├── .editorconfig ├── .env.example ├── .gitattributes ├── .gitignore ├── .styleci.yml ├── README.md ├── app ├── Ability.php ├── Console │ ├── Commands │ │ ├── CreateSuperUser.php │ │ └── SyncAbilities.php │ └── Kernel.php ├── Exceptions │ └── Handler.php ├── Http │ ├── Controllers │ │ ├── Auth │ │ │ ├── ConfirmPasswordController.php │ │ │ ├── ForgotPasswordController.php │ │ │ ├── LoginController.php │ │ │ ├── RegisterController.php │ │ │ ├── ResetPasswordController.php │ │ │ └── VerificationController.php │ │ ├── Controller.php │ │ ├── HomeController.php │ │ ├── RoleController.php │ │ └── UserController.php │ ├── Kernel.php │ └── Middleware │ │ ├── Authenticate.php │ │ ├── CheckForMaintenanceMode.php │ │ ├── EncryptCookies.php │ │ ├── RedirectIfAuthenticated.php │ │ ├── TrimStrings.php │ │ ├── TrustHosts.php │ │ ├── TrustProxies.php │ │ └── VerifyCsrfToken.php ├── Providers │ ├── AppServiceProvider.php │ ├── AuthServiceProvider.php │ ├── BroadcastServiceProvider.php │ ├── EventServiceProvider.php │ └── RouteServiceProvider.php ├── Role.php └── User.php ├── artisan ├── bootstrap ├── app.php └── cache │ └── .gitignore ├── composer.json ├── composer.lock ├── config ├── app.php ├── auth.php ├── broadcasting.php ├── cache.php ├── cors.php ├── database.php ├── filesystems.php ├── hashing.php ├── logging.php ├── mail.php ├── queue.php ├── services.php ├── session.php └── view.php ├── database ├── .gitignore ├── factories │ └── UserFactory.php ├── migrations │ ├── 2014_10_12_000000_create_users_table.php │ ├── 2014_10_12_100000_create_password_resets_table.php │ ├── 2019_08_19_000000_create_failed_jobs_table.php │ ├── 2020_08_24_192345_create_roles_table.php │ ├── 2020_08_24_192453_create_role_user_table.php │ ├── 2020_08_24_194746_create_abilities_table.php │ └── 2020_08_24_194800_create_ability_role_table.php └── seeds │ └── DatabaseSeeder.php ├── package-lock.json ├── package.json ├── phpunit.xml ├── public ├── .htaccess ├── css │ └── app.css ├── favicon.ico ├── index.php ├── js │ └── app.js ├── mix-manifest.json └── robots.txt ├── resources ├── js │ ├── app.js │ └── bootstrap.js ├── lang │ └── en │ │ ├── auth.php │ │ ├── pagination.php │ │ ├── passwords.php │ │ └── validation.php ├── sass │ ├── _variables.scss │ └── app.scss └── views │ ├── auth │ ├── login.blade.php │ ├── passwords │ │ ├── confirm.blade.php │ │ ├── email.blade.php │ │ └── reset.blade.php │ ├── register.blade.php │ └── verify.blade.php │ ├── home.blade.php │ ├── layouts │ └── app.blade.php │ ├── roles │ ├── create.blade.php │ ├── edit.blade.php │ ├── index.blade.php │ └── show.blade.php │ ├── users │ ├── create.blade.php │ ├── edit.blade.php │ ├── index.blade.php │ └── show.blade.php │ └── welcome.blade.php ├── routes ├── api.php ├── channels.php ├── console.php └── web.php ├── server.php ├── storage ├── app │ ├── .gitignore │ └── public │ │ └── .gitignore ├── framework │ ├── .gitignore │ ├── cache │ │ ├── .gitignore │ │ └── data │ │ │ └── .gitignore │ ├── sessions │ │ └── .gitignore │ ├── testing │ │ └── .gitignore │ └── views │ │ └── .gitignore └── logs │ └── .gitignore ├── tests ├── CreatesApplication.php ├── Feature │ └── ExampleTest.php ├── TestCase.php └── Unit │ └── ExampleTest.php └── webpack.mix.js /.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | charset = utf-8 5 | end_of_line = lf 6 | insert_final_newline = true 7 | indent_style = space 8 | indent_size = 4 9 | trim_trailing_whitespace = true 10 | 11 | [*.md] 12 | trim_trailing_whitespace = false 13 | 14 | [*.{yml,yaml}] 15 | indent_size = 2 16 | -------------------------------------------------------------------------------- /.env.example: -------------------------------------------------------------------------------- 1 | APP_NAME=Laravel 2 | APP_ENV=local 3 | APP_KEY= 4 | APP_DEBUG=true 5 | APP_URL=http://localhost 6 | 7 | LOG_CHANNEL=stack 8 | 9 | DB_CONNECTION=mysql 10 | DB_HOST=127.0.0.1 11 | DB_PORT=3306 12 | DB_DATABASE=laravel 13 | DB_USERNAME=root 14 | DB_PASSWORD= 15 | 16 | BROADCAST_DRIVER=log 17 | CACHE_DRIVER=file 18 | QUEUE_CONNECTION=sync 19 | SESSION_DRIVER=file 20 | SESSION_LIFETIME=120 21 | 22 | REDIS_HOST=127.0.0.1 23 | REDIS_PASSWORD=null 24 | REDIS_PORT=6379 25 | 26 | MAIL_MAILER=smtp 27 | MAIL_HOST=smtp.mailtrap.io 28 | MAIL_PORT=2525 29 | MAIL_USERNAME=null 30 | MAIL_PASSWORD=null 31 | MAIL_ENCRYPTION=null 32 | MAIL_FROM_ADDRESS=null 33 | MAIL_FROM_NAME="${APP_NAME}" 34 | 35 | AWS_ACCESS_KEY_ID= 36 | AWS_SECRET_ACCESS_KEY= 37 | AWS_DEFAULT_REGION=us-east-1 38 | AWS_BUCKET= 39 | 40 | PUSHER_APP_ID= 41 | PUSHER_APP_KEY= 42 | PUSHER_APP_SECRET= 43 | PUSHER_APP_CLUSTER=mt1 44 | 45 | MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}" 46 | MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}" 47 | 48 | AUTH_SUPER_USER_EMAIL=super@example.com 49 | AUTH_SUPER_USER_PASSWORD=secret 50 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | * text=auto 2 | *.css linguist-vendored 3 | *.scss linguist-vendored 4 | *.js linguist-vendored 5 | CHANGELOG.md export-ignore 6 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /node_modules 2 | /public/hot 3 | /public/storage 4 | /storage/*.key 5 | /vendor 6 | .env 7 | .env.backup 8 | .phpunit.result.cache 9 | Homestead.json 10 | Homestead.yaml 11 | npm-debug.log 12 | yarn-error.log 13 | -------------------------------------------------------------------------------- /.styleci.yml: -------------------------------------------------------------------------------- 1 | php: 2 | preset: laravel 3 | disabled: 4 | - unused_use 5 | finder: 6 | not-name: 7 | - index.php 8 | - server.php 9 | js: 10 | finder: 11 | not-name: 12 | - webpack.mix.js 13 | css: true 14 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | [Authorization](https://laravel.com/docs/7.x/authorization) is one of laravel security features, it provides a simple way to authorize user actions, in this tutorial we'll use this feature to implement roles and abilities logic. 2 | 3 | Content: 4 | 5 | - [Installation](#installation) 6 | - [Models](#models) 7 | - [Controllers](#controllers) 8 | - [Views](#views) 9 | - [Commands](#commands) 10 | - [Authorization](#authorization) 11 | - [Conclusion](#conclusion) 12 | 13 | # Installation 14 | 15 | - Clone the repository 16 | - Install composer dependancies 17 | 18 | ``` 19 | composer install 20 | ``` 21 | 22 | - Create .env file 23 | 24 | ``` 25 | cp .env.example .env 26 | ``` 27 | 28 | - Generate application key 29 | 30 | ``` 31 | php artisan key:generate 32 | ``` 33 | 34 | - Set database connection environment variable 35 | - Run migrations and seeds 36 | 37 | ``` 38 | php artisan migrate --seed 39 | ``` 40 | 41 | - Following are super user default credentials 42 | 43 | email: `super@example.com`, password: `secret` 44 | 45 | - Following are demo user defaul credentials 46 | 47 | email: `user@example.com`, password: `secret` 48 | 49 | # Models 50 | 51 | `Role` model will group the abilities that will be granted to related users. 52 | 53 | ```php 54 | belongsToMany('App\User'); 77 | } 78 | 79 | /** 80 | * The abilities that belong to the role. 81 | */ 82 | public function abilities() 83 | { 84 | return $this->belongsToMany('App\Ability'); 85 | } 86 | } 87 | 88 | ``` 89 | 90 | `Ability` model represent the actions that needs to be authorized. 91 | 92 | ```php 93 | belongsToMany('App\Role'); 116 | } 117 | } 118 | 119 | ``` 120 | 121 | # Controllers 122 | 123 | To authorize controller actions we use [authorize](https://laravel.com/docs/7.x/authorization#via-controller-helpers) helper method which accept the name of the ability needed to perform the action. 124 | 125 | `UserController` and `RoleController` handles management of users and roles including relating users to roles and roles to abilities, the logic is simply made of crud actions and eloquent relationship manipulation. 126 | 127 | # Views 128 | 129 | To display only the portions of the page that users are authorized to utilize we'll use [@can and @canany](https://laravel.com/docs/7.x/authorization#via-blade-templates) blade directives. 130 | 131 | # Commands 132 | 133 | `SyncAbilities` contain an indexed array of strings where each element is an ability, when exceuted it will sync the abilties in the database. 134 | 135 | ```php 136 | abilities)->pluck('id'); 178 | DB::table('ability_role')->whereIn('ability_id', $removedAbilities)->delete(); 179 | Ability::whereIn('id', $removedAbilities)->delete(); 180 | $presentAbilities = Ability::whereIn('name', $this->abilities)->get(); 181 | $absentAbilities = $presentAbilities->isEmpty() ? $this->abilities : array_diff($this->abilities, $presentAbilities->pluck('name')->toArray()); 182 | if ($absentAbilities) { 183 | $absentAbilities = array_map(function ($ability) { 184 | return ['name' => $ability]; 185 | }, $absentAbilities); 186 | Ability::insert($absentAbilities); 187 | } 188 | } 189 | } 190 | ``` 191 | 192 | Whenever the abilities are modifed run the following command to sync the database. 193 | 194 | ``` 195 | php artisan abilities:sync 196 | ``` 197 | 198 | `CreateSuperUser` will create a `super` user using credentials provided in `config/auth.php` which can be set using `AUTH_SUPER_USER_EMAIL` and `AUTH_SUPER_USER_EMAIL` environment variable, `super` user surpass authorization logic hence he's granted all abilities. 199 | 200 | ```php 201 | delete(); 233 | User::create([ 234 | 'email' => config('auth.super_user.email'), 235 | 'name' => 'super', 236 | 'super' => true, 237 | 'password' => Hash::make(config('auth.super_user.password')), 238 | ]); 239 | } 240 | } 241 | ``` 242 | 243 | Whenever the super user need to be changed, update the correspoding environment variable and run the following command which will delete the current super user and create a new one. 244 | 245 | ``` 246 | php artisan superuser:create 247 | ``` 248 | 249 | # Authorization 250 | 251 | The authorization take place in `AuthServiceProvider`, where we use [Gate::before](https://laravel.com/docs/7.x/authorization#intercepting-gate-checks) method to intercept gate checks then we verify if the user is super or is granted the ability through any of his roles. 252 | 253 | ```php 254 | use Illuminate\Support\Facades\Gate; 255 | use Illuminate\Database\Eloquent\Builder; 256 | 257 | /** 258 | * Register any authentication / authorization services. 259 | * 260 | * @return void 261 | */ 262 | public function boot() 263 | { 264 | $this->registerPolicies(); 265 | 266 | // 267 | 268 | Gate::before(function ($user, $ability) { 269 | if ($user->super) { 270 | return true; 271 | } else { 272 | return $user 273 | ->roles() 274 | ->whereHas('abilities', function (Builder $query) use ($ability) { 275 | $query->where('name', $ability); 276 | }) 277 | ->exists(); 278 | } 279 | }); 280 | } 281 | ``` 282 | 283 | # Conclusion 284 | 285 | Laravel has a lot to offer, having a general idea about what's provided help in finding the best solution, in this tutorial we've used `Authorization` and `Seeders` as the base of the roles and abilities system. -------------------------------------------------------------------------------- /app/Ability.php: -------------------------------------------------------------------------------- 1 | belongsToMany('App\Role'); 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /app/Console/Commands/CreateSuperUser.php: -------------------------------------------------------------------------------- 1 | delete(); 33 | User::create([ 34 | 'email' => config('auth.super_user.email'), 35 | 'name' => 'super', 36 | 'super' => true, 37 | 'password' => Hash::make(config('auth.super_user.password')), 38 | ]); 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /app/Console/Commands/SyncAbilities.php: -------------------------------------------------------------------------------- 1 | abilities)->pluck('id'); 43 | DB::table('ability_role')->whereIn('ability_id', $removedAbilities)->delete(); 44 | Ability::whereIn('id', $removedAbilities)->delete(); 45 | $presentAbilities = Ability::whereIn('name', $this->abilities)->get(); 46 | $absentAbilities = $presentAbilities->isEmpty() ? $this->abilities : array_diff($this->abilities, $presentAbilities->pluck('name')->toArray()); 47 | if ($absentAbilities) { 48 | $absentAbilities = array_map(function ($ability) { 49 | return ['name' => $ability]; 50 | }, $absentAbilities); 51 | Ability::insert($absentAbilities); 52 | } 53 | } 54 | } 55 | -------------------------------------------------------------------------------- /app/Console/Kernel.php: -------------------------------------------------------------------------------- 1 | command('inspire')->hourly(); 28 | } 29 | 30 | /** 31 | * Register the commands for the application. 32 | * 33 | * @return void 34 | */ 35 | protected function commands() 36 | { 37 | $this->load(__DIR__.'/Commands'); 38 | 39 | require base_path('routes/console.php'); 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /app/Exceptions/Handler.php: -------------------------------------------------------------------------------- 1 | middleware('auth'); 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /app/Http/Controllers/Auth/ForgotPasswordController.php: -------------------------------------------------------------------------------- 1 | middleware('guest')->except('logout'); 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /app/Http/Controllers/Auth/RegisterController.php: -------------------------------------------------------------------------------- 1 | middleware('guest'); 42 | } 43 | 44 | /** 45 | * Get a validator for an incoming registration request. 46 | * 47 | * @param array $data 48 | * @return \Illuminate\Contracts\Validation\Validator 49 | */ 50 | protected function validator(array $data) 51 | { 52 | return Validator::make($data, [ 53 | 'name' => ['required', 'string', 'max:255'], 54 | 'email' => ['required', 'string', 'email', 'max:255', 'unique:users'], 55 | 'password' => ['required', 'string', 'min:8', 'confirmed'], 56 | ]); 57 | } 58 | 59 | /** 60 | * Create a new user instance after a valid registration. 61 | * 62 | * @param array $data 63 | * @return \App\User 64 | */ 65 | protected function create(array $data) 66 | { 67 | return User::create([ 68 | 'name' => $data['name'], 69 | 'email' => $data['email'], 70 | 'password' => Hash::make($data['password']), 71 | ]); 72 | } 73 | } 74 | -------------------------------------------------------------------------------- /app/Http/Controllers/Auth/ResetPasswordController.php: -------------------------------------------------------------------------------- 1 | middleware('auth'); 39 | $this->middleware('signed')->only('verify'); 40 | $this->middleware('throttle:6,1')->only('verify', 'resend'); 41 | } 42 | } 43 | -------------------------------------------------------------------------------- /app/Http/Controllers/Controller.php: -------------------------------------------------------------------------------- 1 | middleware('auth'); 17 | } 18 | 19 | /** 20 | * Show the application dashboard. 21 | * 22 | * @return \Illuminate\Contracts\Support\Renderable 23 | */ 24 | public function index() 25 | { 26 | return view('home'); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /app/Http/Controllers/RoleController.php: -------------------------------------------------------------------------------- 1 | middleware('auth'); 20 | } 21 | 22 | /** 23 | * Display a listing of the resource. 24 | * 25 | * @return \Illuminate\Http\Response 26 | */ 27 | public function index() 28 | { 29 | $this->authorize('view-any-role'); 30 | 31 | return view('roles.index', ['roles' => Role::get()]); 32 | } 33 | 34 | /** 35 | * Show the form for creating a new resource. 36 | * 37 | * @return \Illuminate\Http\Response 38 | */ 39 | public function create() 40 | { 41 | $this->authorize('create-role'); 42 | 43 | return view('roles.create', ['abilities' => Ability::get()]); 44 | } 45 | 46 | /** 47 | * Store a newly created resource in storage. 48 | * 49 | * @param \Illuminate\Http\Request $request 50 | * @return \Illuminate\Http\Response 51 | */ 52 | public function store(Request $request) 53 | { 54 | $this->authorize('create-role'); 55 | 56 | $validatedData = $request->validate([ 57 | 'name' => ['required', 'string', 'max:255', 'unique:roles'], 58 | 'abilities' => ['required'], 59 | ]); 60 | 61 | $role = Role::create(['name' => $validatedData['name']]); 62 | $role->abilities()->attach($validatedData['abilities']); 63 | 64 | return redirect()->route('roles.index'); 65 | } 66 | 67 | /** 68 | * Display the specified resource. 69 | * 70 | * @param \App\Role $role 71 | * @return \Illuminate\Http\Response 72 | */ 73 | public function show(Role $role) 74 | { 75 | $this->authorize('view-role'); 76 | 77 | return view('roles.show', ['abilities' => Ability::get(), 'role' => $role]); 78 | } 79 | 80 | /** 81 | * Show the form for editing the specified resource. 82 | * 83 | * @param \App\Role $role 84 | * @return \Illuminate\Http\Response 85 | */ 86 | public function edit(Role $role) 87 | { 88 | $this->authorize('update-role'); 89 | 90 | return view('roles.edit', ['abilities' => Ability::get(), 'role' => $role]); 91 | } 92 | 93 | /** 94 | * Update the specified resource in storage. 95 | * 96 | * @param \Illuminate\Http\Request $request 97 | * @param \App\Role $role 98 | * @return \Illuminate\Http\Response 99 | */ 100 | public function update(Request $request, Role $role) 101 | { 102 | $this->authorize('update-role'); 103 | 104 | $validatedData = $request->validate([ 105 | 'name' => ['required', 'string', 'max:255', Rule::unique('roles')->ignore($role->id)], 106 | 'abilities' => ['required'], 107 | ]); 108 | 109 | $role->fill(['name' => $validatedData['name']])->save(); 110 | $role->abilities()->sync($validatedData['abilities']); 111 | 112 | return redirect()->route('roles.index'); 113 | } 114 | 115 | /** 116 | * Remove the specified resource from storage. 117 | * 118 | * @param \App\Role $role 119 | * @return \Illuminate\Http\Response 120 | */ 121 | public function destroy(Role $role) 122 | { 123 | $this->authorize('delete-role'); 124 | 125 | $role->abilities()->detach(); 126 | $role->users()->detach(); 127 | $role->delete(); 128 | 129 | return redirect()->route('roles.index'); 130 | } 131 | } 132 | -------------------------------------------------------------------------------- /app/Http/Controllers/UserController.php: -------------------------------------------------------------------------------- 1 | middleware('auth'); 21 | } 22 | 23 | /** 24 | * Display a listing of the resource. 25 | * 26 | * @return \Illuminate\Http\Response 27 | */ 28 | public function index() 29 | { 30 | $this->authorize('view-any-user'); 31 | 32 | return view('users.index', ['users' => User::whereNull('super')->get()]); 33 | } 34 | 35 | /** 36 | * Show the form for creating a new resource. 37 | * 38 | * @return \Illuminate\Http\Response 39 | */ 40 | public function create() 41 | { 42 | $this->authorize('create-user'); 43 | 44 | return view('users.create', ['roles' => Role::get()]); 45 | } 46 | 47 | /** 48 | * Store a newly created resource in storage. 49 | * 50 | * @param \Illuminate\Http\Request $request 51 | * @return \Illuminate\Http\Response 52 | */ 53 | public function store(Request $request) 54 | { 55 | $this->authorize('create-user'); 56 | 57 | $validatedData = $request->validate([ 58 | 'name' => ['required', 'string', 'max:255'], 59 | 'email' => ['required', 'string', 'email', 'max:255', 'unique:users'], 60 | 'password' => ['required', 'string', 'min:8', 'confirmed'], 61 | 'roles' => ['nullable'], 62 | ]); 63 | 64 | $user = User::create([ 65 | 'name' => $validatedData['name'], 66 | 'email' => $validatedData['email'], 67 | 'password' => Hash::make($validatedData['password']), 68 | ]); 69 | if ($request->filled('roles')) { 70 | $user->roles()->attach($validatedData['roles']); 71 | } 72 | 73 | return redirect()->route('users.index'); 74 | } 75 | 76 | /** 77 | * Display the specified resource. 78 | * 79 | * @param \App\User $user 80 | * @return \Illuminate\Http\Response 81 | */ 82 | public function show(User $user) 83 | { 84 | $this->authorize('view-user'); 85 | 86 | return view('users.show', ['roles' => Role::get(), 'user' => $user]); 87 | } 88 | 89 | /** 90 | * Show the form for editing the specified resource. 91 | * 92 | * @param \App\User $user 93 | * @return \Illuminate\Http\Response 94 | */ 95 | public function edit(User $user) 96 | { 97 | $this->authorize('update-user'); 98 | 99 | return view('users.edit', ['roles' => Role::get(), 'user' => $user]); 100 | } 101 | 102 | /** 103 | * Update the specified resource in storage. 104 | * 105 | * @param \Illuminate\Http\Request $request 106 | * @param \App\User $user 107 | * @return \Illuminate\Http\Response 108 | */ 109 | public function update(Request $request, User $user) 110 | { 111 | $this->authorize('update-user'); 112 | 113 | $validatedData = $request->validate([ 114 | 'name' => ['required', 'string', 'max:255'], 115 | 'email' => ['required', 'string', 'email', 'max:255', Rule::unique('users')->ignore($user->id)], 116 | 'password' => ['nullable', 'string', 'min:8', 'confirmed'], 117 | 'roles' => ['nullable'], 118 | ]); 119 | 120 | $user->fill([ 121 | 'name' => $validatedData['name'], 122 | 'email' => $validatedData['email'], 123 | ]); 124 | if ($request->filled('password')) { 125 | $user->password = Hash::make($validatedData['password']); 126 | } 127 | $user->save(); 128 | if ($request->filled('roles')) { 129 | $user->roles()->sync($validatedData['roles']); 130 | } elseif ($user->roles()->exists()) { 131 | $user->roles()->detach(); 132 | } 133 | 134 | return redirect()->route('users.index'); 135 | } 136 | 137 | /** 138 | * Remove the specified resource from storage. 139 | * 140 | * @param \App\User $user 141 | * @return \Illuminate\Http\Response 142 | */ 143 | public function destroy(User $user) 144 | { 145 | $this->authorize('delete-user'); 146 | 147 | $user->roles()->detach(); 148 | $user->delete(); 149 | 150 | return redirect()->route('users.index'); 151 | } 152 | } 153 | -------------------------------------------------------------------------------- /app/Http/Kernel.php: -------------------------------------------------------------------------------- 1 | [ 33 | \App\Http\Middleware\EncryptCookies::class, 34 | \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, 35 | \Illuminate\Session\Middleware\StartSession::class, 36 | // \Illuminate\Session\Middleware\AuthenticateSession::class, 37 | \Illuminate\View\Middleware\ShareErrorsFromSession::class, 38 | \App\Http\Middleware\VerifyCsrfToken::class, 39 | \Illuminate\Routing\Middleware\SubstituteBindings::class, 40 | ], 41 | 42 | 'api' => [ 43 | 'throttle:60,1', 44 | \Illuminate\Routing\Middleware\SubstituteBindings::class, 45 | ], 46 | ]; 47 | 48 | /** 49 | * The application's route middleware. 50 | * 51 | * These middleware may be assigned to groups or used individually. 52 | * 53 | * @var array 54 | */ 55 | protected $routeMiddleware = [ 56 | 'auth' => \App\Http\Middleware\Authenticate::class, 57 | 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 58 | 'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class, 59 | 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class, 60 | 'can' => \Illuminate\Auth\Middleware\Authorize::class, 61 | 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 62 | 'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class, 63 | 'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class, 64 | 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, 65 | 'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class, 66 | ]; 67 | } 68 | -------------------------------------------------------------------------------- /app/Http/Middleware/Authenticate.php: -------------------------------------------------------------------------------- 1 | expectsJson()) { 18 | return route('login'); 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /app/Http/Middleware/CheckForMaintenanceMode.php: -------------------------------------------------------------------------------- 1 | check()) { 22 | return redirect(RouteServiceProvider::HOME); 23 | } 24 | 25 | return $next($request); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /app/Http/Middleware/TrimStrings.php: -------------------------------------------------------------------------------- 1 | allSubdomainsOfApplicationUrl(), 18 | ]; 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /app/Http/Middleware/TrustProxies.php: -------------------------------------------------------------------------------- 1 | 'App\Policies\ModelPolicy', 18 | ]; 19 | 20 | /** 21 | * Register any authentication / authorization services. 22 | * 23 | * @return void 24 | */ 25 | public function boot() 26 | { 27 | $this->registerPolicies(); 28 | 29 | // 30 | 31 | Gate::before(function ($user, $ability) { 32 | if ($user->super) { 33 | return true; 34 | } else { 35 | return $user 36 | ->roles() 37 | ->whereHas('abilities', function (Builder $query) use ($ability) { 38 | $query->where('name', $ability); 39 | }) 40 | ->exists(); 41 | } 42 | }); 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /app/Providers/BroadcastServiceProvider.php: -------------------------------------------------------------------------------- 1 | [ 19 | SendEmailVerificationNotification::class, 20 | ], 21 | ]; 22 | 23 | /** 24 | * Register any events for your application. 25 | * 26 | * @return void 27 | */ 28 | public function boot() 29 | { 30 | parent::boot(); 31 | 32 | // 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /app/Providers/RouteServiceProvider.php: -------------------------------------------------------------------------------- 1 | mapApiRoutes(); 46 | 47 | $this->mapWebRoutes(); 48 | 49 | // 50 | } 51 | 52 | /** 53 | * Define the "web" routes for the application. 54 | * 55 | * These routes all receive session state, CSRF protection, etc. 56 | * 57 | * @return void 58 | */ 59 | protected function mapWebRoutes() 60 | { 61 | Route::middleware('web') 62 | ->namespace($this->namespace) 63 | ->group(base_path('routes/web.php')); 64 | } 65 | 66 | /** 67 | * Define the "api" routes for the application. 68 | * 69 | * These routes are typically stateless. 70 | * 71 | * @return void 72 | */ 73 | protected function mapApiRoutes() 74 | { 75 | Route::prefix('api') 76 | ->middleware('api') 77 | ->namespace($this->namespace) 78 | ->group(base_path('routes/api.php')); 79 | } 80 | } 81 | -------------------------------------------------------------------------------- /app/Role.php: -------------------------------------------------------------------------------- 1 | belongsToMany('App\User'); 24 | } 25 | 26 | /** 27 | * The abilities that belong to the role. 28 | */ 29 | public function abilities() 30 | { 31 | return $this->belongsToMany('App\Ability'); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /app/User.php: -------------------------------------------------------------------------------- 1 | 'datetime', 38 | ]; 39 | 40 | /** 41 | * The roles that belong to the user. 42 | */ 43 | public function roles() 44 | { 45 | return $this->belongsToMany('App\Role'); 46 | } 47 | } 48 | -------------------------------------------------------------------------------- /artisan: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env php 2 | make(Illuminate\Contracts\Console\Kernel::class); 34 | 35 | $status = $kernel->handle( 36 | $input = new Symfony\Component\Console\Input\ArgvInput, 37 | new Symfony\Component\Console\Output\ConsoleOutput 38 | ); 39 | 40 | /* 41 | |-------------------------------------------------------------------------- 42 | | Shutdown The Application 43 | |-------------------------------------------------------------------------- 44 | | 45 | | Once Artisan has finished running, we will fire off the shutdown events 46 | | so that any final work may be done by the application before we shut 47 | | down the process. This is the last thing to happen to the request. 48 | | 49 | */ 50 | 51 | $kernel->terminate($input, $status); 52 | 53 | exit($status); 54 | -------------------------------------------------------------------------------- /bootstrap/app.php: -------------------------------------------------------------------------------- 1 | singleton( 30 | Illuminate\Contracts\Http\Kernel::class, 31 | App\Http\Kernel::class 32 | ); 33 | 34 | $app->singleton( 35 | Illuminate\Contracts\Console\Kernel::class, 36 | App\Console\Kernel::class 37 | ); 38 | 39 | $app->singleton( 40 | Illuminate\Contracts\Debug\ExceptionHandler::class, 41 | App\Exceptions\Handler::class 42 | ); 43 | 44 | /* 45 | |-------------------------------------------------------------------------- 46 | | Return The Application 47 | |-------------------------------------------------------------------------- 48 | | 49 | | This script returns the application instance. The instance is given to 50 | | the calling script so we can separate the building of the instances 51 | | from the actual running of the application and sending responses. 52 | | 53 | */ 54 | 55 | return $app; 56 | -------------------------------------------------------------------------------- /bootstrap/cache/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "laravel/laravel", 3 | "type": "project", 4 | "description": "The Laravel Framework.", 5 | "keywords": [ 6 | "framework", 7 | "laravel" 8 | ], 9 | "license": "MIT", 10 | "require": { 11 | "php": "^7.2.5", 12 | "fideloper/proxy": "^4.2", 13 | "fruitcake/laravel-cors": "^2.0", 14 | "guzzlehttp/guzzle": "^6.3", 15 | "laravel/framework": "^7.24", 16 | "laravel/tinker": "^2.0", 17 | "laravel/ui": "^2.1" 18 | }, 19 | "require-dev": { 20 | "facade/ignition": "^2.0", 21 | "fzaninotto/faker": "^1.9.1", 22 | "mockery/mockery": "^1.3.1", 23 | "nunomaduro/collision": "^4.1", 24 | "phpunit/phpunit": "^8.5" 25 | }, 26 | "config": { 27 | "optimize-autoloader": true, 28 | "preferred-install": "dist", 29 | "sort-packages": true 30 | }, 31 | "extra": { 32 | "laravel": { 33 | "dont-discover": [] 34 | } 35 | }, 36 | "autoload": { 37 | "psr-4": { 38 | "App\\": "app/" 39 | }, 40 | "classmap": [ 41 | "database/seeds", 42 | "database/factories" 43 | ] 44 | }, 45 | "autoload-dev": { 46 | "psr-4": { 47 | "Tests\\": "tests/" 48 | } 49 | }, 50 | "minimum-stability": "dev", 51 | "prefer-stable": true, 52 | "scripts": { 53 | "post-autoload-dump": [ 54 | "Illuminate\\Foundation\\ComposerScripts::postAutoloadDump", 55 | "@php artisan package:discover --ansi" 56 | ], 57 | "post-root-package-install": [ 58 | "@php -r \"file_exists('.env') || copy('.env.example', '.env');\"" 59 | ], 60 | "post-create-project-cmd": [ 61 | "@php artisan key:generate --ansi" 62 | ] 63 | } 64 | } 65 | -------------------------------------------------------------------------------- /config/app.php: -------------------------------------------------------------------------------- 1 | env('APP_NAME', 'Laravel'), 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Application Environment 21 | |-------------------------------------------------------------------------- 22 | | 23 | | This value determines the "environment" your application is currently 24 | | running in. This may determine how you prefer to configure various 25 | | services the application utilizes. Set this in your ".env" file. 26 | | 27 | */ 28 | 29 | 'env' => env('APP_ENV', 'production'), 30 | 31 | /* 32 | |-------------------------------------------------------------------------- 33 | | Application Debug Mode 34 | |-------------------------------------------------------------------------- 35 | | 36 | | When your application is in debug mode, detailed error messages with 37 | | stack traces will be shown on every error that occurs within your 38 | | application. If disabled, a simple generic error page is shown. 39 | | 40 | */ 41 | 42 | 'debug' => (bool) env('APP_DEBUG', false), 43 | 44 | /* 45 | |-------------------------------------------------------------------------- 46 | | Application URL 47 | |-------------------------------------------------------------------------- 48 | | 49 | | This URL is used by the console to properly generate URLs when using 50 | | the Artisan command line tool. You should set this to the root of 51 | | your application so that it is used when running Artisan tasks. 52 | | 53 | */ 54 | 55 | 'url' => env('APP_URL', 'http://localhost'), 56 | 57 | 'asset_url' => env('ASSET_URL', null), 58 | 59 | /* 60 | |-------------------------------------------------------------------------- 61 | | Application Timezone 62 | |-------------------------------------------------------------------------- 63 | | 64 | | Here you may specify the default timezone for your application, which 65 | | will be used by the PHP date and date-time functions. We have gone 66 | | ahead and set this to a sensible default for you out of the box. 67 | | 68 | */ 69 | 70 | 'timezone' => 'UTC', 71 | 72 | /* 73 | |-------------------------------------------------------------------------- 74 | | Application Locale Configuration 75 | |-------------------------------------------------------------------------- 76 | | 77 | | The application locale determines the default locale that will be used 78 | | by the translation service provider. You are free to set this value 79 | | to any of the locales which will be supported by the application. 80 | | 81 | */ 82 | 83 | 'locale' => 'en', 84 | 85 | /* 86 | |-------------------------------------------------------------------------- 87 | | Application Fallback Locale 88 | |-------------------------------------------------------------------------- 89 | | 90 | | The fallback locale determines the locale to use when the current one 91 | | is not available. You may change the value to correspond to any of 92 | | the language folders that are provided through your application. 93 | | 94 | */ 95 | 96 | 'fallback_locale' => 'en', 97 | 98 | /* 99 | |-------------------------------------------------------------------------- 100 | | Faker Locale 101 | |-------------------------------------------------------------------------- 102 | | 103 | | This locale will be used by the Faker PHP library when generating fake 104 | | data for your database seeds. For example, this will be used to get 105 | | localized telephone numbers, street address information and more. 106 | | 107 | */ 108 | 109 | 'faker_locale' => 'en_US', 110 | 111 | /* 112 | |-------------------------------------------------------------------------- 113 | | Encryption Key 114 | |-------------------------------------------------------------------------- 115 | | 116 | | This key is used by the Illuminate encrypter service and should be set 117 | | to a random, 32 character string, otherwise these encrypted strings 118 | | will not be safe. Please do this before deploying an application! 119 | | 120 | */ 121 | 122 | 'key' => env('APP_KEY'), 123 | 124 | 'cipher' => 'AES-256-CBC', 125 | 126 | /* 127 | |-------------------------------------------------------------------------- 128 | | Autoloaded Service Providers 129 | |-------------------------------------------------------------------------- 130 | | 131 | | The service providers listed here will be automatically loaded on the 132 | | request to your application. Feel free to add your own services to 133 | | this array to grant expanded functionality to your applications. 134 | | 135 | */ 136 | 137 | 'providers' => [ 138 | 139 | /* 140 | * Laravel Framework Service Providers... 141 | */ 142 | Illuminate\Auth\AuthServiceProvider::class, 143 | Illuminate\Broadcasting\BroadcastServiceProvider::class, 144 | Illuminate\Bus\BusServiceProvider::class, 145 | Illuminate\Cache\CacheServiceProvider::class, 146 | Illuminate\Foundation\Providers\ConsoleSupportServiceProvider::class, 147 | Illuminate\Cookie\CookieServiceProvider::class, 148 | Illuminate\Database\DatabaseServiceProvider::class, 149 | Illuminate\Encryption\EncryptionServiceProvider::class, 150 | Illuminate\Filesystem\FilesystemServiceProvider::class, 151 | Illuminate\Foundation\Providers\FoundationServiceProvider::class, 152 | Illuminate\Hashing\HashServiceProvider::class, 153 | Illuminate\Mail\MailServiceProvider::class, 154 | Illuminate\Notifications\NotificationServiceProvider::class, 155 | Illuminate\Pagination\PaginationServiceProvider::class, 156 | Illuminate\Pipeline\PipelineServiceProvider::class, 157 | Illuminate\Queue\QueueServiceProvider::class, 158 | Illuminate\Redis\RedisServiceProvider::class, 159 | Illuminate\Auth\Passwords\PasswordResetServiceProvider::class, 160 | Illuminate\Session\SessionServiceProvider::class, 161 | Illuminate\Translation\TranslationServiceProvider::class, 162 | Illuminate\Validation\ValidationServiceProvider::class, 163 | Illuminate\View\ViewServiceProvider::class, 164 | 165 | /* 166 | * Package Service Providers... 167 | */ 168 | 169 | /* 170 | * Application Service Providers... 171 | */ 172 | App\Providers\AppServiceProvider::class, 173 | App\Providers\AuthServiceProvider::class, 174 | // App\Providers\BroadcastServiceProvider::class, 175 | App\Providers\EventServiceProvider::class, 176 | App\Providers\RouteServiceProvider::class, 177 | 178 | ], 179 | 180 | /* 181 | |-------------------------------------------------------------------------- 182 | | Class Aliases 183 | |-------------------------------------------------------------------------- 184 | | 185 | | This array of class aliases will be registered when this application 186 | | is started. However, feel free to register as many as you wish as 187 | | the aliases are "lazy" loaded so they don't hinder performance. 188 | | 189 | */ 190 | 191 | 'aliases' => [ 192 | 193 | 'App' => Illuminate\Support\Facades\App::class, 194 | 'Arr' => Illuminate\Support\Arr::class, 195 | 'Artisan' => Illuminate\Support\Facades\Artisan::class, 196 | 'Auth' => Illuminate\Support\Facades\Auth::class, 197 | 'Blade' => Illuminate\Support\Facades\Blade::class, 198 | 'Broadcast' => Illuminate\Support\Facades\Broadcast::class, 199 | 'Bus' => Illuminate\Support\Facades\Bus::class, 200 | 'Cache' => Illuminate\Support\Facades\Cache::class, 201 | 'Config' => Illuminate\Support\Facades\Config::class, 202 | 'Cookie' => Illuminate\Support\Facades\Cookie::class, 203 | 'Crypt' => Illuminate\Support\Facades\Crypt::class, 204 | 'DB' => Illuminate\Support\Facades\DB::class, 205 | 'Eloquent' => Illuminate\Database\Eloquent\Model::class, 206 | 'Event' => Illuminate\Support\Facades\Event::class, 207 | 'File' => Illuminate\Support\Facades\File::class, 208 | 'Gate' => Illuminate\Support\Facades\Gate::class, 209 | 'Hash' => Illuminate\Support\Facades\Hash::class, 210 | 'Http' => Illuminate\Support\Facades\Http::class, 211 | 'Lang' => Illuminate\Support\Facades\Lang::class, 212 | 'Log' => Illuminate\Support\Facades\Log::class, 213 | 'Mail' => Illuminate\Support\Facades\Mail::class, 214 | 'Notification' => Illuminate\Support\Facades\Notification::class, 215 | 'Password' => Illuminate\Support\Facades\Password::class, 216 | 'Queue' => Illuminate\Support\Facades\Queue::class, 217 | 'Redirect' => Illuminate\Support\Facades\Redirect::class, 218 | 'Redis' => Illuminate\Support\Facades\Redis::class, 219 | 'Request' => Illuminate\Support\Facades\Request::class, 220 | 'Response' => Illuminate\Support\Facades\Response::class, 221 | 'Route' => Illuminate\Support\Facades\Route::class, 222 | 'Schema' => Illuminate\Support\Facades\Schema::class, 223 | 'Session' => Illuminate\Support\Facades\Session::class, 224 | 'Storage' => Illuminate\Support\Facades\Storage::class, 225 | 'Str' => Illuminate\Support\Str::class, 226 | 'URL' => Illuminate\Support\Facades\URL::class, 227 | 'Validator' => Illuminate\Support\Facades\Validator::class, 228 | 'View' => Illuminate\Support\Facades\View::class, 229 | 230 | ], 231 | 232 | ]; 233 | -------------------------------------------------------------------------------- /config/auth.php: -------------------------------------------------------------------------------- 1 | [ 17 | 'guard' => 'web', 18 | 'passwords' => 'users', 19 | ], 20 | 21 | /* 22 | |-------------------------------------------------------------------------- 23 | | Authentication Guards 24 | |-------------------------------------------------------------------------- 25 | | 26 | | Next, you may define every authentication guard for your application. 27 | | Of course, a great default configuration has been defined for you 28 | | here which uses session storage and the Eloquent user provider. 29 | | 30 | | All authentication drivers have a user provider. This defines how the 31 | | users are actually retrieved out of your database or other storage 32 | | mechanisms used by this application to persist your user's data. 33 | | 34 | | Supported: "session", "token" 35 | | 36 | */ 37 | 38 | 'guards' => [ 39 | 'web' => [ 40 | 'driver' => 'session', 41 | 'provider' => 'users', 42 | ], 43 | 44 | 'api' => [ 45 | 'driver' => 'token', 46 | 'provider' => 'users', 47 | 'hash' => false, 48 | ], 49 | ], 50 | 51 | /* 52 | |-------------------------------------------------------------------------- 53 | | User Providers 54 | |-------------------------------------------------------------------------- 55 | | 56 | | All authentication drivers have a user provider. This defines how the 57 | | users are actually retrieved out of your database or other storage 58 | | mechanisms used by this application to persist your user's data. 59 | | 60 | | If you have multiple user tables or models you may configure multiple 61 | | sources which represent each model / table. These sources may then 62 | | be assigned to any extra authentication guards you have defined. 63 | | 64 | | Supported: "database", "eloquent" 65 | | 66 | */ 67 | 68 | 'providers' => [ 69 | 'users' => [ 70 | 'driver' => 'eloquent', 71 | 'model' => App\User::class, 72 | ], 73 | 74 | // 'users' => [ 75 | // 'driver' => 'database', 76 | // 'table' => 'users', 77 | // ], 78 | ], 79 | 80 | /* 81 | |-------------------------------------------------------------------------- 82 | | Resetting Passwords 83 | |-------------------------------------------------------------------------- 84 | | 85 | | You may specify multiple password reset configurations if you have more 86 | | than one user table or model in the application and you want to have 87 | | separate password reset settings based on the specific user types. 88 | | 89 | | The expire time is the number of minutes that the reset token should be 90 | | considered valid. This security feature keeps tokens short-lived so 91 | | they have less time to be guessed. You may change this as needed. 92 | | 93 | */ 94 | 95 | 'passwords' => [ 96 | 'users' => [ 97 | 'provider' => 'users', 98 | 'table' => 'password_resets', 99 | 'expire' => 60, 100 | 'throttle' => 60, 101 | ], 102 | ], 103 | 104 | /* 105 | |-------------------------------------------------------------------------- 106 | | Password Confirmation Timeout 107 | |-------------------------------------------------------------------------- 108 | | 109 | | Here you may define the amount of seconds before a password confirmation 110 | | times out and the user is prompted to re-enter their password via the 111 | | confirmation screen. By default, the timeout lasts for three hours. 112 | | 113 | */ 114 | 115 | 'password_timeout' => 10800, 116 | 117 | /* 118 | |-------------------------------------------------------------------------- 119 | | Super User Credentials 120 | |-------------------------------------------------------------------------- 121 | | 122 | | Here you can set super user credentials 123 | | 124 | */ 125 | 126 | 'super_user' => [ 127 | 'email' => env('AUTH_SUPER_USER_EMAIL', 'super@example.com'), 128 | 'password' => env('AUTH_SUPER_USER_PASSWORD', 'secret'), 129 | ], 130 | 131 | ]; 132 | -------------------------------------------------------------------------------- /config/broadcasting.php: -------------------------------------------------------------------------------- 1 | env('BROADCAST_DRIVER', 'null'), 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Broadcast Connections 23 | |-------------------------------------------------------------------------- 24 | | 25 | | Here you may define all of the broadcast connections that will be used 26 | | to broadcast events to other systems or over websockets. Samples of 27 | | each available type of connection are provided inside this array. 28 | | 29 | */ 30 | 31 | 'connections' => [ 32 | 33 | 'pusher' => [ 34 | 'driver' => 'pusher', 35 | 'key' => env('PUSHER_APP_KEY'), 36 | 'secret' => env('PUSHER_APP_SECRET'), 37 | 'app_id' => env('PUSHER_APP_ID'), 38 | 'options' => [ 39 | 'cluster' => env('PUSHER_APP_CLUSTER'), 40 | 'useTLS' => true, 41 | ], 42 | ], 43 | 44 | 'redis' => [ 45 | 'driver' => 'redis', 46 | 'connection' => 'default', 47 | ], 48 | 49 | 'log' => [ 50 | 'driver' => 'log', 51 | ], 52 | 53 | 'null' => [ 54 | 'driver' => 'null', 55 | ], 56 | 57 | ], 58 | 59 | ]; 60 | -------------------------------------------------------------------------------- /config/cache.php: -------------------------------------------------------------------------------- 1 | env('CACHE_DRIVER', 'file'), 22 | 23 | /* 24 | |-------------------------------------------------------------------------- 25 | | Cache Stores 26 | |-------------------------------------------------------------------------- 27 | | 28 | | Here you may define all of the cache "stores" for your application as 29 | | well as their drivers. You may even define multiple stores for the 30 | | same cache driver to group types of items stored in your caches. 31 | | 32 | */ 33 | 34 | 'stores' => [ 35 | 36 | 'apc' => [ 37 | 'driver' => 'apc', 38 | ], 39 | 40 | 'array' => [ 41 | 'driver' => 'array', 42 | 'serialize' => false, 43 | ], 44 | 45 | 'database' => [ 46 | 'driver' => 'database', 47 | 'table' => 'cache', 48 | 'connection' => null, 49 | ], 50 | 51 | 'file' => [ 52 | 'driver' => 'file', 53 | 'path' => storage_path('framework/cache/data'), 54 | ], 55 | 56 | 'memcached' => [ 57 | 'driver' => 'memcached', 58 | 'persistent_id' => env('MEMCACHED_PERSISTENT_ID'), 59 | 'sasl' => [ 60 | env('MEMCACHED_USERNAME'), 61 | env('MEMCACHED_PASSWORD'), 62 | ], 63 | 'options' => [ 64 | // Memcached::OPT_CONNECT_TIMEOUT => 2000, 65 | ], 66 | 'servers' => [ 67 | [ 68 | 'host' => env('MEMCACHED_HOST', '127.0.0.1'), 69 | 'port' => env('MEMCACHED_PORT', 11211), 70 | 'weight' => 100, 71 | ], 72 | ], 73 | ], 74 | 75 | 'redis' => [ 76 | 'driver' => 'redis', 77 | 'connection' => 'cache', 78 | ], 79 | 80 | 'dynamodb' => [ 81 | 'driver' => 'dynamodb', 82 | 'key' => env('AWS_ACCESS_KEY_ID'), 83 | 'secret' => env('AWS_SECRET_ACCESS_KEY'), 84 | 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), 85 | 'table' => env('DYNAMODB_CACHE_TABLE', 'cache'), 86 | 'endpoint' => env('DYNAMODB_ENDPOINT'), 87 | ], 88 | 89 | ], 90 | 91 | /* 92 | |-------------------------------------------------------------------------- 93 | | Cache Key Prefix 94 | |-------------------------------------------------------------------------- 95 | | 96 | | When utilizing a RAM based store such as APC or Memcached, there might 97 | | be other applications utilizing the same cache. So, we'll specify a 98 | | value to get prefixed to all our keys so we can avoid collisions. 99 | | 100 | */ 101 | 102 | 'prefix' => env('CACHE_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_cache'), 103 | 104 | ]; 105 | -------------------------------------------------------------------------------- /config/cors.php: -------------------------------------------------------------------------------- 1 | ['api/*'], 19 | 20 | 'allowed_methods' => ['*'], 21 | 22 | 'allowed_origins' => ['*'], 23 | 24 | 'allowed_origins_patterns' => [], 25 | 26 | 'allowed_headers' => ['*'], 27 | 28 | 'exposed_headers' => [], 29 | 30 | 'max_age' => 0, 31 | 32 | 'supports_credentials' => false, 33 | 34 | ]; 35 | -------------------------------------------------------------------------------- /config/database.php: -------------------------------------------------------------------------------- 1 | env('DB_CONNECTION', 'mysql'), 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Database Connections 23 | |-------------------------------------------------------------------------- 24 | | 25 | | Here are each of the database connections setup for your application. 26 | | Of course, examples of configuring each database platform that is 27 | | supported by Laravel is shown below to make development simple. 28 | | 29 | | 30 | | All database work in Laravel is done through the PHP PDO facilities 31 | | so make sure you have the driver for your particular database of 32 | | choice installed on your machine before you begin development. 33 | | 34 | */ 35 | 36 | 'connections' => [ 37 | 38 | 'sqlite' => [ 39 | 'driver' => 'sqlite', 40 | 'url' => env('DATABASE_URL'), 41 | 'database' => env('DB_DATABASE', database_path('database.sqlite')), 42 | 'prefix' => '', 43 | 'foreign_key_constraints' => env('DB_FOREIGN_KEYS', true), 44 | ], 45 | 46 | 'mysql' => [ 47 | 'driver' => 'mysql', 48 | 'url' => env('DATABASE_URL'), 49 | 'host' => env('DB_HOST', '127.0.0.1'), 50 | 'port' => env('DB_PORT', '3306'), 51 | 'database' => env('DB_DATABASE', 'forge'), 52 | 'username' => env('DB_USERNAME', 'forge'), 53 | 'password' => env('DB_PASSWORD', ''), 54 | 'unix_socket' => env('DB_SOCKET', ''), 55 | 'charset' => 'utf8mb4', 56 | 'collation' => 'utf8mb4_unicode_ci', 57 | 'prefix' => '', 58 | 'prefix_indexes' => true, 59 | 'strict' => true, 60 | 'engine' => null, 61 | 'options' => extension_loaded('pdo_mysql') ? array_filter([ 62 | PDO::MYSQL_ATTR_SSL_CA => env('MYSQL_ATTR_SSL_CA'), 63 | ]) : [], 64 | ], 65 | 66 | 'pgsql' => [ 67 | 'driver' => 'pgsql', 68 | 'url' => env('DATABASE_URL'), 69 | 'host' => env('DB_HOST', '127.0.0.1'), 70 | 'port' => env('DB_PORT', '5432'), 71 | 'database' => env('DB_DATABASE', 'forge'), 72 | 'username' => env('DB_USERNAME', 'forge'), 73 | 'password' => env('DB_PASSWORD', ''), 74 | 'charset' => 'utf8', 75 | 'prefix' => '', 76 | 'prefix_indexes' => true, 77 | 'schema' => 'public', 78 | 'sslmode' => 'prefer', 79 | ], 80 | 81 | 'sqlsrv' => [ 82 | 'driver' => 'sqlsrv', 83 | 'url' => env('DATABASE_URL'), 84 | 'host' => env('DB_HOST', 'localhost'), 85 | 'port' => env('DB_PORT', '1433'), 86 | 'database' => env('DB_DATABASE', 'forge'), 87 | 'username' => env('DB_USERNAME', 'forge'), 88 | 'password' => env('DB_PASSWORD', ''), 89 | 'charset' => 'utf8', 90 | 'prefix' => '', 91 | 'prefix_indexes' => true, 92 | ], 93 | 94 | ], 95 | 96 | /* 97 | |-------------------------------------------------------------------------- 98 | | Migration Repository Table 99 | |-------------------------------------------------------------------------- 100 | | 101 | | This table keeps track of all the migrations that have already run for 102 | | your application. Using this information, we can determine which of 103 | | the migrations on disk haven't actually been run in the database. 104 | | 105 | */ 106 | 107 | 'migrations' => 'migrations', 108 | 109 | /* 110 | |-------------------------------------------------------------------------- 111 | | Redis Databases 112 | |-------------------------------------------------------------------------- 113 | | 114 | | Redis is an open source, fast, and advanced key-value store that also 115 | | provides a richer body of commands than a typical key-value system 116 | | such as APC or Memcached. Laravel makes it easy to dig right in. 117 | | 118 | */ 119 | 120 | 'redis' => [ 121 | 122 | 'client' => env('REDIS_CLIENT', 'phpredis'), 123 | 124 | 'options' => [ 125 | 'cluster' => env('REDIS_CLUSTER', 'redis'), 126 | 'prefix' => env('REDIS_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_database_'), 127 | ], 128 | 129 | 'default' => [ 130 | 'url' => env('REDIS_URL'), 131 | 'host' => env('REDIS_HOST', '127.0.0.1'), 132 | 'password' => env('REDIS_PASSWORD', null), 133 | 'port' => env('REDIS_PORT', '6379'), 134 | 'database' => env('REDIS_DB', '0'), 135 | ], 136 | 137 | 'cache' => [ 138 | 'url' => env('REDIS_URL'), 139 | 'host' => env('REDIS_HOST', '127.0.0.1'), 140 | 'password' => env('REDIS_PASSWORD', null), 141 | 'port' => env('REDIS_PORT', '6379'), 142 | 'database' => env('REDIS_CACHE_DB', '1'), 143 | ], 144 | 145 | ], 146 | 147 | ]; 148 | -------------------------------------------------------------------------------- /config/filesystems.php: -------------------------------------------------------------------------------- 1 | env('FILESYSTEM_DRIVER', 'local'), 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Default Cloud Filesystem Disk 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Many applications store files both locally and in the cloud. For this 24 | | reason, you may specify a default "cloud" driver here. This driver 25 | | will be bound as the Cloud disk implementation in the container. 26 | | 27 | */ 28 | 29 | 'cloud' => env('FILESYSTEM_CLOUD', 's3'), 30 | 31 | /* 32 | |-------------------------------------------------------------------------- 33 | | Filesystem Disks 34 | |-------------------------------------------------------------------------- 35 | | 36 | | Here you may configure as many filesystem "disks" as you wish, and you 37 | | may even configure multiple disks of the same driver. Defaults have 38 | | been setup for each driver as an example of the required options. 39 | | 40 | | Supported Drivers: "local", "ftp", "sftp", "s3" 41 | | 42 | */ 43 | 44 | 'disks' => [ 45 | 46 | 'local' => [ 47 | 'driver' => 'local', 48 | 'root' => storage_path('app'), 49 | ], 50 | 51 | 'public' => [ 52 | 'driver' => 'local', 53 | 'root' => storage_path('app/public'), 54 | 'url' => env('APP_URL').'/storage', 55 | 'visibility' => 'public', 56 | ], 57 | 58 | 's3' => [ 59 | 'driver' => 's3', 60 | 'key' => env('AWS_ACCESS_KEY_ID'), 61 | 'secret' => env('AWS_SECRET_ACCESS_KEY'), 62 | 'region' => env('AWS_DEFAULT_REGION'), 63 | 'bucket' => env('AWS_BUCKET'), 64 | 'url' => env('AWS_URL'), 65 | 'endpoint' => env('AWS_ENDPOINT'), 66 | ], 67 | 68 | ], 69 | 70 | /* 71 | |-------------------------------------------------------------------------- 72 | | Symbolic Links 73 | |-------------------------------------------------------------------------- 74 | | 75 | | Here you may configure the symbolic links that will be created when the 76 | | `storage:link` Artisan command is executed. The array keys should be 77 | | the locations of the links and the values should be their targets. 78 | | 79 | */ 80 | 81 | 'links' => [ 82 | public_path('storage') => storage_path('app/public'), 83 | ], 84 | 85 | ]; 86 | -------------------------------------------------------------------------------- /config/hashing.php: -------------------------------------------------------------------------------- 1 | 'bcrypt', 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Bcrypt Options 23 | |-------------------------------------------------------------------------- 24 | | 25 | | Here you may specify the configuration options that should be used when 26 | | passwords are hashed using the Bcrypt algorithm. This will allow you 27 | | to control the amount of time it takes to hash the given password. 28 | | 29 | */ 30 | 31 | 'bcrypt' => [ 32 | 'rounds' => env('BCRYPT_ROUNDS', 10), 33 | ], 34 | 35 | /* 36 | |-------------------------------------------------------------------------- 37 | | Argon Options 38 | |-------------------------------------------------------------------------- 39 | | 40 | | Here you may specify the configuration options that should be used when 41 | | passwords are hashed using the Argon algorithm. These will allow you 42 | | to control the amount of time it takes to hash the given password. 43 | | 44 | */ 45 | 46 | 'argon' => [ 47 | 'memory' => 1024, 48 | 'threads' => 2, 49 | 'time' => 2, 50 | ], 51 | 52 | ]; 53 | -------------------------------------------------------------------------------- /config/logging.php: -------------------------------------------------------------------------------- 1 | env('LOG_CHANNEL', 'stack'), 21 | 22 | /* 23 | |-------------------------------------------------------------------------- 24 | | Log Channels 25 | |-------------------------------------------------------------------------- 26 | | 27 | | Here you may configure the log channels for your application. Out of 28 | | the box, Laravel uses the Monolog PHP logging library. This gives 29 | | you a variety of powerful log handlers / formatters to utilize. 30 | | 31 | | Available Drivers: "single", "daily", "slack", "syslog", 32 | | "errorlog", "monolog", 33 | | "custom", "stack" 34 | | 35 | */ 36 | 37 | 'channels' => [ 38 | 'stack' => [ 39 | 'driver' => 'stack', 40 | 'channels' => ['single'], 41 | 'ignore_exceptions' => false, 42 | ], 43 | 44 | 'single' => [ 45 | 'driver' => 'single', 46 | 'path' => storage_path('logs/laravel.log'), 47 | 'level' => 'debug', 48 | ], 49 | 50 | 'daily' => [ 51 | 'driver' => 'daily', 52 | 'path' => storage_path('logs/laravel.log'), 53 | 'level' => 'debug', 54 | 'days' => 14, 55 | ], 56 | 57 | 'slack' => [ 58 | 'driver' => 'slack', 59 | 'url' => env('LOG_SLACK_WEBHOOK_URL'), 60 | 'username' => 'Laravel Log', 61 | 'emoji' => ':boom:', 62 | 'level' => 'critical', 63 | ], 64 | 65 | 'papertrail' => [ 66 | 'driver' => 'monolog', 67 | 'level' => 'debug', 68 | 'handler' => SyslogUdpHandler::class, 69 | 'handler_with' => [ 70 | 'host' => env('PAPERTRAIL_URL'), 71 | 'port' => env('PAPERTRAIL_PORT'), 72 | ], 73 | ], 74 | 75 | 'stderr' => [ 76 | 'driver' => 'monolog', 77 | 'handler' => StreamHandler::class, 78 | 'formatter' => env('LOG_STDERR_FORMATTER'), 79 | 'with' => [ 80 | 'stream' => 'php://stderr', 81 | ], 82 | ], 83 | 84 | 'syslog' => [ 85 | 'driver' => 'syslog', 86 | 'level' => 'debug', 87 | ], 88 | 89 | 'errorlog' => [ 90 | 'driver' => 'errorlog', 91 | 'level' => 'debug', 92 | ], 93 | 94 | 'null' => [ 95 | 'driver' => 'monolog', 96 | 'handler' => NullHandler::class, 97 | ], 98 | 99 | 'emergency' => [ 100 | 'path' => storage_path('logs/laravel.log'), 101 | ], 102 | ], 103 | 104 | ]; 105 | -------------------------------------------------------------------------------- /config/mail.php: -------------------------------------------------------------------------------- 1 | env('MAIL_MAILER', 'smtp'), 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Mailer Configurations 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Here you may configure all of the mailers used by your application plus 24 | | their respective settings. Several examples have been configured for 25 | | you and you are free to add your own as your application requires. 26 | | 27 | | Laravel supports a variety of mail "transport" drivers to be used while 28 | | sending an e-mail. You will specify which one you are using for your 29 | | mailers below. You are free to add additional mailers as required. 30 | | 31 | | Supported: "smtp", "sendmail", "mailgun", "ses", 32 | | "postmark", "log", "array" 33 | | 34 | */ 35 | 36 | 'mailers' => [ 37 | 'smtp' => [ 38 | 'transport' => 'smtp', 39 | 'host' => env('MAIL_HOST', 'smtp.mailgun.org'), 40 | 'port' => env('MAIL_PORT', 587), 41 | 'encryption' => env('MAIL_ENCRYPTION', 'tls'), 42 | 'username' => env('MAIL_USERNAME'), 43 | 'password' => env('MAIL_PASSWORD'), 44 | 'timeout' => null, 45 | 'auth_mode' => null, 46 | ], 47 | 48 | 'ses' => [ 49 | 'transport' => 'ses', 50 | ], 51 | 52 | 'mailgun' => [ 53 | 'transport' => 'mailgun', 54 | ], 55 | 56 | 'postmark' => [ 57 | 'transport' => 'postmark', 58 | ], 59 | 60 | 'sendmail' => [ 61 | 'transport' => 'sendmail', 62 | 'path' => '/usr/sbin/sendmail -bs', 63 | ], 64 | 65 | 'log' => [ 66 | 'transport' => 'log', 67 | 'channel' => env('MAIL_LOG_CHANNEL'), 68 | ], 69 | 70 | 'array' => [ 71 | 'transport' => 'array', 72 | ], 73 | ], 74 | 75 | /* 76 | |-------------------------------------------------------------------------- 77 | | Global "From" Address 78 | |-------------------------------------------------------------------------- 79 | | 80 | | You may wish for all e-mails sent by your application to be sent from 81 | | the same address. Here, you may specify a name and address that is 82 | | used globally for all e-mails that are sent by your application. 83 | | 84 | */ 85 | 86 | 'from' => [ 87 | 'address' => env('MAIL_FROM_ADDRESS', 'hello@example.com'), 88 | 'name' => env('MAIL_FROM_NAME', 'Example'), 89 | ], 90 | 91 | /* 92 | |-------------------------------------------------------------------------- 93 | | Markdown Mail Settings 94 | |-------------------------------------------------------------------------- 95 | | 96 | | If you are using Markdown based email rendering, you may configure your 97 | | theme and component paths here, allowing you to customize the design 98 | | of the emails. Or, you may simply stick with the Laravel defaults! 99 | | 100 | */ 101 | 102 | 'markdown' => [ 103 | 'theme' => 'default', 104 | 105 | 'paths' => [ 106 | resource_path('views/vendor/mail'), 107 | ], 108 | ], 109 | 110 | ]; 111 | -------------------------------------------------------------------------------- /config/queue.php: -------------------------------------------------------------------------------- 1 | env('QUEUE_CONNECTION', 'sync'), 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Queue Connections 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Here you may configure the connection information for each server that 24 | | is used by your application. A default configuration has been added 25 | | for each back-end shipped with Laravel. You are free to add more. 26 | | 27 | | Drivers: "sync", "database", "beanstalkd", "sqs", "redis", "null" 28 | | 29 | */ 30 | 31 | 'connections' => [ 32 | 33 | 'sync' => [ 34 | 'driver' => 'sync', 35 | ], 36 | 37 | 'database' => [ 38 | 'driver' => 'database', 39 | 'table' => 'jobs', 40 | 'queue' => 'default', 41 | 'retry_after' => 90, 42 | ], 43 | 44 | 'beanstalkd' => [ 45 | 'driver' => 'beanstalkd', 46 | 'host' => 'localhost', 47 | 'queue' => 'default', 48 | 'retry_after' => 90, 49 | 'block_for' => 0, 50 | ], 51 | 52 | 'sqs' => [ 53 | 'driver' => 'sqs', 54 | 'key' => env('AWS_ACCESS_KEY_ID'), 55 | 'secret' => env('AWS_SECRET_ACCESS_KEY'), 56 | 'prefix' => env('SQS_PREFIX', 'https://sqs.us-east-1.amazonaws.com/your-account-id'), 57 | 'queue' => env('SQS_QUEUE', 'your-queue-name'), 58 | 'suffix' => env('SQS_SUFFIX'), 59 | 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), 60 | ], 61 | 62 | 'redis' => [ 63 | 'driver' => 'redis', 64 | 'connection' => 'default', 65 | 'queue' => env('REDIS_QUEUE', 'default'), 66 | 'retry_after' => 90, 67 | 'block_for' => null, 68 | ], 69 | 70 | ], 71 | 72 | /* 73 | |-------------------------------------------------------------------------- 74 | | Failed Queue Jobs 75 | |-------------------------------------------------------------------------- 76 | | 77 | | These options configure the behavior of failed queue job logging so you 78 | | can control which database and table are used to store the jobs that 79 | | have failed. You may change them to any database / table you wish. 80 | | 81 | */ 82 | 83 | 'failed' => [ 84 | 'driver' => env('QUEUE_FAILED_DRIVER', 'database'), 85 | 'database' => env('DB_CONNECTION', 'mysql'), 86 | 'table' => 'failed_jobs', 87 | ], 88 | 89 | ]; 90 | -------------------------------------------------------------------------------- /config/services.php: -------------------------------------------------------------------------------- 1 | [ 18 | 'domain' => env('MAILGUN_DOMAIN'), 19 | 'secret' => env('MAILGUN_SECRET'), 20 | 'endpoint' => env('MAILGUN_ENDPOINT', 'api.mailgun.net'), 21 | ], 22 | 23 | 'postmark' => [ 24 | 'token' => env('POSTMARK_TOKEN'), 25 | ], 26 | 27 | 'ses' => [ 28 | 'key' => env('AWS_ACCESS_KEY_ID'), 29 | 'secret' => env('AWS_SECRET_ACCESS_KEY'), 30 | 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), 31 | ], 32 | 33 | ]; 34 | -------------------------------------------------------------------------------- /config/session.php: -------------------------------------------------------------------------------- 1 | env('SESSION_DRIVER', 'file'), 22 | 23 | /* 24 | |-------------------------------------------------------------------------- 25 | | Session Lifetime 26 | |-------------------------------------------------------------------------- 27 | | 28 | | Here you may specify the number of minutes that you wish the session 29 | | to be allowed to remain idle before it expires. If you want them 30 | | to immediately expire on the browser closing, set that option. 31 | | 32 | */ 33 | 34 | 'lifetime' => env('SESSION_LIFETIME', 120), 35 | 36 | 'expire_on_close' => false, 37 | 38 | /* 39 | |-------------------------------------------------------------------------- 40 | | Session Encryption 41 | |-------------------------------------------------------------------------- 42 | | 43 | | This option allows you to easily specify that all of your session data 44 | | should be encrypted before it is stored. All encryption will be run 45 | | automatically by Laravel and you can use the Session like normal. 46 | | 47 | */ 48 | 49 | 'encrypt' => false, 50 | 51 | /* 52 | |-------------------------------------------------------------------------- 53 | | Session File Location 54 | |-------------------------------------------------------------------------- 55 | | 56 | | When using the native session driver, we need a location where session 57 | | files may be stored. A default has been set for you but a different 58 | | location may be specified. This is only needed for file sessions. 59 | | 60 | */ 61 | 62 | 'files' => storage_path('framework/sessions'), 63 | 64 | /* 65 | |-------------------------------------------------------------------------- 66 | | Session Database Connection 67 | |-------------------------------------------------------------------------- 68 | | 69 | | When using the "database" or "redis" session drivers, you may specify a 70 | | connection that should be used to manage these sessions. This should 71 | | correspond to a connection in your database configuration options. 72 | | 73 | */ 74 | 75 | 'connection' => env('SESSION_CONNECTION', null), 76 | 77 | /* 78 | |-------------------------------------------------------------------------- 79 | | Session Database Table 80 | |-------------------------------------------------------------------------- 81 | | 82 | | When using the "database" session driver, you may specify the table we 83 | | should use to manage the sessions. Of course, a sensible default is 84 | | provided for you; however, you are free to change this as needed. 85 | | 86 | */ 87 | 88 | 'table' => 'sessions', 89 | 90 | /* 91 | |-------------------------------------------------------------------------- 92 | | Session Cache Store 93 | |-------------------------------------------------------------------------- 94 | | 95 | | While using one of the framework's cache driven session backends you may 96 | | list a cache store that should be used for these sessions. This value 97 | | must match with one of the application's configured cache "stores". 98 | | 99 | | Affects: "apc", "dynamodb", "memcached", "redis" 100 | | 101 | */ 102 | 103 | 'store' => env('SESSION_STORE', null), 104 | 105 | /* 106 | |-------------------------------------------------------------------------- 107 | | Session Sweeping Lottery 108 | |-------------------------------------------------------------------------- 109 | | 110 | | Some session drivers must manually sweep their storage location to get 111 | | rid of old sessions from storage. Here are the chances that it will 112 | | happen on a given request. By default, the odds are 2 out of 100. 113 | | 114 | */ 115 | 116 | 'lottery' => [2, 100], 117 | 118 | /* 119 | |-------------------------------------------------------------------------- 120 | | Session Cookie Name 121 | |-------------------------------------------------------------------------- 122 | | 123 | | Here you may change the name of the cookie used to identify a session 124 | | instance by ID. The name specified here will get used every time a 125 | | new session cookie is created by the framework for every driver. 126 | | 127 | */ 128 | 129 | 'cookie' => env( 130 | 'SESSION_COOKIE', 131 | Str::slug(env('APP_NAME', 'laravel'), '_').'_session' 132 | ), 133 | 134 | /* 135 | |-------------------------------------------------------------------------- 136 | | Session Cookie Path 137 | |-------------------------------------------------------------------------- 138 | | 139 | | The session cookie path determines the path for which the cookie will 140 | | be regarded as available. Typically, this will be the root path of 141 | | your application but you are free to change this when necessary. 142 | | 143 | */ 144 | 145 | 'path' => '/', 146 | 147 | /* 148 | |-------------------------------------------------------------------------- 149 | | Session Cookie Domain 150 | |-------------------------------------------------------------------------- 151 | | 152 | | Here you may change the domain of the cookie used to identify a session 153 | | in your application. This will determine which domains the cookie is 154 | | available to in your application. A sensible default has been set. 155 | | 156 | */ 157 | 158 | 'domain' => env('SESSION_DOMAIN', null), 159 | 160 | /* 161 | |-------------------------------------------------------------------------- 162 | | HTTPS Only Cookies 163 | |-------------------------------------------------------------------------- 164 | | 165 | | By setting this option to true, session cookies will only be sent back 166 | | to the server if the browser has a HTTPS connection. This will keep 167 | | the cookie from being sent to you if it can not be done securely. 168 | | 169 | */ 170 | 171 | 'secure' => env('SESSION_SECURE_COOKIE'), 172 | 173 | /* 174 | |-------------------------------------------------------------------------- 175 | | HTTP Access Only 176 | |-------------------------------------------------------------------------- 177 | | 178 | | Setting this value to true will prevent JavaScript from accessing the 179 | | value of the cookie and the cookie will only be accessible through 180 | | the HTTP protocol. You are free to modify this option if needed. 181 | | 182 | */ 183 | 184 | 'http_only' => true, 185 | 186 | /* 187 | |-------------------------------------------------------------------------- 188 | | Same-Site Cookies 189 | |-------------------------------------------------------------------------- 190 | | 191 | | This option determines how your cookies behave when cross-site requests 192 | | take place, and can be used to mitigate CSRF attacks. By default, we 193 | | will set this value to "lax" since this is a secure default value. 194 | | 195 | | Supported: "lax", "strict", "none", null 196 | | 197 | */ 198 | 199 | 'same_site' => 'lax', 200 | 201 | ]; 202 | -------------------------------------------------------------------------------- /config/view.php: -------------------------------------------------------------------------------- 1 | [ 17 | resource_path('views'), 18 | ], 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Compiled View Path 23 | |-------------------------------------------------------------------------- 24 | | 25 | | This option determines where all the compiled Blade templates will be 26 | | stored for your application. Typically, this is within the storage 27 | | directory. However, as usual, you are free to change this value. 28 | | 29 | */ 30 | 31 | 'compiled' => env( 32 | 'VIEW_COMPILED_PATH', 33 | realpath(storage_path('framework/views')) 34 | ), 35 | 36 | ]; 37 | -------------------------------------------------------------------------------- /database/.gitignore: -------------------------------------------------------------------------------- 1 | *.sqlite 2 | *.sqlite-journal 3 | -------------------------------------------------------------------------------- /database/factories/UserFactory.php: -------------------------------------------------------------------------------- 1 | define(User::class, function (Faker $faker) { 21 | return [ 22 | 'name' => $faker->name, 23 | 'email' => $faker->unique()->safeEmail, 24 | 'email_verified_at' => now(), 25 | 'password' => '$2y$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', // password 26 | 'remember_token' => Str::random(10), 27 | ]; 28 | }); 29 | -------------------------------------------------------------------------------- /database/migrations/2014_10_12_000000_create_users_table.php: -------------------------------------------------------------------------------- 1 | id(); 18 | $table->string('name'); 19 | $table->string('email')->unique(); 20 | $table->timestamp('email_verified_at')->nullable(); 21 | $table->string('password'); 22 | $table->boolean('super')->nullable(); 23 | $table->rememberToken(); 24 | $table->timestamps(); 25 | }); 26 | } 27 | 28 | /** 29 | * Reverse the migrations. 30 | * 31 | * @return void 32 | */ 33 | public function down() 34 | { 35 | Schema::dropIfExists('users'); 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /database/migrations/2014_10_12_100000_create_password_resets_table.php: -------------------------------------------------------------------------------- 1 | string('email')->index(); 18 | $table->string('token'); 19 | $table->timestamp('created_at')->nullable(); 20 | }); 21 | } 22 | 23 | /** 24 | * Reverse the migrations. 25 | * 26 | * @return void 27 | */ 28 | public function down() 29 | { 30 | Schema::dropIfExists('password_resets'); 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /database/migrations/2019_08_19_000000_create_failed_jobs_table.php: -------------------------------------------------------------------------------- 1 | id(); 18 | $table->text('connection'); 19 | $table->text('queue'); 20 | $table->longText('payload'); 21 | $table->longText('exception'); 22 | $table->timestamp('failed_at')->useCurrent(); 23 | }); 24 | } 25 | 26 | /** 27 | * Reverse the migrations. 28 | * 29 | * @return void 30 | */ 31 | public function down() 32 | { 33 | Schema::dropIfExists('failed_jobs'); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /database/migrations/2020_08_24_192345_create_roles_table.php: -------------------------------------------------------------------------------- 1 | id(); 18 | $table->string('name')->unique(); 19 | $table->timestamps(); 20 | }); 21 | } 22 | 23 | /** 24 | * Reverse the migrations. 25 | * 26 | * @return void 27 | */ 28 | public function down() 29 | { 30 | Schema::dropIfExists('roles'); 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /database/migrations/2020_08_24_192453_create_role_user_table.php: -------------------------------------------------------------------------------- 1 | id(); 18 | $table->foreignId('role_id')->constrained(); 19 | $table->foreignId('user_id')->constrained(); 20 | $table->timestamps(); 21 | }); 22 | } 23 | 24 | /** 25 | * Reverse the migrations. 26 | * 27 | * @return void 28 | */ 29 | public function down() 30 | { 31 | Schema::dropIfExists('role_user'); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /database/migrations/2020_08_24_194746_create_abilities_table.php: -------------------------------------------------------------------------------- 1 | id(); 18 | $table->string('name'); 19 | $table->timestamps(); 20 | }); 21 | } 22 | 23 | /** 24 | * Reverse the migrations. 25 | * 26 | * @return void 27 | */ 28 | public function down() 29 | { 30 | Schema::dropIfExists('abilities'); 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /database/migrations/2020_08_24_194800_create_ability_role_table.php: -------------------------------------------------------------------------------- 1 | id(); 18 | $table->foreignId('ability_id')->constrained(); 19 | $table->foreignId('role_id')->constrained(); 20 | $table->timestamps(); 21 | }); 22 | } 23 | 24 | /** 25 | * Reverse the migrations. 26 | * 27 | * @return void 28 | */ 29 | public function down() 30 | { 31 | Schema::dropIfExists('ability_role'); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /database/seeds/DatabaseSeeder.php: -------------------------------------------------------------------------------- 1 | 'user@example.com', 19 | 'name' => 'user', 20 | 'password' => Hash::make('secret'), 21 | ]); 22 | $role = $user->roles()->create(['name' => 'User']); 23 | $role->abilities()->attach(Ability::whereIn('name', ['view-any-user', 'view-any-role'])->pluck('id')); 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "private": true, 3 | "scripts": { 4 | "dev": "npm run development", 5 | "development": "cross-env NODE_ENV=development node_modules/webpack/bin/webpack.js --progress --hide-modules --config=node_modules/laravel-mix/setup/webpack.config.js", 6 | "watch": "npm run development -- --watch", 7 | "watch-poll": "npm run watch -- --watch-poll", 8 | "hot": "cross-env NODE_ENV=development node_modules/webpack-dev-server/bin/webpack-dev-server.js --inline --hot --disable-host-check --config=node_modules/laravel-mix/setup/webpack.config.js", 9 | "prod": "npm run production", 10 | "production": "cross-env NODE_ENV=production node_modules/webpack/bin/webpack.js --no-progress --hide-modules --config=node_modules/laravel-mix/setup/webpack.config.js" 11 | }, 12 | "devDependencies": { 13 | "bootstrap": "^4.0.0", 14 | "cross-env": "^7.0", 15 | "jquery": "^3.2", 16 | "laravel-mix": "^5.0.1", 17 | "popper.js": "^1.12", 18 | "resolve-url-loader": "^3.1.0", 19 | "sass": "^1.15.2", 20 | "sass-loader": "^8.0.0", 21 | "vue-template-compiler": "^2.6.12" 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /phpunit.xml: -------------------------------------------------------------------------------- 1 | 2 | 7 | 8 | 9 | ./tests/Unit 10 | 11 | 12 | ./tests/Feature 13 | 14 | 15 | 16 | 17 | ./app 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | -------------------------------------------------------------------------------- /public/.htaccess: -------------------------------------------------------------------------------- 1 | 2 | 3 | Options -MultiViews -Indexes 4 | 5 | 6 | RewriteEngine On 7 | 8 | # Handle Authorization Header 9 | RewriteCond %{HTTP:Authorization} . 10 | RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] 11 | 12 | # Redirect Trailing Slashes If Not A Folder... 13 | RewriteCond %{REQUEST_FILENAME} !-d 14 | RewriteCond %{REQUEST_URI} (.+)/$ 15 | RewriteRule ^ %1 [L,R=301] 16 | 17 | # Send Requests To Front Controller... 18 | RewriteCond %{REQUEST_FILENAME} !-d 19 | RewriteCond %{REQUEST_FILENAME} !-f 20 | RewriteRule ^ index.php [L] 21 | 22 | -------------------------------------------------------------------------------- /public/favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mahmoud-y/laravel-roles-abilities-tutorial/79fdc74bc56f48f57524c27be925e2abc1381816/public/favicon.ico -------------------------------------------------------------------------------- /public/index.php: -------------------------------------------------------------------------------- 1 | 8 | */ 9 | 10 | define('LARAVEL_START', microtime(true)); 11 | 12 | /* 13 | |-------------------------------------------------------------------------- 14 | | Register The Auto Loader 15 | |-------------------------------------------------------------------------- 16 | | 17 | | Composer provides a convenient, automatically generated class loader for 18 | | our application. We just need to utilize it! We'll simply require it 19 | | into the script here so that we don't have to worry about manual 20 | | loading any of our classes later on. It feels great to relax. 21 | | 22 | */ 23 | 24 | require __DIR__.'/../vendor/autoload.php'; 25 | 26 | /* 27 | |-------------------------------------------------------------------------- 28 | | Turn On The Lights 29 | |-------------------------------------------------------------------------- 30 | | 31 | | We need to illuminate PHP development, so let us turn on the lights. 32 | | This bootstraps the framework and gets it ready for use, then it 33 | | will load up this application so that we can run it and send 34 | | the responses back to the browser and delight our users. 35 | | 36 | */ 37 | 38 | $app = require_once __DIR__.'/../bootstrap/app.php'; 39 | 40 | /* 41 | |-------------------------------------------------------------------------- 42 | | Run The Application 43 | |-------------------------------------------------------------------------- 44 | | 45 | | Once we have the application, we can handle the incoming request 46 | | through the kernel, and send the associated response back to 47 | | the client's browser allowing them to enjoy the creative 48 | | and wonderful application we have prepared for them. 49 | | 50 | */ 51 | 52 | $kernel = $app->make(Illuminate\Contracts\Http\Kernel::class); 53 | 54 | $response = $kernel->handle( 55 | $request = Illuminate\Http\Request::capture() 56 | ); 57 | 58 | $response->send(); 59 | 60 | $kernel->terminate($request, $response); 61 | -------------------------------------------------------------------------------- /public/mix-manifest.json: -------------------------------------------------------------------------------- 1 | { 2 | "/js/app.js": "/js/app.js", 3 | "/css/app.css": "/css/app.css" 4 | } 5 | -------------------------------------------------------------------------------- /public/robots.txt: -------------------------------------------------------------------------------- 1 | User-agent: * 2 | Disallow: 3 | -------------------------------------------------------------------------------- /resources/js/app.js: -------------------------------------------------------------------------------- 1 | require('./bootstrap'); 2 | -------------------------------------------------------------------------------- /resources/js/bootstrap.js: -------------------------------------------------------------------------------- 1 | // window._ = require('lodash'); 2 | 3 | /** 4 | * We'll load jQuery and the Bootstrap jQuery plugin which provides support 5 | * for JavaScript based Bootstrap features such as modals and tabs. This 6 | * code may be modified to fit the specific needs of your application. 7 | */ 8 | 9 | try { 10 | window.Popper = require('popper.js').default; 11 | window.$ = window.jQuery = require('jquery'); 12 | 13 | require('bootstrap'); 14 | } catch (e) {} 15 | 16 | /** 17 | * We'll load the axios HTTP library which allows us to easily issue requests 18 | * to our Laravel back-end. This library automatically handles sending the 19 | * CSRF token as a header based on the value of the "XSRF" token cookie. 20 | */ 21 | 22 | // window.axios = require('axios'); 23 | 24 | // window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest'; 25 | 26 | /** 27 | * Echo exposes an expressive API for subscribing to channels and listening 28 | * for events that are broadcast by Laravel. Echo and event broadcasting 29 | * allows your team to easily build robust real-time web applications. 30 | */ 31 | 32 | // import Echo from 'laravel-echo'; 33 | 34 | // window.Pusher = require('pusher-js'); 35 | 36 | // window.Echo = new Echo({ 37 | // broadcaster: 'pusher', 38 | // key: process.env.MIX_PUSHER_APP_KEY, 39 | // cluster: process.env.MIX_PUSHER_APP_CLUSTER, 40 | // forceTLS: true 41 | // }); 42 | -------------------------------------------------------------------------------- /resources/lang/en/auth.php: -------------------------------------------------------------------------------- 1 | 'These credentials do not match our records.', 17 | 'throttle' => 'Too many login attempts. Please try again in :seconds seconds.', 18 | 19 | ]; 20 | -------------------------------------------------------------------------------- /resources/lang/en/pagination.php: -------------------------------------------------------------------------------- 1 | '« Previous', 17 | 'next' => 'Next »', 18 | 19 | ]; 20 | -------------------------------------------------------------------------------- /resources/lang/en/passwords.php: -------------------------------------------------------------------------------- 1 | 'Your password has been reset!', 17 | 'sent' => 'We have emailed your password reset link!', 18 | 'throttled' => 'Please wait before retrying.', 19 | 'token' => 'This password reset token is invalid.', 20 | 'user' => "We can't find a user with that email address.", 21 | 22 | ]; 23 | -------------------------------------------------------------------------------- /resources/lang/en/validation.php: -------------------------------------------------------------------------------- 1 | 'The :attribute must be accepted.', 17 | 'active_url' => 'The :attribute is not a valid URL.', 18 | 'after' => 'The :attribute must be a date after :date.', 19 | 'after_or_equal' => 'The :attribute must be a date after or equal to :date.', 20 | 'alpha' => 'The :attribute may only contain letters.', 21 | 'alpha_dash' => 'The :attribute may only contain letters, numbers, dashes and underscores.', 22 | 'alpha_num' => 'The :attribute may only contain letters and numbers.', 23 | 'array' => 'The :attribute must be an array.', 24 | 'before' => 'The :attribute must be a date before :date.', 25 | 'before_or_equal' => 'The :attribute must be a date before or equal to :date.', 26 | 'between' => [ 27 | 'numeric' => 'The :attribute must be between :min and :max.', 28 | 'file' => 'The :attribute must be between :min and :max kilobytes.', 29 | 'string' => 'The :attribute must be between :min and :max characters.', 30 | 'array' => 'The :attribute must have between :min and :max items.', 31 | ], 32 | 'boolean' => 'The :attribute field must be true or false.', 33 | 'confirmed' => 'The :attribute confirmation does not match.', 34 | 'date' => 'The :attribute is not a valid date.', 35 | 'date_equals' => 'The :attribute must be a date equal to :date.', 36 | 'date_format' => 'The :attribute does not match the format :format.', 37 | 'different' => 'The :attribute and :other must be different.', 38 | 'digits' => 'The :attribute must be :digits digits.', 39 | 'digits_between' => 'The :attribute must be between :min and :max digits.', 40 | 'dimensions' => 'The :attribute has invalid image dimensions.', 41 | 'distinct' => 'The :attribute field has a duplicate value.', 42 | 'email' => 'The :attribute must be a valid email address.', 43 | 'ends_with' => 'The :attribute must end with one of the following: :values.', 44 | 'exists' => 'The selected :attribute is invalid.', 45 | 'file' => 'The :attribute must be a file.', 46 | 'filled' => 'The :attribute field must have a value.', 47 | 'gt' => [ 48 | 'numeric' => 'The :attribute must be greater than :value.', 49 | 'file' => 'The :attribute must be greater than :value kilobytes.', 50 | 'string' => 'The :attribute must be greater than :value characters.', 51 | 'array' => 'The :attribute must have more than :value items.', 52 | ], 53 | 'gte' => [ 54 | 'numeric' => 'The :attribute must be greater than or equal :value.', 55 | 'file' => 'The :attribute must be greater than or equal :value kilobytes.', 56 | 'string' => 'The :attribute must be greater than or equal :value characters.', 57 | 'array' => 'The :attribute must have :value items or more.', 58 | ], 59 | 'image' => 'The :attribute must be an image.', 60 | 'in' => 'The selected :attribute is invalid.', 61 | 'in_array' => 'The :attribute field does not exist in :other.', 62 | 'integer' => 'The :attribute must be an integer.', 63 | 'ip' => 'The :attribute must be a valid IP address.', 64 | 'ipv4' => 'The :attribute must be a valid IPv4 address.', 65 | 'ipv6' => 'The :attribute must be a valid IPv6 address.', 66 | 'json' => 'The :attribute must be a valid JSON string.', 67 | 'lt' => [ 68 | 'numeric' => 'The :attribute must be less than :value.', 69 | 'file' => 'The :attribute must be less than :value kilobytes.', 70 | 'string' => 'The :attribute must be less than :value characters.', 71 | 'array' => 'The :attribute must have less than :value items.', 72 | ], 73 | 'lte' => [ 74 | 'numeric' => 'The :attribute must be less than or equal :value.', 75 | 'file' => 'The :attribute must be less than or equal :value kilobytes.', 76 | 'string' => 'The :attribute must be less than or equal :value characters.', 77 | 'array' => 'The :attribute must not have more than :value items.', 78 | ], 79 | 'max' => [ 80 | 'numeric' => 'The :attribute may not be greater than :max.', 81 | 'file' => 'The :attribute may not be greater than :max kilobytes.', 82 | 'string' => 'The :attribute may not be greater than :max characters.', 83 | 'array' => 'The :attribute may not have more than :max items.', 84 | ], 85 | 'mimes' => 'The :attribute must be a file of type: :values.', 86 | 'mimetypes' => 'The :attribute must be a file of type: :values.', 87 | 'min' => [ 88 | 'numeric' => 'The :attribute must be at least :min.', 89 | 'file' => 'The :attribute must be at least :min kilobytes.', 90 | 'string' => 'The :attribute must be at least :min characters.', 91 | 'array' => 'The :attribute must have at least :min items.', 92 | ], 93 | 'not_in' => 'The selected :attribute is invalid.', 94 | 'not_regex' => 'The :attribute format is invalid.', 95 | 'numeric' => 'The :attribute must be a number.', 96 | 'password' => 'The password is incorrect.', 97 | 'present' => 'The :attribute field must be present.', 98 | 'regex' => 'The :attribute format is invalid.', 99 | 'required' => 'The :attribute field is required.', 100 | 'required_if' => 'The :attribute field is required when :other is :value.', 101 | 'required_unless' => 'The :attribute field is required unless :other is in :values.', 102 | 'required_with' => 'The :attribute field is required when :values is present.', 103 | 'required_with_all' => 'The :attribute field is required when :values are present.', 104 | 'required_without' => 'The :attribute field is required when :values is not present.', 105 | 'required_without_all' => 'The :attribute field is required when none of :values are present.', 106 | 'same' => 'The :attribute and :other must match.', 107 | 'size' => [ 108 | 'numeric' => 'The :attribute must be :size.', 109 | 'file' => 'The :attribute must be :size kilobytes.', 110 | 'string' => 'The :attribute must be :size characters.', 111 | 'array' => 'The :attribute must contain :size items.', 112 | ], 113 | 'starts_with' => 'The :attribute must start with one of the following: :values.', 114 | 'string' => 'The :attribute must be a string.', 115 | 'timezone' => 'The :attribute must be a valid zone.', 116 | 'unique' => 'The :attribute has already been taken.', 117 | 'uploaded' => 'The :attribute failed to upload.', 118 | 'url' => 'The :attribute format is invalid.', 119 | 'uuid' => 'The :attribute must be a valid UUID.', 120 | 121 | /* 122 | |-------------------------------------------------------------------------- 123 | | Custom Validation Language Lines 124 | |-------------------------------------------------------------------------- 125 | | 126 | | Here you may specify custom validation messages for attributes using the 127 | | convention "attribute.rule" to name the lines. This makes it quick to 128 | | specify a specific custom language line for a given attribute rule. 129 | | 130 | */ 131 | 132 | 'custom' => [ 133 | 'attribute-name' => [ 134 | 'rule-name' => 'custom-message', 135 | ], 136 | ], 137 | 138 | /* 139 | |-------------------------------------------------------------------------- 140 | | Custom Validation Attributes 141 | |-------------------------------------------------------------------------- 142 | | 143 | | The following language lines are used to swap our attribute placeholder 144 | | with something more reader friendly such as "E-Mail Address" instead 145 | | of "email". This simply helps us make our message more expressive. 146 | | 147 | */ 148 | 149 | 'attributes' => [], 150 | 151 | ]; 152 | -------------------------------------------------------------------------------- /resources/sass/_variables.scss: -------------------------------------------------------------------------------- 1 | // Body 2 | $body-bg: #f8fafc; 3 | 4 | // Typography 5 | $font-family-sans-serif: 'Nunito', sans-serif; 6 | $font-size-base: 0.9rem; 7 | $line-height-base: 1.6; 8 | 9 | // Colors 10 | $blue: #3490dc; 11 | $indigo: #6574cd; 12 | $purple: #9561e2; 13 | $pink: #f66d9b; 14 | $red: #e3342f; 15 | $orange: #f6993f; 16 | $yellow: #ffed4a; 17 | $green: #38c172; 18 | $teal: #4dc0b5; 19 | $cyan: #6cb2eb; 20 | -------------------------------------------------------------------------------- /resources/sass/app.scss: -------------------------------------------------------------------------------- 1 | // Fonts 2 | @import url('https://fonts.googleapis.com/css?family=Nunito'); 3 | 4 | // Variables 5 | @import 'variables'; 6 | 7 | // Bootstrap 8 | @import '~bootstrap/scss/bootstrap'; 9 | -------------------------------------------------------------------------------- /resources/views/auth/login.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
{{ __('Login') }}
9 | 10 |
11 |
12 | @csrf 13 | 14 |
15 | 16 | 17 |
18 | 19 | 20 | @error('email') 21 | 22 | {{ $message }} 23 | 24 | @enderror 25 |
26 |
27 | 28 |
29 | 30 | 31 |
32 | 33 | 34 | @error('password') 35 | 36 | {{ $message }} 37 | 38 | @enderror 39 |
40 |
41 | 42 |
43 |
44 |
45 | 46 | 47 | 50 |
51 |
52 |
53 | 54 |
55 |
56 | 59 | 60 | @if (Route::has('password.request')) 61 | 62 | {{ __('Forgot Your Password?') }} 63 | 64 | @endif 65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 |
73 | @endsection 74 | -------------------------------------------------------------------------------- /resources/views/auth/passwords/confirm.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
{{ __('Confirm Password') }}
9 | 10 |
11 | {{ __('Please confirm your password before continuing.') }} 12 | 13 |
14 | @csrf 15 | 16 |
17 | 18 | 19 |
20 | 21 | 22 | @error('password') 23 | 24 | {{ $message }} 25 | 26 | @enderror 27 |
28 |
29 | 30 |
31 |
32 | 35 | 36 | @if (Route::has('password.request')) 37 | 38 | {{ __('Forgot Your Password?') }} 39 | 40 | @endif 41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 | @endsection 50 | -------------------------------------------------------------------------------- /resources/views/auth/passwords/email.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
{{ __('Reset Password') }}
9 | 10 |
11 | @if (session('status')) 12 | 15 | @endif 16 | 17 |
18 | @csrf 19 | 20 |
21 | 22 | 23 |
24 | 25 | 26 | @error('email') 27 | 28 | {{ $message }} 29 | 30 | @enderror 31 |
32 |
33 | 34 |
35 |
36 | 39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 | @endsection 48 | -------------------------------------------------------------------------------- /resources/views/auth/passwords/reset.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
{{ __('Reset Password') }}
9 | 10 |
11 |
12 | @csrf 13 | 14 | 15 | 16 |
17 | 18 | 19 |
20 | 21 | 22 | @error('email') 23 | 24 | {{ $message }} 25 | 26 | @enderror 27 |
28 |
29 | 30 |
31 | 32 | 33 |
34 | 35 | 36 | @error('password') 37 | 38 | {{ $message }} 39 | 40 | @enderror 41 |
42 |
43 | 44 |
45 | 46 | 47 |
48 | 49 |
50 |
51 | 52 |
53 |
54 | 57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 | @endsection 66 | -------------------------------------------------------------------------------- /resources/views/auth/register.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
{{ __('Register') }}
9 | 10 |
11 |
12 | @csrf 13 | 14 |
15 | 16 | 17 |
18 | 19 | 20 | @error('name') 21 | 22 | {{ $message }} 23 | 24 | @enderror 25 |
26 |
27 | 28 |
29 | 30 | 31 |
32 | 33 | 34 | @error('email') 35 | 36 | {{ $message }} 37 | 38 | @enderror 39 |
40 |
41 | 42 |
43 | 44 | 45 |
46 | 47 | 48 | @error('password') 49 | 50 | {{ $message }} 51 | 52 | @enderror 53 |
54 |
55 | 56 |
57 | 58 | 59 |
60 | 61 |
62 |
63 | 64 |
65 |
66 | 69 |
70 |
71 |
72 |
73 |
74 |
75 |
76 |
77 | @endsection 78 | -------------------------------------------------------------------------------- /resources/views/auth/verify.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
{{ __('Verify Your Email Address') }}
9 | 10 |
11 | @if (session('resent')) 12 | 15 | @endif 16 | 17 | {{ __('Before proceeding, please check your email for a verification link.') }} 18 | {{ __('If you did not receive the email') }}, 19 |
20 | @csrf 21 | . 22 |
23 |
24 |
25 |
26 |
27 |
28 | @endsection 29 | -------------------------------------------------------------------------------- /resources/views/home.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
{{ __('Dashboard') }}
9 | 10 |
11 | @if (session('status')) 12 | 15 | @endif 16 | 17 | {{ __('You are logged in!') }} 18 |
19 |
20 |
21 |
22 |
23 | @endsection 24 | -------------------------------------------------------------------------------- /resources/views/layouts/app.blade.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | {{ config('app.name', 'Laravel') }} 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 |
24 | 84 | 85 |
86 | @yield('content') 87 |
88 |
89 | 90 | 91 | -------------------------------------------------------------------------------- /resources/views/roles/create.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
{{ __('Roles') }}
9 | 10 |
11 |
12 | @csrf 13 |
14 | 15 | 16 | @error('name') 17 | {{ $message }} 18 | @enderror 19 |
20 |
21 | 22 | 27 | @error('abilities') 28 | {{ $message }} 29 | @enderror 30 |
31 | 32 |
33 |
34 |
35 |
36 |
37 |
38 | @endsection -------------------------------------------------------------------------------- /resources/views/roles/edit.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
{{ __('Roles') }}
9 | 10 |
11 |
12 | @csrf 13 | @method('PUT') 14 |
15 | 16 | 17 | @error('name') 18 | {{ $message }} 19 | @enderror 20 |
21 |
22 | 23 | 28 | @error('abilities') 29 | {{ $message }} 30 | @enderror 31 |
32 | 33 |
34 |
35 |
36 |
37 |
38 |
39 | @endsection -------------------------------------------------------------------------------- /resources/views/roles/index.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
9 |
10 | {{ __('Roles') }} 11 | @can('create-role') 12 | {{ __('Create') }} 13 | @endcan 14 |
15 |
16 | 17 |
18 | @if($roles->isEmpty()) 19 | {{ __('There are no roles!') }} 20 | @else 21 | 22 | 23 | 24 | @canany(['view-role', 'update-role', 'delete-role']) 25 | 26 | @endcanany 27 | 28 | 29 | @foreach($roles as $role) 30 | 31 | 32 | @canany(['view-role', 'update-role', 'delete-role']) 33 | 47 | @endcanany 48 | 49 | @endforeach 50 | 51 |
{{ __('Name') }}{{ __('Action') }}
{{ $role->name }} 34 | @can('view-role') 35 | {{ __('View') }} 36 | @endcan 37 | @can('update-role') 38 | {{ __('Edit') }} 39 | @endcan 40 | @can('delete-role') 41 |
42 | @csrf @method('DELETE') 43 | 44 |
45 | @endcan 46 |
52 | @endif 53 |
54 |
55 |
56 |
57 |
58 | @endsection -------------------------------------------------------------------------------- /resources/views/roles/show.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
{{ __('Roles') }}
9 | 10 |
11 |
12 | 13 | 14 |
15 |
16 | 17 | 22 |
23 |
24 |
25 |
26 |
27 |
28 | @endsection -------------------------------------------------------------------------------- /resources/views/users/create.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
{{ __('Users') }}
9 | 10 |
11 |
12 | @csrf 13 |
14 | 15 | 16 | @error('name') 17 | {{ $message }} 18 | @enderror 19 |
20 |
21 | 22 | 23 | @error('email') 24 | {{ $message }} 25 | @enderror 26 |
27 |
28 | 29 | 30 | @error('password') 31 | {{ $message }} 32 | @enderror 33 |
34 |
35 | 36 | 37 |
38 |
39 | 40 | 45 | @error('roles') 46 | {{ $message }} 47 | @enderror 48 |
49 | 50 |
51 |
52 |
53 |
54 |
55 |
56 | @endsection -------------------------------------------------------------------------------- /resources/views/users/edit.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
{{ __('Users') }}
9 | 10 |
11 |
12 | @csrf 13 | @method('PUT') 14 |
15 | 16 | 17 | @error('name') 18 | {{ $message }} 19 | @enderror 20 |
21 |
22 | 23 | 24 | @error('email') 25 | {{ $message }} 26 | @enderror 27 |
28 |
29 | 30 | 31 | @error('password') 32 | {{ $message }} 33 | @enderror 34 |
35 |
36 | 37 | 38 |
39 |
40 | 41 | 46 | @error('roles') 47 | {{ $message }} 48 | @enderror 49 |
50 | 51 |
52 |
53 |
54 |
55 |
56 |
57 | @endsection -------------------------------------------------------------------------------- /resources/views/users/index.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
9 |
10 | {{ __('Users') }} 11 | @can('create-user') 12 | {{ __('Create') }} 13 | @endcan 14 |
15 |
16 | 17 |
18 | @if($users->isEmpty()) 19 | {{ __('There are no users!') }} 20 | @else 21 | 22 | 23 | 24 | 25 | @canany(['view-user', 'update-user', 'delete-user']) 26 | 27 | @endcanany 28 | 29 | 30 | @foreach($users as $user) 31 | 32 | 33 | 34 | @canany(['view-user', 'update-user', 'delete-user']) 35 | 49 | @endcanany 50 | 51 | @endforeach 52 | 53 |
{{ __('Name') }}{{ __('Email') }}{{ __('Action') }}
{{ $user->name }}{{ $user->email }} 36 | @can('view-user') 37 | {{ __('View') }} 38 | @endcan 39 | @can('update-user') 40 | {{ __('Edit') }} 41 | @endcan 42 | @can('delete-user') 43 |
44 | @csrf @method('DELETE') 45 | 46 |
47 | @endcan 48 |
54 | @endif 55 |
56 |
57 |
58 |
59 |
60 | @endsection -------------------------------------------------------------------------------- /resources/views/users/show.blade.php: -------------------------------------------------------------------------------- 1 | @extends('layouts.app') 2 | 3 | @section('content') 4 |
5 |
6 |
7 |
8 |
{{ __('Users') }}
9 | 10 |
11 |
12 | 13 | 14 |
15 |
16 | 17 | 18 |
19 |
20 | 21 | 26 |
27 |
28 |
29 |
30 |
31 |
32 | @endsection -------------------------------------------------------------------------------- /resources/views/welcome.blade.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | Laravel 8 | 9 | 10 | 11 | 12 | 13 | 65 | 66 | 67 |
68 | @if (Route::has('login')) 69 |
70 | @auth 71 | Home 72 | @else 73 | Login 74 | 75 | @if (Route::has('register')) 76 | Register 77 | @endif 78 | @endauth 79 |
80 | @endif 81 | 82 |
83 |
84 | Laravel Roles Abilities Tutorial 85 |
86 | 87 |
88 | GitHub 89 |
90 |
91 |
92 | 93 | 94 | -------------------------------------------------------------------------------- /routes/api.php: -------------------------------------------------------------------------------- 1 | get('/user', function (Request $request) { 18 | return $request->user(); 19 | }); 20 | -------------------------------------------------------------------------------- /routes/channels.php: -------------------------------------------------------------------------------- 1 | id === (int) $id; 18 | }); 19 | -------------------------------------------------------------------------------- /routes/console.php: -------------------------------------------------------------------------------- 1 | comment(Inspiring::quote()); 19 | })->describe('Display an inspiring quote'); 20 | -------------------------------------------------------------------------------- /routes/web.php: -------------------------------------------------------------------------------- 1 | name('home'); 23 | 24 | Route::resource('users', 'UserController'); 25 | 26 | Route::resource('roles', 'RoleController'); 27 | -------------------------------------------------------------------------------- /server.php: -------------------------------------------------------------------------------- 1 | 8 | */ 9 | 10 | $uri = urldecode( 11 | parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH) 12 | ); 13 | 14 | // This file allows us to emulate Apache's "mod_rewrite" functionality from the 15 | // built-in PHP web server. This provides a convenient way to test a Laravel 16 | // application without having installed a "real" web server software here. 17 | if ($uri !== '/' && file_exists(__DIR__.'/public'.$uri)) { 18 | return false; 19 | } 20 | 21 | require_once __DIR__.'/public/index.php'; 22 | -------------------------------------------------------------------------------- /storage/app/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !public/ 3 | !.gitignore 4 | -------------------------------------------------------------------------------- /storage/app/public/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/framework/.gitignore: -------------------------------------------------------------------------------- 1 | config.php 2 | routes.php 3 | schedule-* 4 | compiled.php 5 | services.json 6 | events.scanned.php 7 | routes.scanned.php 8 | down 9 | -------------------------------------------------------------------------------- /storage/framework/cache/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !data/ 3 | !.gitignore 4 | -------------------------------------------------------------------------------- /storage/framework/cache/data/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/framework/sessions/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/framework/testing/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/framework/views/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/logs/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /tests/CreatesApplication.php: -------------------------------------------------------------------------------- 1 | make(Kernel::class)->bootstrap(); 19 | 20 | return $app; 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /tests/Feature/ExampleTest.php: -------------------------------------------------------------------------------- 1 | get('/'); 18 | 19 | $response->assertStatus(200); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /tests/TestCase.php: -------------------------------------------------------------------------------- 1 | assertTrue(true); 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /webpack.mix.js: -------------------------------------------------------------------------------- 1 | const mix = require('laravel-mix'); 2 | 3 | /* 4 | |-------------------------------------------------------------------------- 5 | | Mix Asset Management 6 | |-------------------------------------------------------------------------- 7 | | 8 | | Mix provides a clean, fluent API for defining some Webpack build steps 9 | | for your Laravel application. By default, we are compiling the Sass 10 | | file for the application as well as bundling up all the JS files. 11 | | 12 | */ 13 | 14 | mix.js('resources/js/app.js', 'public/js') 15 | .sass('resources/sass/app.scss', 'public/css'); 16 | --------------------------------------------------------------------------------