Using built-in libraries and tools e.g., form validation, authentication
Laravel, the popular PHP framework, provides developers with a collection of built-in libraries and tools that help implement common webpage tasks like online HTML form validation and authentication. Let’s explore how to apply these tools to a Laravel application using the Laravel PHP framework.
Form Validation in the Laravel PHP Framework.
The form validation feature of the Laravel PHP framework is simple yet powerful. It allows you to validate form data before it is stored in the webpage database. Users can validate incoming request data directly in controllers or by using form request validation.
Basic Validation Controllers in the Laravel PHP Framework.
The Laravel PHP framework allows you to validate incoming form data within the UserController method using the validate() form method.
Example of controller basic validation in the Laravel PHP framework.
// app/Http/Controllers/UserController.php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class UserController extends Controller
{
public function store(Request $request)
{
// Here we validate the incoming form data request
$validated = $request->validate([
’emp_name’ => ‘required|string|max:255’,
’email’ => ‘required|email|unique:users,email’,
‘password’ => ‘required|string|min:12|confirmed’,
]);
// If validation passes properly, the form code continues to this point.
Proceed with storing the user form data in the database.
Example: User::create([…]);
return redirect()->back()->with(‘message’, ‘User database record created successfully’);
}
}
In this program, the validate() method inputs an array of validation rules. The Laravel framework provides multiple rules, such as required user, email, maximum password character, unique, etc.
If form validation fails here, the Laravel framework automatically returns the user to the previous page or a user-defined location, where the form validation error message is stored in the session.
Customizing error messages in the Laravel framework.
In the Laravel framework, you can manually customize the error message by providing a second argument to the validate() form method.
$request->validate([
’email’ => ‘required|email’,
‘password’ => ‘required|min:12’,
], [
’email.required’ => ‘You can enter your email address.’,
‘password.min’ => ‘Enter password must be at least 12 characters long.’,
]);
HTML Form Request Validation.
For very complex form validation on a webpage, users can create a FormRequest class, which is a custom, user-defined request that combines form validation arguments or logic within a webpage.
Creating a form request in Laravel.
php artisan make:request StoreUserRequest
This code generates a Form Request class in the app/Http/Requests/StoreUserRequest.php file. In this class, you can manually define validation rules as needed.
// app/Http/Requests/StoreUserRequest.php
namespace App\Http\Requests;
use Illuminate\Foundation\Http\FormRequest;
class StoreUserRequest extends FormRequest
{
public function authorize()
{
return true; // Here it is or implement authorization logic in the form
}
public function rules()
{
return [
’emp_name’ => ‘required|string|max:255’,
’email’ => ‘required|email|unique:users,email’,
‘password’ => ‘required|string|min:12|confirmed’,
];
}
}
Here you can use this Request class in your form controller method.
// app/Http/Controllers/UserController.php
namespace App\Http\Controllers;
use App\Http\Requests\StoreUserRequest;
class UserController extends Controller
{
public function store(StoreUserRequest $request)
{
/ Here the validation process is already done, now it proceeds to handle the form data
/ Example: User::create([…]);
return redirect()->back()->with(‘message’, ‘User form created successfully’);
}
}
Here the user form validation logic is separated from the form request validation in a clear order, which helps keep the form validation source code readable and easy to maintain.
Laravel Forms Authentication Features.
The Laravel PHP framework provides its users with a strong authentication system, including user login, registration, password reset, and many other features. A typical user can easily set up an authentication system in their app manually using Laravel Breeze, Laravel Jetstream, or Laravel UI components. So, let’s explore the authentication method using Laravel Breeze, one of the most easily and useful authentication packages.
Setting up authentication with Laravel Breeze.
Install Breeze in the Laravel framework.
To manually install Laravel Breeze using Composer, run the following command.
composer require laravel/breeze –dev
Install the Laravel Breeze scaffolding.
After installing it, run the following command to publish Laravel Breeze’s authentication scaffolding (views, routes, controllers, etc.).
php artisan breeze:install
Install frontend dependencies to the system.
Laravel Breeze also includes frontend scaffolding features, which require npm dependencies. Install these and compile the assets.
npm install
npm run dev
Migrate the database to the system.
Laravel Breeze requires manual table addition for users, so run a migration to create the necessary tables like user, password_reset, etc.
php artisan migrate
Laravel Breeze authentication routes.
Laravel Breeze automatically generates the routes required for authentication, including user login, registration, password reset, and email validation. You can define and view these routes in the routes/web.php file.
Route::middleware(‘guest’)->group(function () {
Route::get(‘/login’, [AuthenticatedSessionController::class, ‘create’])
->emp_name(‘login’);
Route::post(‘/login’, [AuthenticatedSessionController::class, ‘store’]);
Route::get(‘/register’, [RegisteredUserController::class, ‘create’])
->emp_name(‘register’);
Route::post(‘/register’, [RegisteredUserController::class, ‘store’]);
});
Route::middleware(‘auth’)->group(function () {
Route::get(‘/dashboard’, function () {
return view(‘dashboard’);
})->emp_name(‘dashboard’);
Route::post(‘/logout’, [AuthenticatedSessionController::class, ‘destroy’])
->emp_name(‘logout’);
});
Here, /login and /register are automatically managed and controlled in order by the AuthenticatedSessionController and RegisteredUserController.
Using Authentication in Controllers.
You can use the built-in forms authentication capability. For example, you can use the auth() helper to check if a user is logged in or to authenticate users.
use Illuminate\Support\Facades\Auth;
// Check if the user is authenticated
if (Auth::check()) {
// System User is logged in
}
// Get the only authenticated user here
$user = Auth::user();
Reset the password.
The Laravel framework also has a built-in capability to reset login user passwords. If a user in the framework forgets their password, they can request a password reset link from within the framework, which is sent to the email ID of the registered authenticated user.
Routes and Controllers – The Laravel framework provides the necessary routes and controllers to manage user login password resets, such as the password.reset and password.email controllers.
These routes are automatically set by default when users install Laravel Breeze or Jetstream.
Sending a reset link – In a general overview, you can add a form to your views to send a reset password link to the user.
// resources/views/auth/forgot-password.blade.php
<form method=”POST” action=”{{ route(‘password.email’) }}”>
@csrf
<label for=”email”>Email</label>
<input type=”email” name=”email” required autofocus>
<button type=”submit”> Password Link For Reset </button>
</form>
Reset Process – When the user clicks the password reset link you send, the link redirects them to a page where they can enter a new user password. The necessary controllers and routes are already set up by the Laravel framework’s authentication scaffolding.
Laravel Authorization Access Control Features.
Once you’ve set up authentication for users in the Laravel framework, you may also want to control the user authorization process. This means you can decide which users should be granted access to particular parts of the application based on which system roles or permissions they hold.
Using Gates and Policies in Laravel.
The Laravel framework provides several gates and policies for managing the authorization process.
Laravel Framework Gate.
Gates in the Laravel framework are used for simple authorization process logic that can be verified with a single call.
Define a Laravel framework gate in app/Providers/AuthServiceProvider.php.
use Illuminate\Support\Facades\Gate;
public function boot()
{
$this->registerPolicies();
Gate::define(‘view-dashboard’, function ($user) {
return $user->is_admin; // Here, only allow this if the user is an admin user with privileges
});
}
Then, in a controller or view, you can check the gate like this:
if (Gate::allows(‘view-dashboard’)) {
// Now, authenticate so the admin user can view the dashboard
} else {
// Unauthorized access denied
}
Laravel Framework Policies.
Policies are classes in the Laravel framework where you can define authorization logic for specific models or tasks and actions.
Create a Laravel Framework policy.
php artisan make:policy PostPolicy
Define authorization logic in a policy class in the Laravel framework.
public function update(User $user, Post $post)
{
return $user->id === $post->user_id;
}
Here we register the policy in AuthServiceProvider.
protected $policies = [
Post::class => PostPolicy::class,
];
Here we use the policy in controllers.
if ($user->can(‘update’, $post)) {
// User can update the post
} else {
// Access denied
}
Here’s a brief summary of the Laravel PHP framework.
The Laravel PHP framework provides powerful built-in libraries and tools to simplify common system task activities such as webpage HTML form validation, authentication, authorization, and password reset.
Conclusion of Using Built-in Laravel Framework Libraries and Tools.
- Form validation – Here, the validate() form method or form request validation is used to validate incoming system data requests in the Laravel PHP framework.
- User authentication – This makes it easy to implement Laravel Breeze or Jetstream user authentication for login, registration, password reset, etc. in the Laravel PHP framework.
- User authorization – Use Laravel gates and policies to manage user access control in the Laravel PHP framework and ensure that only authorized users can perform certain actions or activities.
