Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Matt Stauffer:
Login Throttling in Laravel 5.1
Aug 03, 2015 @ 08:35:57

Matt Stauffer has posted the eleventh part in his series looking at new features of the latest release of the Laravel framework (well, version 5.1). In this tutorial he shows you how to setup and configure the login throttling for your Laravel-based application with the help of the Laravel Throttle package.

Whether or not you know it, any login forms are likely to get a lot of automated login attempts. Most login forms don't stop an automated attack trying email after email, password after password, and since those aren't being logged, you might not even know it's happening.

The best solution to something like this is to halt a user from attempting logins after a certain number of failed attempts. This is called login throttling, or rate limiting. Graham Campbell wrote a great package called Laravel Throttle to address this in previous versions of Laravel, but in Laravel 5.1 Login throttling comes right out of the box.

He shows how to use the ThrottleTrait in your AuthController to have some of the "behind the scenes" work done for you. He shows you how to update your view to relay the possible error message back to the user (and includes a quick screencast of the result). He ends the post with a quick look at what the throttling functionality is doing under the covers: creating a temporary cache item based on username+IP address as a "lock" indicator. Finally, he points out two properties you can find on the auth controller to give a bit more detail on the current configuration: lockout time and max login attempts.

tagged: laravel login throttle tutorial authcontroller laravelthrottle package cache username ipaddress

Link: https://mattstauffer.co/blog/login-throttling-in-laravel-5.1

Laravel Podcast:
Episode 31: Public Speaking Preppers
Jul 29, 2015 @ 10:17:41

The Laravel Podcast, hosted by Matt Stauffer with guests Jeffrey Way and Taylor Otwell, has posted their latest episode - Episode #31: Public Speaking Preppers.

In this episode, the crew discusses preparing for conference talks, vacationing, and dreamy destinations!

You can listen to this latest post either through the in-page audio player or by downloading the mp3 directly. Be sure to subscribe to their feed or follow them on twitter for more information about the latest episodes as they're released.

tagged: public speaking preparation laravel podcast ep31

Link: http://www.laravelpodcast.com/episodes/14331-episode-31-public-speaking-preppers

SitePoint PHP Blog:
Validating your data with Respect Validation
Jul 20, 2015 @ 10:49:26

The SitePoint PHP blog has posted a tutorial showing you how to validate your data with Respect (well, their validation library) and ensure the data you're getting is exactly what you're expecting.

Validation is an important aspect of every application’s interaction with data. Instead of reinventing the wheel every time, the community collaborated on some useful packages like Symfony, Laravel, Zend, etc. In this article, we’re going to introduce a lesser known package called Respect Validation, which provides some nice new features.

He starts by mentioning some of the other popular validation packages used widely in the PHP community including the Symfony Validator and Laravel's Illuminate package. For each of these he shows code validating an email address, each with their own slight differences. Using this same example he shows how to implement it in the Respect library, first making use of their custom "email" validator class then via custom chained rules. He also shows how to set custom error messages and provides a more "real world" example with a simple Laravel application. His application takes in user data including username, password and credit card information and uses Respect's library to validate it via a full set of rules. He ends the post with a quick look at creating your own custom rule classes and how to "cross pollinate" them with Zend or Symfony validators.

tagged: respect validation library tutorial laravel example custom errormessage

Link: http://www.sitepoint.com/validating-your-data-with-respect-validation/

Freek Van der Herten:
Speed up a Laravel app by caching the entire response
Jul 20, 2015 @ 08:12:55

Freek Van der Herten has written up a tutorial for his site showing the Laravel users out there how to cache their entire response to speed up the overall performance of their application.

A typical request on an dynamic PHP site can do a lot of things. It’s highly likely that a bunch database queries are performed. On complex pages executing those queries and hydrating them can slow a site down. The response time can be improved by caching the entire response. The idea is that when a user visits a certain page the app stores the rendered page.

With a little help from his package it's easy to enable. Just install the package, add the service provider and you're ready to go. All successful responses will be cached unless told otherwise and cache files will be written out to files by default. He does point out that caching like this, while handy and a nice "quick fix" shouldn't be used in place of proper application tuning methods though. He also links to two other external technologies that could be used for the same purpose: Varnish and Nginx's own cache handling.

tagged: laravel application response cache output serviceprovider package

Link: https://murze.be/2015/07/speed-up-a-laravel-app-by-caching-the-entire-response/

Matt Stauffer:
Using Github authentication for login with Laravel Socialite
Jul 17, 2015 @ 10:17:25

In a tutorial posted to his site Matt Stauffer shows you how to integrate Laravel with GitHub's authentication to link a user's profile to your application, made possible through the Socialite package.

Laravel's Socialite package makes it simple to authenticate your users to Facebook, Twitter, Google, LinkedIn, GitHub and Bitbucket. You can authenticate them for the purpose of connecting their pre-existing user account to a third-party service, but you can also use it as your primary login mechanism, which we'll be talking about here. I'm working on a new little micro-SaaS that is purely dependent on GitHub in order to operate, so there's no reason to set up any user flow other than just GitHub.

He starts with just a bit of insight into the overall flow of an OAuth connection with an application (which this is) and the pieces involved. Next he helps you get Socalite installed and working with your Laravel application. With this in place he shows you how to create a simple GitHub application and configure your Laravel instance with the provided client ID/secret and redirect URL. He adds in some routes to handle the two page requests and the controller methods to process the input. He makes a simple "users" migration to hold user information and a model to match. Finally he shows the result, stepping through the authorization flow, complete with screenshots.

tagged: laravel github social authentication login socalite package tutorial

Link: https://mattstauffer.co/blog/using-github-authentication-for-login-with-laravel-socialite

Medium.com:
Laravel and Vue JS: Advanced Frontend Webapp Architecture
Jul 17, 2015 @ 08:46:10

On Medium.com Russ Weas has posted a tutorial showing you how to get Laravel and Vue.js working together to create a well-structured, two-way application.

Do you use Laravel PHP and Vue JS? Do you wish there was a better way to structure your applications you build? This tutorial is just for you! In it, we set up simple two-way communication between the different components of your front-end app.

While he does provide the end result as a GitHub repository, he still walks through the full integration process to fill in the gaps. He starts with a brief introduction to a Vue.js application structure (based off of this video) and what parts need to be in play to follow along. From there he gets into the two-way communication aspect, showing how to create the bridge between the application, its views and components. He talks about some of the "missing pieces" of the current structure including an update to pass in a dependency injection "container" on the Vue side similar to how Laravel's IOC container works.

The remainder of the post is split into three parts, each with an update to the view layer (on the client side) to work with the new IOC structure:

  • using this.app in each view
  • setting data for a particular view from other views or the main app
  • calling view functions

He concludes the post with the full code for the two files they've been working with, showing everything working together: the HTML template (Laravel view) and the "app.js" Javascript for the Vue.js code.

tagged: laravel tutorial architecture vuejs frontend framework

Link: https://medium.com/laravel-news/advanced-front-end-setup-with-vue-js-laravel-e9fbd7e89fe2

Laravel News:
Laracon (US) Schedule Announced
Jul 07, 2015 @ 09:51:25

On the Laravel News site they've posted an announcement about the release of the Laracon US schedule for their 2015 event (happening August 11th and 12th).

Laracon US will be held next month in Lousiville KY and time is running out to get a ticket. Currently, 350+ have been sold and will be the biggest Laracon yet. The full schedule has now been posting on the Laracon site and the topics sound outstanding.

The list of sessions for this year's event include:

  • Matt Stauffer on Leveraging Laravel
  • Adam Wathan on Chasing “Perfect”
  • Jeffrey Way Things Laravel Made Me Believe
  • Brian Webb on Open Source and Company Culture
  • Yitzchok Willroth with Talmudic Maxims to maximize your growth as a developer

This year's event will also feature "Artisan Jeopardy" hosted by Jeremy Mikola, one session each day. If you're interested in attending, you can pick up your tickets now.

tagged: laracon15 laraconus schedule announcement kentucky laravel

Link: https://laravel-news.com/2015/07/laracon-schedule-announced/

Scotch.io:
Token-Based Authentication for AngularJS and Laravel Apps (continued)
Jul 06, 2015 @ 11:57:54

Scotch.io has posted the second part of their series (here's part one) continuing their look at using tokens for authentication in an AngularJs+Laravel application. They pick up where they left off in the previous part and focus on adding more of the systems around the token.

In the tutorial on Scotch.io we created a new app called jot-bot to look at how to implement token-based authentication in AngularJS and Laravel by using jwt-auth and Satellizer together. On the Laravel side, jwt-auth let’s us generate JSON web tokens when the user inputs their credentials. [...] There were a few things for a complete authentication solution that we didn’t get to in the last tutorial, including: Setting the logged-in user’s data (such as name and email address) and their authentication status, a way to redirect the user to the login page if they become logged out and how to log the user out and the implications of token-based authentication on logout.

He starts by updating the AuthenticateController to handle getting the authenticated user based on the token information. He also adds the matching route and show the kind of data it should return. He then switches to the Angular side and creates the controller to hook into the backend and get the current user information. The tutorial then shows how to relay user information back to the view and what it might look like. He then goes through a similar process for adding the logout handling including redirecting the user when logged out. Finally, he shows how to initialize the user on the frontend when the application loads, pulling the data from localstorage and checking for a valid existing session.

tagged: scotchio token authentication angularjs laravel application series part2

Link: http://ryanchenkie.com/token-based-authentication-for-angularjs-and-laravel-apps/

Reddit.com:
Why experienced developers consider Laravel as a poorly designed framework?
Jul 03, 2015 @ 11:41:03

There's a huge thread that's been going on over in the /r/php subreddit on Reddit.com with opinions on why experienced developers consider Laravel as a poorly designed framework.

I have been developing in Laravel and I loved it. My work colleagues that have been developing for over 10 years (I have 2 years experience) say that Laravel is maybe fast to develop and easy to understand but its only because it is poorly designed. He is strongly Symfony orientated and as per his instructions for past couple of months I have been learning Symfony and I have just finished a deployment of my first website. I miss Laravel ways so much.

Currently there's over 200 responses to the question with a wide range of opinions, everything from support of Laravel and its ways to the other side supporting Symfony and its structure. As is par for the course, there's also a share of "troll" comments in the mix, so be sure as you're reading through them to weed those out. There's also some interesting and enlightening things about Laravel, its structure and what it has to offer that those that may not be familiar with it could learn.

tagged: reddit rphp experienced developer laravel poorly designed framework opinion

Link: https://www.reddit.com/r/PHP/comments/3bmclk/why_experienced_developers_consider_laravel_as_a/

DigitalOcean Community Blog:
How To Deploy a Basic PHP Application using Ansible, Part2
Jun 26, 2015 @ 09:53:33

Digital Ocean has continued their series about deploying "advanced PHP applications" on an Ubuntu instance via Ansible in part two of the series. If you missed the first part of the series, you can check it out here.

This tutorial is the second in a series about deploying PHP applications using Ansible on Ubuntu 14.04. The first tutorial covers the basic steps for deploying an application, and is a starting point for the steps outlined in this tutorial.

In this tutorial we will cover setting up SSH keys to support code deployment/publishing tools, configuring the system firewall, provisioning and configuring the database (including the password!), and setting up task schedulers (crons) and queue daemons. The goal at the end of this tutorial is for you to have a fully working PHP application server with the aforementioned advanced configuration.

You'll need to finish the first tutorial if you want to follow along here. They pick up where they left off to finish the whole process, starting with a switch to a more advanced example repository. They modify the Ansible configuration and run the playbook to update the host. From there they break things down into several more steps:

  • Setting up SSH Keys for Deployment
  • Configuring the Firewall
  • Installing the MySQL Packages
  • Setting up the MySQL Database
  • Configuring the PHP Application for the Database
  • Migrating the Database
  • Configuring cron Tasks
  • Configuring the Queue Daemon

While a good bit of these steps relate to something Laravel needs (what they use for the sample application), it's still a good overview of the wide range of things you can do with Ansible during deployment.

tagged: deploy ansible digitalocean setup tutorial configure laravel framework part2

Link: https://www.digitalocean.com/community/tutorials/how-to-deploy-an-advanced-php-application-using-ansible-on-ubuntu-14-04