Laravel: Up & Running: A Framework for Building Modern PHP Apps, 3rd Edition

Preface
What This Book Is About
Who This Book Is For
How This Book Is Structured
About the Third Edition
Conventions Used in This Book
O’Reilly Online Learning
How to Contact Us
Acknowledgements
1. Why Laravel?
Why Use a Framework?
“I’ll Just Build It Myself”
Consistency and Flexibility
A Short History of Web and PHP Frameworks
Ruby on Rails
The Influx of PHP Frameworks
The Good and the Bad of CodeIgniter
Laravel 1, 2, and 3
Laravel 4
Laravel 5
Laravel 6
Laravel Versions in the New SemVer World (6+)
What’s So Special About Laravel?
The Philosophy of Laravel
How Laravel Achieves Developer Happiness
The Laravel Community
How It Works
Why Laravel?
2. Setting Up a Laravel Development Environment
System Requirements
Composer
Local Development Environments
Artisan Serve
Laravel Sail
Laravel Valet
Laravel Herd
Laravel Homestead
Creating a New Laravel Project
Installing Laravel with the Laravel Installer Tool
Installing Laravel with Composer’s create-project Feature
Installing Laravel with Sail
Laravel’s Directory Structure
The Folders
The Loose Files
Configuration
The .env File
Up and Running
Testing
TL;DR
3. Routing and Controllers
A Quick Introduction to MVC, the HTTP Verbs, and REST
What Is MVC?
The HTTP Verbs
What Is REST?
Route Definitions
Route Verbs
Route Handling
Route Parameters
Route Names
Route Groups
Middleware
Path Prefixes
Subdomain Routing
Name Prefixes
Route Group Controllers
Fallback Routes
Signed Routes
Signing a Route
Modifying Routes to Allow Signed Links
Views
Returning Simple Routes Directly with Route::view()
Using View Composers to Share Variables with Every View
Controllers
Getting User Input
Injecting Dependencies into Controllers
Resource Controllers
The methods of Laravel’s resource controllers
Binding a resource controller
API Resource Controllers
Single Action Controllers
Route Model Binding
Implicit Route Model Binding
Custom Route Model Binding
Route Caching
Form Method Spoofing
HTTP Verbs in Laravel
HTTP Method Spoofing in HTML Forms
CSRF Protection
Redirects
redirect()->to()
redirect()->route()
redirect()->back()
Other Redirect Methods
redirect()->with()
Aborting the Request
Custom Responses
response()->make()
response()->json() and ->jsonp()
response()->download(), ->streamDownload(), and ->file()
Testing
TL;DR
4. Blade Templating
Echoing Data
Control Structures
Conditionals
@if
@unless and @endunless
Loops
@for, @foreach, and @while
@forelse and @endforelse
Template Inheritance
Defining Sections with @section/@show and @yield
@extends
@section and @endsection
@parent
Including View Partials
@include
@each
Using Components
Creating components
Passing data into components
Passing data into components via attributes
Passing data into components via slots
Component methods
Attributes grab bag
Using Stacks
View Composers and Service Injection
Binding Data to Views Using View Composers
Sharing a variable globally
View-scoped view composers with closures
View-scoped view composers with classes
Blade Service Injection
Custom Blade Directives
Parameters in Custom Blade Directives
Example: Using Custom Blade Directives for a Multitenant App
Easier Custom Directives for “if” Statements
Testing
TL;DR
5. Databases and Eloquent
Configuration
Database Connections
URL Configurations
Other Database Configuration Options
Migrations
Defining Migrations
Creating a migration
Creating tables
Creating columns
Building extra properties fluently
Dropping tables
Modifying columns
Squashing migrations
Indexes and foreign keys
Adding indexes
Removing indexes
Adding and removing foreign keys
Running Migrations
Inspecting Your Database
Seeding
Creating a Seeder
Model Factories
Creating a model factory
Using a model factory
Overriding properties when calling a model factory
Generating more than one instance with a model factory
Pro-level model factories
Attaching relationships when defining model factories
Attaching related items when generating model factory instances
Defining and accessing multiple model factory states
Using the same model as the relationship in complex factory Setups
Query Builder
Basic Usage of the DB Facade
Raw SQL
Raw selects
Parameter bindings and named bindings
Raw inserts
Raw updates
Raw deletes
Chaining with the Query Builder
Constraining methods
Modifying methods
Conditional methods
Ending/returning methods
Writing raw queries inside query builder methods with DB::raw
Joins
Unions
Inserts
Updates
Deletes
JSON operations
Transactions
Introduction to Eloquent
Creating and Defining Eloquent Models
Table name
Primary key
Timestamps
Retrieving Data with Eloquent
Get one
Get many
Chunking responses with chunk()
Aggregates
Inserts and Updates with Eloquent
Inserts
Updates
Mass assignment
firstOrCreate() and firstOrNew()
Deleting with Eloquent
Normal deletes
Soft deletes
Enabling soft deletes
Querying with soft deletes
Restoring soft-deleted entities
Force-deleting soft-deleted entities
Scopes
Local scopes
Global scopes
Removing global scopes
Customizing Field Interactions with Accessors, Mutators, and Attribute Casting
Accessors
Mutators
Attribute casting
Custom attribute casting
Eloquent Collections
Introducing the base collection
Lazy collections
What eloquent collections add
Eloquent Serialization
Returning models directly from route methods
Hiding attributes from JSON
Eloquent Relationships
One to one
One to many
Using relationships as query builders
Selecting only records that have a related item
Has one of many
Has many through
Has one through
Many to many
Getting data from the pivot table
Polymorphic
Many-to-many polymorphic
Child records updating parent record timestamps
Eager Loading
Constraining eager loads
Lazy eager loading
Preventing lazy loading
Eager loading only the count
Eloquent Events
Testing
TL;DR
6. Frontend Components
Laravel Starter Kits
Laravel Breeze
Installing Breeze
What comes with Breeze
Laravel Jetstream
Installing Jetstream
What comes with Jetstream
Customizing your jetstream install
Further Jetstream features
Laravel’s Vite Configuration
Bundling Files with Vite
The Vite Dev Server
Working with Static Assets and Vite
Working with JavaScript Frameworks and Vite
Vite and Vue
Vite and React
Vite and Inertia
Vite and SPAs
Using Environment Variables in Vite
Pagination
Paginating Database Results
Manually Creating Paginators
Message Bags
String Helpers, Pluralization, and Localization
The String Helpers and Pluralization
Localization
Basic localization
Parameters in localization
Pluralization in localization
Storing the default string as the key with JSON
Testing
Testing Message and Error Bags
Translation and Localization
Disabling Vite in Testing
TL;DR
7. Collecting and Handling User Data
Injecting a Request Object
$request->all()
$request->except() and ->only()
$request->has() and ->missing()
$request->whenHas()
$request->filled()
$request->whenFilled()
$request->mergeIfMissing()
$request->input()
$request->method() and ->isMethod()
$request->integer(), ->float(), ->string(), and ->enum()
$request->dump() and ->dd()
Array Input
JSON Input (and $request->json())
Route Data
From Request
From Route Parameters
Uploaded Files
Validation
validate() on the Request Object
More on Laravel’s Validation Rules
Manual Validation
Using Validated Data
Custom Rule Objects
Displaying Validation Error Messages
Form Requests
Creating a Form Request
Using a Form Request
Eloquent Model Mass Assignment
{{ Versus {!!
Testing
TL;DR
8. Artisan and Tinker
An Introduction to Artisan
Basic Artisan Commands
Options
The Grouped Commands
Writing Custom Artisan Commands
A Sample Command
Arguments and Options
Arguments—required, optional, and/or with defaults
Options—required values, value defaults, and shortcuts
Array arguments and array options
Input descriptions
Using Input
argument() and arguments()
option() and options()
Prompts
Output
Table output
Progress bars
Writing Closure-Based Commands
Calling Artisan Commands in Normal Code
Tinker
Laravel Dump Server
Customizing Generator Stubs
Testing
TL;DR
9. User Authentication and Authorization
The User Model and Migration
Using the auth() Global Helper and the Auth Facade
routes/auth.php, Auth Controllers, and Auth Actions
Breeze and Jetstream’s Frontend Templates
“Remember Me”
Password Confirmation
Manually Authenticating Users
Manually Logging Out a User
Invalidating Sessions on Other Devices
Auth Middleware
Email Verification
Blade Authentication Directives
Guards
Changing the Default Guard
Using Other Guards Without Changing the Default
Adding a New Guard
Closure Request Guards
Creating a Custom User Provider
Custom User Providers for Nonrelational Databases
Auth Events
Authorization and Roles
Defining Authorization Rules
The Gate Facade (and Injecting Gate)
Resource Gates
The Authorize Middleware
Controller Authorization
Checking the User Instance
Blade Checks
Intercepting Checks
Policies
Generating policies
Checking policies
Overriding policies
Testing
TL;DR
10. Requests, Responses, and Middleware
Laravel’s Request Lifecycle
Bootstrapping the Application
Service Providers
The Request Object
Getting a Request Object in Laravel
Getting Basic Information About a Request
Basic user input
User and request state
Files
Persistence
The Response Object
Using and Creating Response Objects in Controllers
Setting headers
Adding cookies
Specialized Response Types
View responses
Download responses
File responses
JSON responses
Redirect responses
Custom response macros
The responsable interface
Laravel and Middleware
An Introduction to Middleware
Creating Custom Middleware
Understanding middleware’s handle() method
Binding Middleware
Binding global middleware
Binding route middleware
Using middleware groups
Passing Parameters to Middleware
Default Middleware
Maintenance Mode
Rate Limiting
Trusted Proxies
CORS
Testing
TL;DR
11. The Container
A Quick Introduction to Dependency Injection
Dependency Injection and Laravel
The app() Global Helper
How the Container Is Wired
Binding Classes to the Container
Binding to a Closure
Binding to Singletons, Aliases, and Instances
Binding a Concrete Instance to an Interface
Contextual Binding
Constructor Injection in Laravel Framework Files
Method Injection
Facades and the Container
How Facades Work
Real-Time Facades
Service Providers
Testing
TL;DR
12. Testing
Testing Basics
Naming Tests
The Testing Environment
The Testing Traits
RefreshDatabase
DatabaseMigrations
DatabaseTransactions
WithoutMiddleware
Simple Unit Tests
Application Testing: How It Works
HTTP Tests
Testing Basic Pages with $this->get() and Other HTTP Calls
Testing JSON APIs with $this->getJson() and Other JSON HTTP Calls
Assertions Against $response
Authenticating Responses
A Few Other Customizations to Your HTTP Tests
Handling Exceptions in Application Tests
Debugging Responses
Database Tests
Asserting Against the Database
Asserting Against Eloquent Models
Using Model Factories in Tests
Seeding in Tests
Testing Other Laravel Systems
Event Fakes
Bus and Queue Fakes
Mail Fakes
Notification Fakes
Storage Fakes
Working with Time in Tests
Mocking
A Quick Introduction to Mocking
A Quick Introduction to Mockery
Faking Other Facades
Testing Artisan Commands
Parallel Testing
Browser Tests
Choosing a Tool
Testing with Dusk
Installing Dusk
Writing Dusk tests
Authentication and databases
Interactions with the page
Waiting
Other Assertions
Other organizational structures
Pages
Components
Pest
TL;DR
13. Writing APIs
The Basics of REST-Like JSON APIs
Controller Organization and JSON Returns
Reading and Sending Headers
Sending Response Headers in Laravel
Reading Request Headers in Laravel
Eloquent Pagination
Sorting and Filtering
Sorting Your API Results
Filtering Your API Results
Transforming Results
API Resources
Creating a Resource Class
Resource Collections
Nesting Relationships
Using Pagination with API Resources
Conditionally Applying Attributes
More Customizations for API Resources
API Authentication
API Authentication with Sanctum
Installing Sanctum
Issuing Sanctum tokens manually
Sanctum token abilities
SPA authentication
Laravel app preparation
SPA app preparation
Mobile app authentication
Further configuration and debugging
API Authentication with Laravel Passport
A brief introduction to OAuth 2.0
Installing Passport
Passport’s API
Passport’s available grant types
Password grant
Authorization code grant
Personal access tokens
Tokens from Laravel session authentication (synchronizer tokens)
Passport scopes
Deploying Passport
Customizing 404 Responses
Triggering the Fallback Route
Testing
Testing Passport
TL;DR
14. Storage and Retrieval
Local and Cloud File Managers
Configuring File Access
Using the Storage Facade
Adding Additional Flysystem Providers
Basic File Uploads and Manipulation
Simple File Downloads
Sessions
Accessing the Session
Methods Available on Session Instances
Flash Session Storage
Cache
Accessing the Cache
Methods Available on Cache Instances
Cookies
Cookies in Laravel
Accessing the Cookie Tools
The cookie facade
The cookie() global helper
Cookies on Request and Response objects
Reading cookies from Request objects
Setting cookies on Response objects
Logging
When and Why to Use Logs
Writing to the Logs
Log Channels
The single channel
The daily channel
The Slack channel
The stack channel
Writing to specific log channels
Full-Text Search with Laravel Scout
Installing Scout
Marking Your Model for Indexing
Searching Your Index
Queues and Scout
Performing Operations Without Indexing
Conditionally Indexing Models
Manually Triggering Indexing via Code
Manually Triggering Indexing via the CLI
The HTTP Client
Using the HTTP Facade
Handling Errors and Timeouts and Checking Statuses
Testing
File Storage
Uploading fake files
Returning fake files
Session
Cache
Cookies
Log
Scout
HTTP Client
TL;DR
15. Mail and Notifications
Mail
Basic “Mailable” Mail Usage
Mail Templates
Methods Available in envelope()
Attaching Files and Inlining Images
Attachable mail objects
Inlining images
Markdown Mailables
Rendering Mailables to the Browser
Queues
Local Development
The log driver
Fake inboxes
Mailtrap
Mailpit
Notifications
Defining the via() Method for Your Notifiables
Sending Notifications
Sending notifications using the notification facade
Sending notifications using the notifiable trait
Queueing Notifications
Out-of-the-Box Notification Types
Email notifications
Database notifications
Broadcast notifications
SMS notifications
Slack notifications
Other notifications
Testing
Mail
Asserting against the mail
Asserting whether the mail was sent
Notifications
TL;DR
16. Queues, Jobs, Events, Broadcasting, and the Scheduler
Queues
Why Queues?
Basic Queue Configuration
Queued Jobs
Creating a job
Pushing a job onto a queue
Customizing the connection
Customizing the queue
Customizing the delay
Job chaining
Job batching
Dispatching batchable jobs
Adding jobs to batches from a job
Cancelling a batch
Batch failures
Cleaning up the batches table
Running a Queue Worker
Handling Errors
Exceptions in handling
Limiting the number of tries
Job-based retry delay
Job middleware
Rate limiting middleware for jobs
Handling failed jobs
Controlling the Queue
Queues Supporting Other Functions
Laravel Horizon
Events
Firing an Event
Listening for an Event
Automatic event discovery
Event subscribers
Broadcasting Events Over WebSockets, and Laravel Echo
Configuration and Setup
Broadcasting an Event
Receiving the Message
Advanced Broadcasting Tools
Excluding the current user from broadcast events
The broadcast service provider
Binding authorization definitions for WebSocket channels
Laravel Echo (the JavaScript Side)
Bringing Echo into your project
Using Echo for basic event broadcasting
Private channels and basic authentication
Presence channels
Excluding the current user
Subscribing to notifications with Echo
Client events
Scheduler
Available Task Types
Available Time Frames
Defining Time Zones for Scheduled Commands
Blocking and Overlap
Handling Task Output
Task Hooks
Running the Scheduler in Local Development
Testing
TL;DR
17. Helpers and Collections
Helpers
Arrays
Strings
Application Paths
URLs
Miscellaneous
Collections
The Basics
A Few Collection Operations
TL;DR
18. The Laravel Ecosystem
Tools Covered in This Book
Valet
Homestead
Herd
The Laravel Installer
Dusk
Passport
Sail
Sanctum
Fortify
Breeze
Jetstream
Horizon
Echo
Tools Not Covered in This Book
Forge
Vapor
Envoyer
Cashier
Socialite
Nova
Spark
Envoy
Telescope
Octane
Pennant
Folio
Volt
Pint
Other Resources
Glossary
Index