Before we review the new additions to Laravel 5.6, let's begin by upgrading a real codebase from version 5.5 to 5.6. As you'll find with your own projects, some of the release notes will be relevant to your codebase, while others will not.
Laravel, for a while now, has included functionality for broadcasting server-side events over a WebSocket connection to the client-side. Often, as part of this process, it will prove necessary to authorize the current user. "Do they have permission to access this private channel or not?" Authorizations such as these are registered within your
If this file eventually becomes unwieldy, due to the number of authorizations, you may optionally extract the relevant logic to dedicated channel classes, using
php artisan make:channel.
Laravel 5.6 ships with drastically improved error reporting, when interacting with the framework through the console. In this lesson, we'll compare and contrast the exception output you'll see for an Artisan command in versions 5.5 and 5.6.
When casting Eloquent attributes, you can now easily declare the format for your date columns. Maybe a particular date field, when converted to JSON, should be rendered as "January 1st" or "1/1/18". No problem.
Logging has been vastly improved in Laravel 5.6. You'll find a new
config/logging.php file in a fresh install of Laravel. Here, you may configure your desired default logging channel, or even specify a stack of channels. Maybe basic informational logs should be sent to the standard
laravel.log file, while mission critical logs should be sent to Slack. Easy!
For a while now, Laravel has offered the ability to throttle incoming requests. However, as part of Laravel 5.6, you can now dynamically configure the number of allowed attempts.
Laravel now includes the useful
logoutOtherDevices method on the
SessionGuard class (
auth()->logoutOtherDevices()). This means, with ease, you can invalidate all other sessions for a user's account. One use-case for this is ensuring that multiple people cannot log in and access the same account simultaneously. For a second example, maybe a user accidentally signed into their account on a library computer, but forgot to logout. No problem; you can offer the functionality to click a button and instantly invalidate that library session.
make:controller Artisan command has been upgraded to support API action generation, via the new
--api flag. This is effectively identical to
--resource, however, the
edit actions are naturally excluded.