Presumably, if you're watching this series, you've already made the decision to embrace all that Laravel has to offer. However, if you're still on the fence, give me just a moment to sell you on why I believe Laravel is the best framework choice in the PHP world.
Like any modern PHP framework, you'll need to install a few prerequisites to prepare for Laravel. Don't worry: this is a one-time job. Stick with me, and we'll get through it quickly. We'll first install Composer, make it available system-wide, and then pull in the Laravel installer. This small tool will allow us to run a simple command (
laravel new app) to instantly generate a fresh Laravel project.
When learning a new framework, one of your first tasks is to determine how routing is handled. Or in other words, when I visit a particular URL in the browser, how does my framework route that URL to the necessary logic? Let's review the basics in this episode.
When constructing your views, you're not limited to basic PHP. Instead, you can use Blade: Laravel's powerful templating engine. We'll talk about Blade more in the future, but for now, let's leverage it to create a layout file to reduce duplication and complexity.
You'll often need to pass data to your views. Perhaps it's a collection from the database, or maybe a flash message to confirm a particular user action. Let's review how easy this is to do.
So far, we've handled all route logic through a closure in our
routes/web.php file. This is an excellent choice in some cases; however, I think you'll find that the majority of your projects will require a bit more structure. Let's learn how to migrate from route closures to dedicated controllers.
Let's move on to the fun part: connecting to our database. This lesson will introduce a number of new concepts, so pay close attention. We'll first review environment files. This is where we can store important keys, passwords, and configuration settings. Next, we'll discuss Laravel migrations: what they are, and why you should use them.
Now that we understand how to create a new database table using a migration class, let's now query that data with Eloquent. As part of this, we'll do a quick recap of basic namespacing and MVC workflow.
If you don't mind, let's take ten minutes to quickly review the directory structure that you'll encounter with each new Laravel install. While some of these concepts are currently a bit above our pay grade, it's important that we at least have a basic understanding of what each directory is responsible for.
In this lesson, we'll review a basic workflow for submitting form data to our server. In the process, however, we'll be forced to address a new concept: CSRF (Cross-Site Request Forgery). CSRF refers to an attack that secretly forces a user to unwittingly execute an action on a web application in which they're currently authenticated.
You'll find that many Laravel applications follow a common convention when it comes to routing. In this lesson, we'll review resourceful routing, extended controller generation, and recommendations for how to organize your controllers.
Browsers don't yet understand
DELETE request types for your forms. To get around this limitation, we'll use a bit of trickery to instruct Laravel which HTTP verb to assume.
Let's review the homework solution from the previous lesson. To delete an existing project, we'll need to create a second form that sends a
DELETE request to the necessary endpoint.
It's important that you set aside time to review and improve the code you've written. With that in mind, let's return to our
ProjectsController class and review how we might improve and simplify the code. In doing so, this will give us the chance to discuss route model binding and mass assignment vulnerabilities.
When it comes to user-provided data, always take an approach of "guilty until proven innocent." With that in mind, we'll add two layers of validation: client-side and server-side. This will give us maximum assurance that we're receiving the correctly formatted input. Anything else will be rejected entirely.
View the relevant source code for this episode on GitHub.
Eloquent ships with a handful of relationship methods to make the process of performing complex SQL queries as simple as calling a method. Let's extend the feature-set of our website to allow for custom per-project tasks. This will give us the opportunity to review two relationships:
It's important to set aside an appropriate amount of time to consider your form endpoints. In this lesson, we'll review two common conventions you'll encounter in the wild.
To add new tasks to our project page, we'll need to construct another form. This will give us the chance to once again discuss URI naming conventions, as well as basic encapsulation techniques.
Let's talk about encapsulation a bit more. "Encapsulation" refers to the act of hiding values and state inside of a class. So with that in mind, let's review our controller and review in which areas we might improve encapsulation and flexibility.
Extra Credit! When in doubt, create a new controller and return to REST. This is a technique that I've reached for countless times over the years. Let's discuss what I mean by this, and what it might look like in our current demo.
It's important that we take time to review the core concepts behind the Laravel framework. First up is two scary, but vitally important terms: service container and auto-resolution. Together, these two create the perfect one-two punch for your dependency resolving needs.
Now that you have a better understanding of Laravel's service container, we can move on to our second core concept: service providers. These classes are responsible for registering and bootstrapping a component with the Laravel framework.
Our next core concept focuses on configuration. Luckily, Laravel makes environment-specific settings (development, testing, production, etc.) a breeze to setup and reference.
Laravel includes a robust registration and authentication system out of the box. Run a single Artisan command, and, bam, you're ready to go!
Our next core concept is middleware. Think of middleware like layers of an onion. As a request enters your application, it travels through these layers, one by one. Each layer (or middleware) has the opportunity to perform some kind of operation. It can cache a piece of data, it can redirect the user, or it can even adjust the response.
Now that you understand authentication and middleware, we can apply this new learning to our "projects" demo. At the moment, you can view and modify any project in the database. In real life, of course, your access should be limited to only the projects that you own. Let's begin fixing that in this episode.
Laravel includes a powerful Gate component for authorizing your users. Wouldn't it be nice if your authorization logic read like a readable sentence? Well, we can do that very easily!
Before we move on to eventing, let's take another quick stroll through our main
ProjectsController to review readability. Are there any places where we can make the code more clear?
We spoke briefly about sending email with Laravel in a previous episode, but let's dedicate this full lesson to the topic. In addition to the basic workflow for generating Laravel mailables, we'll also discuss two methods for reviewing these emails: Telescope and Mailtrap.io.
Over the next few lessons, we'll review various approaches for organizing your code. Consider the "send an email when a project is created" portion of the code. We could trigger this logic in multiple ways: through the controller, as an Eloquent model hook, as a custom event, etc. Let's begin reviewing these approaches while discussing the pros and cons of each.
Let's now review the third choice for refactoring our code: custom events. As you'll see, this particular refactor does come with small complexity cost up front; however, particularly when dealing with actions that include multiple side effects, this can be a useful technique for your toolbelt.
You already know how to send basic emails. Next, let's move on to Laravel notifications. Using Laracasts as an example, imagine that we must notify a user when their subscription renewal charge has failed to process. While, yes, we can send them an email, what if we also want to notify them through a text message or their dashboard in the web app? Sure, no problem. This is all quite easy with Laravel.
Let's take a break from PHP, and switch over to our recommended front-end workflow within a Laravel app. We'll do a crash-course on webpack, Laravel Mix, compiling CSS, and debugging your Vue components.
We should take some time to review Laravel collections. You'll receive and reach for these constantly as you construct your app. Not only will Eloquent queries return collection instances, but you can also create your own custom collections with ease. Let's review the 80% essentials in this episode.
Because the web is stateless, we can use sessions as a mechanism for recording important user information from page to page. In this lesson, we'll review the basic sessions API and flash messaging. Finally, for extra credit, we'll review how to make Composer autoload a
helpers.php file that contains useful helper functions for our application.
Let's finish up this series with a crash-course in testing Laravel applications with TDD. Using the example of "teams," we'll review two different forms of testing: feature and unit.
All good things must come to an end, including "Laravel From Scratch." Though we've covered a massive amount of material in this series, naturally, there's a great deal more to review. That's why your next step should be Build a Laravel App With TDD. In this series, we'll take the skills you've learned, and put them to good use constructing a real-world application from scratch.