Skip to main content
HashnodeProgramming , Big Data, DevOps, etc

Command Palette

Search for a command to run...

Lumen by Example - Lesson 4

Published
4 min read
U
user1272047
Part of seriesLumen by example

Lumen by Example - Lesson 4

Lumen Backend Tutorial - 5 More Advanced Examples

Example 1: API Token Authentication (Personal Access Tokens)

Implements token-based authentication using a custom token system.

File: routes/web.php

$router->post('/login', 'AuthController@login');
$router->get('/profile', ['middleware' => 'auth.token', 'uses' => 'AuthController@profile']);

File: app/Http/Middleware/AuthTokenMiddleware.php

<?php

namespace App\Http\Middleware;

use Closure;
use App\Models\User;

class AuthTokenMiddleware {
    public function handle($request, Closure $next) {
        $token = $request->header('Authorization');
        $user = User::where('api_token', $token)->first();
        if (!$user) {
            return response()->json(['error' => 'Unauthorized'], 401);
        }
        $request->user = $user;
        return $next($request);
    }
}

File: app/Http/Controllers/AuthController.php

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use App\Models\User;
use Illuminate\Support\Str;

class AuthController extends Controller {
    public function login(Request $request) {
        $user = User::where('email', $request->email)->first();
        if (!$user || !password_verify($request->password, $user->password)) {
            return response()->json(['error' => 'Invalid credentials'], 401);
        }
        $user->api_token = Str::random(60);
        $user->save();
        return response()->json(['token' => $user->api_token]);
    }

    public function profile(Request $request) {
        return response()->json($request->user);
    }
}

Explanation:

  1. Implements token-based authentication, where users receive a token after logging in.

  2. The middleware checks for a valid API token in the request headers.

  3. The /profile endpoint is protected, allowing access only with a valid token.

  4. Tokens expire when manually reset, improving security.

  5. Suitable for mobile apps and secure API-based authentication.

Example 2: Event-Based Logging System

Records API requests into a database using Lumen events.

File: routes/web.php

$router->post('/submit', 'RequestLoggerController@store');

File: app/Http/Controllers/RequestLoggerController.php

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use App\Events\ApiRequestLogged;

class RequestLoggerController extends Controller {
    public function store(Request $request) {
        event(new ApiRequestLogged($request->all()));
        return response()->json(['message' => 'Request logged']);
    }
}

File: app/Events/ApiRequestLogged.php

<?php

namespace App\Events;

use Illuminate\Queue\SerializesModels;

class ApiRequestLogged {
    use SerializesModels;
    public $requestData;

    public function __construct($requestData) {
        $this->requestData = $requestData;
    }
}

Explanation:

  1. Implements an event-based logging system, triggering an event for every API request.

  2. The ApiRequestLogged event receives the request data for processing.

  3. Events are useful for background processing without blocking API requests.

  4. Helps in monitoring API activity and debugging issues efficiently.

  5. Useful for audit logging, security analysis, and debugging API interactions.

Example 3: Image Upload API with Validation

Handles secure image uploads with validation rules.

File: routes/web.php

$router->post('/upload-image', 'ImageUploadController@store');

File: app/Http/Controllers/ImageUploadController.php

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Storage;

class ImageUploadController extends Controller {
    public function store(Request $request) {
        $request->validate([
            'image' => 'required|image|mimes:jpeg,png|max:2048'
        ]);

        $path = $request->file('image')->store('images', 'public');

        return response()->json(['path' => $path]);
    }
}

Explanation:

  1. Validates uploaded images, ensuring file type and size constraints before storing them.

  2. Stores images securely in the storage/app/public/images folder.

  3. Protects against malicious file uploads by enforcing file validation rules.

  4. Returns the file path in JSON response for frontend usage.

  5. Suitable for profile pictures, product images, or gallery management.

Example 4: User Activity Tracking (Middleware)

Logs every request made by authenticated users.

File: routes/web.php

$router->group(['middleware' => 'auth.token'], function () use ($router) {
    $router->get('/dashboard', 'DashboardController@index');
});

File: app/Http/Middleware/UserActivityMiddleware.php

<?php

namespace App\Http\Middleware;

use Closure;
use App\Models\UserActivity;
use Illuminate\Http\Request;

class UserActivityMiddleware {
    public function handle(Request $request, Closure $next) {
        UserActivity::create([
            'user_id' => $request->user->id,
            'path' => $request->path(),
            'method' => $request->method()
        ]);

        return $next($request);
    }
}

File: app/Models/UserActivity.php

<?php

namespace App\Models;

use Illuminate\Database\Eloquent\Model;

class UserActivity extends Model {
    protected $fillable = ['user_id', 'path', 'method'];
}

Explanation:

  1. Tracks user activity by logging accessed endpoints.

  2. The middleware automatically saves user ID, route path, and method in the database.

  3. Helps in auditing API usage and detecting suspicious behavior.

  4. The activity log can be filtered by user for analytics.

  5. Useful for tracking admin actions or monitoring app engagement.

Example 5: Multi-Language Support (Localization API)

Allows retrieving messages in different languages dynamically.

File: routes/web.php

$router->get('/message/{lang}', 'LocalizationController@getMessage');

File: app/Http/Controllers/LocalizationController.php

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\App;

class LocalizationController extends Controller {
    public function getMessage($lang) {
        App::setLocale($lang);
        return response()->json(['message' => __('messages.welcome')]);
    }
}

File: resources/lang/en/messages.php

<?php

return [
    'welcome' => 'Welcome to our application!'
];

File: resources/lang/es/messages.php

<?php

return [
    'welcome' => '¡Bienvenido a nuestra aplicación!'
];

Explanation:

  1. Implements multi-language support, allowing API responses in different languages.

  2. Uses Laravel's localization system to dynamically switch messages based on user preference.

  3. The lang parameter determines which language file to load.

  4. Expands easily by adding new language files.

  5. Essential for global applications with diverse user bases.

Summary:

These examples introduce token authentication, event logging, image uploads, user tracking, and localization, showcasing advanced Lumen backend techniques for scalable and secure applications.

#lumen#php

Comments

Join the discussion

No comments yet. Be the first to comment.

Lumen by example

Part 4 of 5
Up next

Lumen by Example - Lesson 5

Lumen by Example - Lesson 5 Lumen Backend Tutorial - 5 More Advanced Examples Each example consists of around 200 lines of code, and explanations are broken into 5 points (each around 30 words). Example 1: Webhook Listener API Receives and processes...

More from this blog

Programming , Big Data, DevOps, etc

271 posts

Programming , Big Data, DevOps, etc