reset emails via an API.

    The way I am doing this is I have cloned the password reset request form in a completely different project and the back end of that project makes a HTTP call to the password.request route in the project for which a password reset email is required.

    The problem is csrf

    Is there any way to pass a CSRF token (which would appear on the primary projects native password reset form) to the cloned form in the second project so that it can be submitted with the form?

    megaman7 started a new conversation Password Expiry Functionality

    I need to add password expiry functionality to my project I could not find any packages or native laravel behaviour to do this so feel free to correct me if i have missed something.

    what i did find is this guide to custom writing the functionality https://www.5balloons.info/password-expired-laravel-authentication/

    The problem is that this guide talks about how you implement it for standard log ins My application exclusively uses laravel passport for authentication and all interactions users have are based on JSON API requests

    The guide talks about creating a new table to store password expiry data I see no reason why this would not apply to my situation.

    It then described how to modify the authenticated() method of AuthenticatesUsers in order to check that the password is still current.

    It does not tell me how to do something equivilant with passports authentication routes.

    Am i correct to believe that adding a new table to store password expiry data is still the correct way forward?

    and

    How can i modify passport so that it checks that the password is still current when a user logs in (or more accurately requests a token)?

    Finally the resetting password documentation has a section which talks about password brokers https://laravel.com/docs/5.6/passwords#password-customization

    Is this in any way helpful for me?

    05 Jul
    10 months ago

    megaman7 started a new conversation Enable/disable User

    I have a project where there are many users and many accounts.

    Each user is associated with one account. Each account can have many users.

    Both accounts are users can be disabled. Disabled status is represented by a bool column in the users and accounts tables

    I use passport to authenticate users using a token and scopes are used to limit users access to certain parts of the site.

    Is there any way I can configure it so that authorisation is NOT granted if ether the user account or the associated account has been disabled?

    03 Jul
    10 months ago

    megaman7 left a reply on Best Service Injection Syntax

    The use of "Mail" was an example choosen simply because most people (devs and it laymen alike) can understand the differences and similarities between email, sms, instant messaging ect

    It would have been just as relevant if i said AccessFileSystem, Accesss3, AccessNetworkDrive, AccessFileSytem could be further split into AccessHDD, AccessMemoryCard ect AccessNetworkDrive could be further split into AccessDropBox, AccessSMB (smb isthe protocol windows uses for network drive shares) ect

    megaman7 left a reply on Best Service Injection Syntax

    Why would i faff about having a case statement

    To do this i would have to predict all possible future format*** methods and any class which uses the interface would have to have all of those methods, ie Mail would have to have formatMail and formatSms

    That would defeat the point of having a interface

    megaman7 started a new conversation Best Service Injection Syntax

    I cant decide between

    public someFunction(Mail $mail){ $mail->send(); }

    and

    public someFunction(){ Mail::send(); }

    I have alternated between both quite a lot in one project (i dont like inconstancy of coding style within the same project)

    Which is better

    Which one would make swapping mail for some similar but noticeably different class, say SMS or InstantMessage or VoiceMessage in the future

    And how can i guarantee that such a future swap could be done without changing the dependant code without the use of an interface?

    megaman7 left a reply on DB::table Vs Model

    Thanks I use models because thats what i started with

    I would have through that anything you want to do to the data such as normalizing inputs, scopes, mutators even more. could be done once a collection has been retrieved.

    as long as what you do is not something which a model would do in a SQL query there can be no performance penalty in doing it at this level.

    models let you use functions like hasOne, hasMany, BelongsTo, BelongsToMany and HasManyThrough instead of joins which mean you never need to write the same "joining" code twice just because it is used in multiple queries. On the other hand this has some limitations which i can encountered. For example when using HasManyThrough columns in the pivot table cant be accessed and if the related table is more than 2 tables way (ie customer > purchaces > reviews > likes) it its going to be difficult.

    megaman7 started a new conversation DB::table Vs Model

    Are there any advantages to using the DB::table syntax over the Model syntax ie

    is DB::table->where('status','active')->first(); better in any way than Model::where('status','active')->first();

    If it is why bother with models at all?