msb-public
/
hydra
mirror of https://github.com/hasinhayder/hydra
1
0
Code Issues Projects Releases Wiki Activity

Merge pull request #20 from mohasin-dev/master

Browse Source 
Fix some Formatting convention  and Capitalization in README file
pull/23/head
Hasin Hayder 2 years ago committed by GitHub
parent be7d9b8a46 e6d473e84a
commit 6f270ecb08
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 26 additions and 26 deletions
Show Stats Download Patch File Download Diff File

52
README.md
Unescape View File

@ -58,7 +58,7 @@ Then follow the process using either Docker or without Docker (simple).
### Without Docker (Simple) ### Without Docker (Simple)
1. install the dependencies 1. Install the dependencies
```shell ```shell
composer install composer install
@ -86,7 +86,7 @@ That's mostly it! You have a fully running laravel installation with Sanctum, al
### Using Docker & Laravel Sail ### Using Docker & Laravel Sail
1. install the dependencies 1. Install the dependencies
```shell ```shell
docker run --rm \ docker run --rm \
@ -133,7 +133,7 @@ touch database/hydra.sqlite
Or simply create a new file as **hydra.sqlite** inside your **database** folder. Or simply create a new file as **hydra.sqlite** inside your **database** folder.
2. you can run both migrations and seeders together by simply running the following command 2. You can run both migrations and seeders together by simply running the following command
```shell ```shell
php artisan migrate:fresh --seed php artisan migrate:fresh --seed
@ -338,10 +338,10 @@ For any unsuccessful attempt or wrong token, you will receive a 401 error respon
### Update a User (User/Admin Ability Required) ### Update a User (User/Admin Ability Required)
Make an `HTTP PUT` request to the following route to update an existing user. Replace {userid} with actual user id. You must include a Bearer token obtained from User/Admin authentication. A bearer admin token can update any user. A bearer user token can only update the authenticated user by this token. Make an `HTTP PUT` request to the following route to update an existing user. Replace {userId} with actual user id. You must include a Bearer token obtained from User/Admin authentication. A bearer admin token can update any user. A bearer user token can only update the authenticated user by this token.
```shell ```shell
http://localhost:8000/api/users/{userid} http://localhost:8000/api/users/{userId}
``` ```
For example, to update the user with id 3, use this endpoint `http://localhost:8000/api/users/3` For example, to update the user with id 3, use this endpoint `http://localhost:8000/api/users/3`
@ -396,10 +396,10 @@ For any unsuccessful attempt with an invalid `user id`, you will receive a 404 n
### Delete a User (Admin Ability Required) ### Delete a User (Admin Ability Required)
To delete an existing user, make a `HTTP DELETE` request to the following route. Replace {userid} with actual user id To delete an existing user, make a `HTTP DELETE` request to the following route. Replace {userId} with actual user id
```shell ```shell
http://localhost:8000/api/users/{userid} http://localhost:8000/api/users/{userId}
``` ```
For example to delete the user with id 2, use this endpoint `http://localhost:8000/api/users/2` For example to delete the user with id 2, use this endpoint `http://localhost:8000/api/users/2`
@ -543,7 +543,7 @@ For any unsuccessful attempt or wrong token, you will receive a 401 error respon
To update a role, make an `HTTP PUT` or `HTTP PATCH` request to the following route, with Admin Token obtained from Admin Login. Add this token as a standard `Bearer Token` to your API call. To update a role, make an `HTTP PUT` or `HTTP PATCH` request to the following route, with Admin Token obtained from Admin Login. Add this token as a standard `Bearer Token` to your API call.
```shell ```shell
http://localhost:8000/api/roles/{roleid} http://localhost:8000/api/roles/{roleId}
``` ```
For example to update the Customer role, use this endpoint `http://localhost:8000/api/roles/3` For example to update the Customer role, use this endpoint `http://localhost:8000/api/roles/3`
@ -584,7 +584,7 @@ For any unsuccessful attempt or wrong token, you will receive a 401 error respon
To delete a role, make an `HTTP DELETE` request to the following route, with Admin Token obtained from Admin Login. Add this token as a standard `Bearer Token` to your API call. To delete a role, make an `HTTP DELETE` request to the following route, with Admin Token obtained from Admin Login. Add this token as a standard `Bearer Token` to your API call.
```shell ```shell
http://localhost:8000/api/roles/{roleid} http://localhost:8000/api/roles/{roleId}
``` ```
For example, to delete the Customer role, use this endpoint `http://localhost:8000/api/roles/3` For example, to delete the Customer role, use this endpoint `http://localhost:8000/api/roles/3`
@ -623,10 +623,10 @@ For any unsuccessful attempt or wrong token, you will receive a 401 error respon
### List Available Roles of a User (Admin Ability Required) ### List Available Roles of a User (Admin Ability Required)
To list all available roles for a user, make an `HTTP GET` request to the following route, with Admin Token obtained from Admin Login. Add this token as a standard `Bearer Token` to your API call. Replace {userid} with an actual user id To list all available roles for a user, make an `HTTP GET` request to the following route, with Admin Token obtained from Admin Login. Add this token as a standard `Bearer Token` to your API call. Replace {userId} with an actual user id
```shell ```shell
http://localhost:8000/api/users/{userid}/roles http://localhost:8000/api/users/{userId}/roles
``` ```
For example to get all roles assigned to the user with id 2, use this endpoint `http://localhost:8000/api/users/2/roles` For example to get all roles assigned to the user with id 2, use this endpoint `http://localhost:8000/api/users/2/roles`
@ -667,10 +667,10 @@ For any unsuccessful attempt or wrong token, you will receive a 401 error respon
### Assign a Role to a User (Admin Ability Required) ### Assign a Role to a User (Admin Ability Required)
To assign a role to a user, make an `HTTP POST` request to the following route, with Admin Token obtained from Admin Login. Add this token as a standard `Bearer Token` to your API call. Replace {userid} with an actual user id To assign a role to a user, make an `HTTP POST` request to the following route, with Admin Token obtained from Admin Login. Add this token as a standard `Bearer Token` to your API call. Replace {userId} with an actual user id
```shell ```shell
http://localhost:8000/api/users/{userid}/roles http://localhost:8000/api/users/{userId}/roles
``` ```
For example to assign a role to the user with id 2, use this endpoint `http://localhost:8000/api/users/2/roles` For example to assign a role to the user with id 2, use this endpoint `http://localhost:8000/api/users/2/roles`
@ -721,10 +721,10 @@ For any unsuccessful attempt or wrong token, you will receive a 401 error respon
### Delete a Role from a User (Admin Ability Required) ### Delete a Role from a User (Admin Ability Required)
To delete a role from a user, make an `HTTP DELETE` request to the following route, with Admin Token obtained from Admin Login. Add this token as a standard `Bearer Token` to your API call. Replace `{userid}` with an actual user id, and `{role}` with an actual role id To delete a role from a user, make an `HTTP DELETE` request to the following route, with Admin Token obtained from Admin Login. Add this token as a standard `Bearer Token` to your API call. Replace `{userId}` with an actual user id, and `{role}` with an actual role id
```shell ```shell
http://localhost:8000/api/users/{userid}/roles/{role} http://localhost:8000/api/users/{userId}/roles/{role}
``` ```
For example, to delete a role with id 3 from the user with id 2, use this endpoint `http://localhost:8000/api/users/2/roles/3` For example, to delete a role with id 3 from the user with id 2, use this endpoint `http://localhost:8000/api/users/2/roles/3`
@ -812,13 +812,13 @@ curl --request GET \
Hydra comes with an excellent logger to log request headers, parameters and response to help debugging and inspecting API calls. All you have to do is wrap the route with 'hydra.log' middleware, as shown below Hydra comes with an excellent logger to log request headers, parameters and response to help debugging and inspecting API calls. All you have to do is wrap the route with 'hydra.log' middleware, as shown below
```php ```php
Route::post('login',[UserController::class,'login'])->middleware('hydra.log'); Route::post('login', [UserController::class, 'login'])->middleware('hydra.log');
``` ```
or, like this or, like this
```php ```php
Route::put('users/{user}',[UserController::class,'update'])->middleware(['hydra.log', 'auth:sanctum', 'ability:admin,super-admin,user']); Route::put('users/{user}', [UserController::class, 'update'])->middleware(['hydra.log', 'auth:sanctum', 'ability:admin,super-admin,user']);
``` ```
@ -869,8 +869,8 @@ class MessageController extends Controller
$user = $request->user(); $user = $request->user();
$response = [ $response = [
"name"=>$user->name, "name" => $user->name,
"role"=>$user->roles()->first()->name //or $user->roles()->first()->slug "role" => $user->roles()->first()->name //or $user->roles()->first()->slug
]; ];
return $response; return $response;
@ -887,7 +887,7 @@ Let's create a protected route `http://localhost:8000/api/greet` to use this API
Open your `routes/api.php` file and add the following line at the end. Open your `routes/api.php` file and add the following line at the end.
```php ```php
Route::get('greet', [MessageController::class,'greet'])->middleware(['auth:sanctum']); Route::get('greet', [MessageController::class, 'greet'])->middleware(['auth:sanctum']);
``` ```
Nice! Now we have a route `/api/greet` that is only accessible with a valid bearer token. Nice! Now we have a route `/api/greet` that is only accessible with a valid bearer token.
@ -916,8 +916,8 @@ curl --request POST \
--header 'Accept: aplication/json' \ --header 'Accept: aplication/json' \
--header 'Content-Type: application/json' \ --header 'Content-Type: application/json' \
--data '{ --data '{
"email":"user@hydra.project", "email": "user@hydra.project",
"password":"Surprisingly A Good Password" "password": "Surprisingly A Good Password"
}' }'
``` ```
@ -954,26 +954,26 @@ Great! you have learned how to create your protected API endpoint using Laravel
Let's make our newly created API endpoint even more robust. Say, we want our route to be accessible by only admin users. Remember you added the following line in the `routes/api.php` file just a few minutes ago? Let's change it. Let's make our newly created API endpoint even more robust. Say, we want our route to be accessible by only admin users. Remember you added the following line in the `routes/api.php` file just a few minutes ago? Let's change it.
```php ```php
Route::get('greet', [MessageController::class,'greet'])->middleware(['auth:sanctum']); Route::get('greet', [MessageController::class, 'greet'])->middleware(['auth:sanctum']);
``` ```
Change it like this Change it like this
```php ```php
Route::get('greet', [MessageController::class,'greet'])->middleware(['auth:sanctum', 'ability:admin']); Route::get('greet', [MessageController::class, 'greet'])->middleware(['auth:sanctum', 'ability:admin']);
``` ```
Only an `HTTP GET` call with a valid admin user's access token can access this route. Only an `HTTP GET` call with a valid admin user's access token can access this route.
If you want this route to be accessible by the users with `admin`, **OR** the `user` role, then modify it. If you want this route to be accessible by the users with `admin`, **OR** the `user` role, then modify it.
```php ```php
Route::get('greet', [MessageController::class,'greet'])->middleware(['auth:sanctum', 'ability:admin,user']); Route::get('greet', [MessageController::class, 'greet'])->middleware(['auth:sanctum', 'ability:admin,user']);
``` ```
If you want this route to be accessible by the users with both `user`, **AND** the `customer` role, then modify it. If you want this route to be accessible by the users with both `user`, **AND** the `customer` role, then modify it.
```php ```php
Route::get('greet', [MessageController::class,'greet'])->middleware(['auth:sanctum', 'abilities:customer,user']); Route::get('greet', [MessageController::class, 'greet'])->middleware(['auth:sanctum', 'abilities:customer,user']);
``` ```
Note that this time we have used the `abilities` keyword instead of `ability` Note that this time we have used the `abilities` keyword instead of `ability`

Write Preview
Loading…
Cancel
Save