General understanding of authentication (middleware/controller)

Hi,

you don't need to "protect" the files in your app, since the web server will only send the requests to the index.php in the public folder. Actually only files in that folder will be somehow accessible to the end-user. All this means that the routing is done via the application and not your web-server. That's where the web.php file comes in to play. There you register the routes you want, e.g.:

// in web.php
Route::get('/products', 'ProductsController@index');

The above example tells your application to call the index method on the ProductsController when a GET request to the uri /products is detected. In fact the application keeps a long list of all the routes you register and checks if the current user request matches any of them. If yes it just does whatever you told it to. Now to use the middleware you can do this:

// in web.php
Route::get('/products', 'ProductsController@index')->middleware('auth');

Now the application will see that the user wants a page you have registered. But it will also pass the request through a series of middleware classes which will examine the request and either approve or deny it. In this example the auth middleware will check if the user is authenticated and take appropriate action. Just to make it even clearer here's an example chain of what's happening:

GET 'https://site.com/products' -> web-server -> app/public/index.php -> Router (class) -> '/products' GET Route -> Auth Middleware -> ProductsController -> index method -> your code -> return response.

I hope this helps.

Hi Borisu, thank you for your quick reply. Does that mean the only location where Routes are being added/edited is in within the web.php though there might be a middleware involved while handling the route? What's it with the Route action (in your example "ProductsController@index") ? Obviously it's essential for routing (otherwise Route for []has no Action"). I can't find any about the correct syntax or possible variables/methods. As far is I know it is @ but what is actually doing? Index is more or less self-explaining. Do I define them by myself or are they predefind?

Hello, @surreal

The @'s in for example ProductsController@index refers to which method in the given controll will be returned.

Route::get('/products', 'ProductsController@index'); Will return whatever the index method inside the ProductsController returns when the end user accesses the /products url.

And to get your toes wet when it comes to routing and simple communication with controllers, I highly recommend the "Basic Routing and Views" lection from Laravel From Scratch:

https://laracasts.com/series/laravel-from-scratch-2017/episodes/2

One of the many amazing things you can use the command line based tool Artisan for, is to generate controllers that have predefined methods for REST functionality. If you make a lot of those kind of controllers, Artisan will save you lots of time when developing.

Hi pascual, obviously I've I missed some important information mentioned in Episode 8 (https://laracasts.com/series/laravel-from-scratch-2017/episodes/8) about the correct usage of controllers and methods in Routes. I didn't create a function (e.g. in HomeController.php) which returned my desired view. Finally I also understand the sense of naming Routes (href="{{route('dashboard')}}"). It finally sunk in. Guess i'll start building my own Controller for my backend. Thank you very much @pascual and @Borisu for being patient with me! Best regards SuRReal