using POST instead of PUT in laravel - laravel

I'm using Laravel to build and api based admin control application and I'm using
Route:resource instead of regular GET and POST methods.
Just realized my hosting provider DOESN'T ALLOW PUT and DELETE now I need to so now I have to use POST and GET methods.
this is what i have
Route::resource('contacts', 'Admin\\ContactInfoController',['only' => ['create', 'store', 'update']]);
Route::get('claims/statuses', 'Admin\\ClaimsController#statusCodes');
Route::get('claims/costcenters', 'Admin\\ClaimsDetailsController#getCostCentres');
Route::get('claims/{id}/details', 'Admin\\ClaimsController#details');
Route::get('claims/{id}/messages', 'Admin\\ClaimsController#messages');
Route::resource('claims', 'Admin\\ClaimsController',['only' => ['index','store','update','destroy','edit']]);
Route::resource('claims/details', 'Admin\\ClaimsDetailsController',['only' => ['store','update','destroy']]);
What approach might be best in converting my routes from PUT and DELETE to POST and GET?

I don't think it's possible that your hosting provider doesn't allow to put or delete request. If you created API it could be the case but in other cases (you created normal page) you send forms using POST method with hidden field _method set to HTTP verb, so if only your provider supports POST method it will work without a problem. You can read Form method spoofing section about this.

Contact your hosting provided to allow put or delete request, it's part of web development and this is quite limiting.

Related

How to change route URL in Laravel 9 resource controller

I wondered if there is a way to change the default URLs of Laravel's resource controller. For example, for basic CRUD operation, for creating, we have a /create route made by default by Laravel. Can it be changed to /ask or /new or something like that?
You can "localize" the resource URIs that are created without much work (Added to the boot method of a Service Provider):
Route::resourceVerbs([
'create' => 'new',
]);
This would have all calls to Route::resource(...) create the URI with 'new' instead of 'create' for the create action.
If you need to get more complicated than something like that you could extend Illuminate\Routing\ResourceRegistrar to override it in any way you would like. You could call an instance of your version or bind it to the container for Illuminate\Routing\ResourceRegistrar which would use it for all resource calls.
Laravel 9.x - Docs - Controllers - Resource Controllers - Localizing Resource URIs

Modify the URL generated with Route::apiResource without changing the name

I'm building a website where users can post ads : a VueJS app that requests routes on an Laravel API.
I have an AdController, with an Ad model, and my routing is done via stuff like :
Route::apiResource('ads', AdController::class)->only(['update', 'destroy']);
Route::apiResource('ads.photos', AdPhotoController::class)->only(['index']);
which generates routes like PUT "/ads/{ad}" or GET "/ads/{id}/photos"....
This works very well, and my VueJS app uses Ziggy to call the API by their route name
axios.get(route('ads.photos.index', id))
And... It still works flawlessly ! No problem at all, and I have a LOT of routes with a LOT of API calls.
Now my problem : we realised that URLs containing "ads" are blocked by adblockers. That completely shuts down all access to our website, and asking users to turn off the adblocker is NOT a solution.
I could change my routes to do something like
Route::apiResource('posts.photos', AdPhotoController::class)->only(['index']);
but I have a LOT of routes and I really don't want to rename everything, everywhere.
Is there an option to change apiResources generated URL, so 'ads.photos.index' would generate "/posts/{id}/photos" instead of "/ads/{id}/photos" ?

Changing The Laravel Passport/OAuth-Server Responses

I'm building an API in Laravel 5.4, using Laravel Passport 3 for authentication. All of my API methods return a set of values that are always returned, success, errors (if there are any errors) etc.
I've changed the response of a \Illuminate\Auth\AuthenticationException throws, to fit with the rest of my app, however I'm not sure how to change the response of various token grant responses, without doing something horrible like editing the vendor files.
I think you can use middleware to change your response.
From laravel documentation:
Before & After Middleware
Whether a middleware runs before or after a
request depends on the middleware itself.
You can capture the response and re-format the response.
You can use laravel's setContent method to set the content in response. Check here.
What you are trying to do here is not supported by the library, so whatever you do will be hacky and will probably break the compatibility with future versions of laravel/passport.
In my opinion, you can only choose between those 2 options:
Instead of declaring passport routes (Passport::routes()) you can declare equivalent routes to your custom methods. Those method internally calls Passport classes and methods, handling passport returning values before returning them to the user. It requires a lot of digging into passport code but, at the same time, if you only add some fields (success or error) you should be able to update your code without too much effort when updating the library.
Fork laravel/passport and modify it to suit you needs. This solution in not as messy as the first, but a merge with new versions of passport in the future will probably be hard.
Of course, both are not great solutions. Keeping the standard passport responses or use a more suitable library are better options: I assume they are not feasible if you are asking.
Another way - create proxy routes for your purposes.
Route::post('custom-auth/token', function (Request $request) {
$proxy = Request::create('oauth/token', 'POST', $request->request->input());
$response = app()->handle($proxy);
return responseCallback($response);
});
Where responseCallback your custom response modificator function.

Rails API with frontend - routing email links to backend or frontend application

I have a Rails API backend and a ReactJS frontend. My backend sends custom emails that often have confirmation-like links (like email confirmation)
Should the confirmation links point to my backend directly, or should they rather load the frontend first and then make an API call to the backend?
The two alternatives I'm thinking of are:
1 - The email confirmation link hits directly
backend.example.com/email_confirmations/:confirmation_token, which then redirects to a specific success (error) page frontend.example.com/email_confirmation/success(/failure) on my frontend.
On the backend I would only need a Metal controller with minimum modules to perform redirection to the frontend app, the controller is always responding with redirects). If further actions need to be taken from the frontend, they'll hit a different API Endpoint
2 - The email confirmation links opens up my frontend at
frontend.example.com/email_confirmations/:confirmation_token that triggers an API request to backend.example.com/email_confirmations/:confirmation_token.
Then my (Json:api) backend makes a jsonapi-compliant response with a Rails APIController.
What are you doing in practice?
I decided to opt in for the first scenario but maybe systematically calling/loading the frontend first makes more sense?
How do you wire backend/frontend in those scenarios?
I have currently implemented a very simple (Metal) Controller that would just process the incoming parameters perform redirections only to the frontend. I was hoping to define "url helpers" that would point to my frontend like so:
namespace :email_redirection do
# Controller that gets hit by email confirmation links in scenario #1
resources :confirmations
end
namespace :frontend do
frontend_root = Rails.configuration.frontend_host_with_http_and_port
scope frontend_root do
# Generation of URL Helpers for the frontend app
resources :confirmations, only: [] do
get 'successful'
get 'unsuccessful'
end
end
end
And my confirmation controller would be like
class EmailRedirection::ConfirmationsController
def index
svc = MyConfirmationService.new(token: params[:confirmation_token])
if svc.confirm
redirect_to(
frontend_successful_confirmation_url,
email: svc.confirmable.email
)
else
redirect_to(frontend_unsuccessful_confirmation_url)
end
end
end
I'm getting several error and I believe maybe the url helpers are not useable with different host/port... (or I have to pass them explicitely to each call)
How can I handle that ? And if 1. is a good choice, what would be the redirection codes you'd send on success/failure (since they can only be 3xx) ?
Both solutions involve quite some wiring between the backend/frontend and I'm not sure how to best wire things up.
Note : my models use devise but because devise isn't so great with APIs/etc. I'm using my own ConfirmationService that also handles some side-effects. I don't consider Devise to be relevant here
Creating a rails route to an external URL

Retrieving JSON from an external API with backbone

I'm new to backbone.js and I've read other solutions to similar problems but still can't get my example to work. I have a basic rails api that is returning some JSON from the url below and I am trying to access in through a backbone.js front end. Since they are one different servers I think I need to use a 'jsonp' request. I'm currently doing this by overriding the sync function in my backbone collection.
Api url:
http://guarded-wave-4073.herokuapp.com/api/v1/plans.json
sync: function(method, model, options) {
options.timeout = 10000;
options.dataType = 'jsonp';
options.url = 'http://guarded-wave-4073.herokuapp.com/api/v1/plans.json'
return Backbone.sync(method, model, options);
}
To test this I create a new 'plans' collection in my chrome console using "plans = new Plans()" and then "plans.fetch()" to try and get the JSON.
When I call plans.models afterwards I still have an empty array and the object that returns from plans.fetch() doesn't seem to have any json data included.
Any ideas where I'm going wrong?
I have had the same problem before. You should not have to override your sync method.
Taken from Stackoverflow Answer
"The JSONP technique uses a completely different mechanism for issuing HTTP requests to a server and acting on the response. It requires cooperating code in the client page and on the server. The server must have a URL that responds to HTTP "GET" requests with a block of JSON wrapped in a function call. Thus, you can't just do JSONP transactions to any old server; it must be a server that explicitly provides the functionality."
Are you sure your server abides to the above? Test with another compatible jsonp service (Twitter) to see if you receive results?
Have you tried overriding the fetch method as well?
You should add ?callback=? to your api url in order to enable jsonp

Resources