Skip to content

outlandishideas/php-crud-api-secure_laravel-demo

BranchesTags

Repository files navigation

Laravel CRUD API with secure-by-default config demo

This is a demo of how you can use https://github.com/outlandishideas/php-crud-api-secure to bootstrap a CRUD API using Laravel.

Installation

Grab a copy of this repo and change into the directory:

git clone [email protected]:outlandishideas/php-crud-api-secure_laravel-demo.git
cd php-crud-api-secure_laravel-demo

This is a project started with the composer create-project laravel/laravel {directory} 4.2 --prefer-dist command. It's almost all boilerplate. TODO: delete unneeded boilerplate

The main files you're interested are:

  • composer.json which includes the outlandishideas/php-crud-api-secure library
  • routes/api.php which boostraps the php-crud-api with the SecureConfig from outlandishideas/php-crud-api-secure

Install the requirements

composer install

Seed the sqlite database

php artisan db:seed

This loads data from database/animals_source_data.sql into database/animals.sqlite via database/seeders/DataSeeder.php

Serve the app

php artisan serve

Check it's working

If all is well then you should get a JSON response from http://127.0.0.1:8000/api/records/users?join=pets along the lines of:

{
    "records": [
        {
            "id": 1,
            "display_name": "harry",
            "pets": [
                {
                    "id": 1,
                    "name": "timmy",
                    "favourite_food": "lettuce",
                    "species": "snail",
                    "owner": 1
                },
                {
                    "id": 2,
                    "name": "jimbo",
                    "favourite_food": "sugar",
                    "species": "ant",
                    "owner": 1
                }
            ]
        },
        {
            "id": 2,
            "display_name": "randomMan",
            "pets": [
                {
                    "id": 3,
                    "name": "fido",
                    "favourite_food": "snails",
                    "species": "dog",
                    "owner": 2
                }
            ]
        }
    ]
}

Permissions

The app defines a set of permissions that allow you to:

  • read all properties from teh pets table
  • read some properties from the users table
  • write data to the pets table

Check that you can read the users table

curl http://localhost:8000/api/records/users

Check that you can't write to the users table

curl --header "Content-Type: application/json" \
--request POST \
--data '{"id":"8","password":"123Password"}' \
http://localhost:8000/api/records/users

Check that you can read the pets table

curl http://localhost:8000/api/records/pets

Check that you can write to the pets table

curl --header "Content-Type: application/json" \
--request POST \
--data '{ 
"name": "gnasher", 
"favourite_food": "softies", 
"species": "cartoon_dog", 
"owner": 1 
}' \
http://localhost:8000/api/records/pets

Check that your new entry is in the pets table

curl http://localhost:8000/api/records/pets

About

A demo of how you can use `https://github.com/outlandishideas/php-crud-api-secure` to bootstrap a CRUD API using Laravel.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

7 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages