Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Laravel News:
Testing Laravel Middleware with HTTP Tests
Sep 28, 2017 @ 12:10:05

On the Laravel News site today there's a tutorial posted showing you how to test your middleware with HTTP tests and how they can help in more practical testing of your application.

In this post, I’d like to demonstrate a practical example of testing a middleware using HTTP tests. Testing at the HTTP level can make your tests more resilient to change and more readable.

On a recent episode of Full Stack Radio (#72) with Adam Wathan and Taylor Otwell, it was refreshing to hear them find a lot of practical value in HTTP testing. I have found HTTP tests to be easier to write and maintain, but did feel like I was Doing Testing Wrong™ somehow or that I was cheating by not mocking and isolating everything. If you haven’t listened to this episode yet, give it a listen, it’s full of good, practical testing advice.

He starts by laying out the example middleware he wanted to test, one for validating and securing webhooks coming back from the Mailgun service to handle incoming email. The code for the middleware is included, defining the handle, buildSignature and verify methods. He then uses the artisan command to make a test and provides the code to test and ensure that the middleware forbids requests that aren't POST.

tagged: laravel http testing middleware mailgun webhook post tutorial

Link: https://laravel-news.com/testing-laravel-middleware

Zend Framework Blog:
Logging PHP applications
Sep 13, 2017 @ 10:56:38

On the Zend Framework blog there's a new post in their series highlighting components of the main framework. In this new tutorial they look a the Zend-log component and how it can be used for logging in your application.

Every PHP application generates errors, warnings, and notices and throws exceptions. If we do not log this information, we lose a way to identify and solve problems at runtime. Moreover, we may need to log specific actions such as a user login and logout attempts. All such information should be filtered and stored in an efficient way.

[...] Zend Framework offers a logging component, zend-log; the library can be used as a general purpose logging system. It supports multiple log backends, formatting messages sent to the log, and filtering messages from being logged.

The tutorial then walks you through the installation of the component and some basic usage of it to write directory to the 'php://output' stream. It then shows you how to set up custom formatting on the message and a few other examples of it in use:

  • logging PHP events (errors/exceptions)
  • using the built-in data (level) filtering functionality
  • custom processors
  • working with multiple backends for storage

The post ends with a look at using the Zend-log package in either a traditional MVC application or one based more on middleware (like an Expressive application).

tagged: zendframework component zendlog logging tutorial mvc middleware

Link: https://framework.zend.com/blog/2017-09-12-zend-log.html

TutsPlus.com:
Understand the Basics of Laravel Middleware
Jul 26, 2017 @ 12:53:38

On the TutsPlus.com site there's a tutorial recently posted sharing the basics of middleware in Laravel applications - reusable pieces of code that operate on the request and response during the execution of your code.

In this article, we'll dive deep into the Laravel framework to understand the concept of middleware. The first half of the article begins with an introduction to middleware and what it's actually used for.

As we move on, we'll cover how to create custom middleware in a Laravel application. After creation of your custom middleware, we'll explore the options available to register it with Laravel so that it could be actually invoked during the request processing flow.

The tutorial starts by explaining what middleware is and how it functions in the flow of the Laravel application (as well as possible uses). It then starts in on the creation of custom middleware designed to redirect mobile users to the "mobile site" for the service. With the test for that in place the post then shows how to apply the middleware to the application on a route.

tagged: laravel middleware introduction custom mobile example

Link: https://code.tutsplus.com/tutorials/understand-the-basics-of-laravel-middleware--cms-29147

Master Zend Framework:
Create Modules and Middleware with Command-Line Tooling Support
Jun 12, 2017 @ 10:44:05

The Master Zend Framework site has posted a new tutorial covering an aspect of the Zend Expressive project that doesn't seem to get enough coverage: the tooling included with the skeleton application.

For the longest time, Zend Framework hasn't had the strongest command-line tooling and scaffolding support. In stark contrast, other frameworks — especially Laravel, and its excellent Artisan command — have had far stronger tooling support and as a result have been far easier to build projects with. However, that's all changed!

Since the release of Zend Expressive Skeleton 2.0.2, Zend Expressive's command-line tooling support has been rapidly developing. It's provided through a package called, aptly, Zend Expressive Tooling.

The post briefly describes what features the tooling brings and then gets right into the installation process (via Composer). The tutorial then walks you through the commands it provides to create middleware, modules and handle migration to latest versions of the framework. The module and middleware topics are then covered more in-depth, showing code and commands required.

tagged: zendexpressive tooling middleware module commandline tutorial

Link: http://www.masterzendframework.com/tooling/create-modules-and-middleware/

Zend Framework Blog:
Authorize users using Middleware
May 04, 2017 @ 09:40:56

Previously the Zend Framework blog posted a tutorial showed you how to authenticate a user with middleware in a Zend Expressive application. In this latest post in the series they move on to the next step: authorization.

In a previous post, we demonstrated how to authenticate a middleware application in PHP. In this post we will continue the discussion, showing how to manage authorizations.

We will start from an authenticated user and demonstrate how to allow or disable actions for specific users. We will collect users by groups and we will use a Role-Based Access Control (RBAC) system to manage the authorizations.

To implement RBAC, we will consume zendframework/zend-permissions-rbac.

They start by pulling in the Zend Expressive tooling support and creating the Permission module. The tutorial then gets into the basics of using a role-based access control system and the roles they're going to define: admin, editor and contributor (as well as what each can do). The roles are then defined in a configuration file and briefly explained. Next is the creation of the middleware to authorize the user and its action in the application, performing a check against the roles of the user on the requirements of the action. There's also an example of setting up role inheritance and how to configure the resulting route to fire off the authorization handling.

tagged: zendexpressive middleware authorization zendrbac rbac rolebased accesscontrol tutorial

Link: https://framework.zend.com/blog/2017-05-04-authorization-middleware.html

Medium.com:
Using Guzzle 6 Middleware in a Laravel Application
May 03, 2017 @ 11:10:36

In this recent post on Medium.com author Paul Redmond shows how to use Guzzle 6 middleware in a Laravel application instead of the framework's own functionality.

The most significant change between Guzzle 5 and 6 is moving away from the event system I grew so accustomed to in Version 5 to middleware in version 6. Needless to say, it was a big adjustment for me at first and it felt like a downgrade. After my initial grumbling, the upgrade guide explains the reasoning for the change.

[...] I prefer to keep my dependencies as up-to-date as possible so I decided to learn Guzzle 6 and become more familiar with the middleware. The concepts are pretty straightforward and I have a few patterns that I like to use when building out middleware within my Laravel applications.

He then shares some code he's used to generate an authorization header and how to add it into the Laravel application as a service using the "tagged" middleware functionality. Finally he shows it in use making a simple request to the endpoint and showing the response results, including the authorization header.

tagged: guzzle middleware laravel application tutorial tagged integration

Link: https://medium.com/@paulredmond/using-guzzle-6-middleware-in-a-laravel-application-7fbd6d966235

Zend Framework Blog:
Caching middleware with Expressive
Apr 19, 2017 @ 12:12:32

On the Zend Framework blog Enrico Zimuel has posted a tutorial showing you how to use middleware caching in Zend Expressive to help increase the overall performance of your application.

Performance is one of the key feature for web application. Using a middleware architecture makes it very simple to implement a caching system in PHP.

The general idea is to store the response output of a URL in a file (or in memory, using memcached) and use it for subsequent requests. In this way we can bypass the execution of the previous middlewares starting from the second request.

Of course, this technique can only be applied for static contents, that does not require update for each HTTP request.

He shows how to implement the "cachable" middleware, starting with a version that caches the return content based on the URL requested. He then shows how to configure the caching system to specify settings like path, lifetime and the enabled/disabled state. This is stored as a PHP configuration where the autoloader can get to it and the class as a dependency on the middleware itself.

tagged: cache middleware output zendexpressive tutorial response content

Link: https://framework.zend.com/blog/2017-04-19-caching-middleware.html

Matthew Weier O'Phinney:
Using Anonymous Classes to Write Middleware
Apr 03, 2017 @ 11:22:48

Matthew Weier O'Phinney, lead developer on the Zend Framework project, has written up a new post for his site showing how to use anonymous classes to write middleware for your applications (several frameworks support the concept of middleware these days).

I faced an interesting question recently with regards to middleware: What happens when we go from a convention-based to a contract-based approach when programming?

Convention-based approaches usually allow for duck-typing; with middleware, it means you can write PHP callables - usually closures - and just expect them to work.

Contract-based approaches use interfaces. I think you can see where this is going.

He starts off looking at some of the currently popular methods for creating middleware basic them off of either the PSR-7 standard or the proposed PSR-15 HTTP middleware, each with code examples to illustrate. The post then gets to the point with a look at anonymous class-based middleware and some of the advantages they provide. He refactors both a PSR-7 middleware and a closure-based middleware over to PSR-15 using this method.

tagged: middleware anonymous class psr7 psr15 closure tutorial

Link: https://mwop.net/blog/2017-03-30-anonymous-class-middleware.html

Zend Framework Blog:
Error Handling in Expressive
Mar 24, 2017 @ 09:30:31

The Zend Framework blog has a new tutorial posted by Matthew Weier O'Phinney covering error handling techniques in Expressive with a few examples making use of some custom middleware and logic.

One of the big improvements in Expressive 2 is how error handling is approached. While the error handling documentation covers the feature in detail, more examples are never a bad thing!

In their example they're creating an API resource that returns a list of book details (ones the user has read). The goal is to use the existing error handling for everything except the custom exceptions they want to throw but keep with the JSON handling throughout. First the middleware to handling the API request is shown, complete with sorting and pagination. Then come the custom exception examples for invalid requests and server issues. These exceptions are then put into the Problem Details format with the help of another middleware. This then all tied together with the nested middleware handling Expressive provides and an example of the end result is included.

tagged: error handling expressive custom problemdetails tutorial json middleware

Link: https://framework.zend.com/blog/2017-03-23-expressive-error-handling.html

Zend Framework Blog:
Nested Middleware in Expressive
Mar 16, 2017 @ 11:52:21

On the Zend Framework blog Matthew Weier O'Phinney has posted another tutorial, this time showing you how to use nested middleware in Expressive allowing for the composition of your own workflow in the request/response flow.

A major reason to adopt a middleware architecture is the ability to create custom workflows for your application. Most traditional MVC architectures have a very specific workflow the request follows. While this is often customizable via event listeners, the events and general request lifecycle is the same for each and every resource the application serves.

With middleware, however, you can define your own workflow by composing middleware.

He starts by describing one of the main concepts in the workflow of the application: pipelines. He gives an example of the default pipeline included with the Expressive skeleton application and how the middleware it uses nests to create a custom logic and handling flow. He follows this with an example scenario showing how to add authentication into the pipeline, specifically the use of Digest authentication via a PSR7 middleware package. Code is included for the integration of this package and the end result - all pages requiring authentication. He shows how to modify this and limit it to only certain paths and how to nest them in the route definitions.

Finally he shows another approach - creating a custom middleware pipeline inside of the factory for the requested middleware. He also covers nested applications, using traits for common workflows and the use of "delegator factories".

tagged: expressive tutorial nested middleware pipeline custom authentication example

Link: https://framework.zend.com/blog/2017-03-15-nested-middleware-in-expressive.html