I have some questions on how I can improve this "add action" (method) in "controller":
1st: I'm using the add action only if post request. It's correct ?
2nd: This action doesn't have views ($this->autoRender = false;). It's correct ?
3rd: I set a response .json file to this action but I didn't change on routes to routing .json files (the file will be return when access localhost:8765/users/add). It's correct ?
4th: I'm using Enums(handmade) to store messages that will returned to user. It's correct ?
5th: I'm using an object to store the fields of message (that will returned to user), that object will be serialized and returned like this:
$this->response->body(json_encode($response)); // It's correct ?
Controller code:
public function add()
{
$this->autoRender = false;
$this->response->type('json');
$user = $this->Users->newEntity();
if ($this->request->is('post')) {
$user = $this->Users->patchEntity($user, $this->request->data);
if ($this->Users->save($user)) {
$this->Auth->setUser($user->toArray());
$response = new ResponseMessage();
$response->code = CodeEnum::USER_ADDED;
$response->name = NameEnum::USER_ADDED;
$response->type = TypeMessageEnum::SUCCESS;
$this->response->body(json_encode($response));
} else {
$response = new ResponseMessage();
$response->code = CodeEnum::USER_NOT_ADDED;
$response->name = NameEnum::USER_NOT_ADDED;
$response->type = TypeMessageEnum::ERROR;
$this->response->body(json_encode($response));
}
}
}
[UPDATE]
I put this on my controller:
$this->set('response', $response);
$this->set('_serialize', ['response']);
but return this json:
{response: {code: 1, name: "Login efetuado com sucesso.", message: null, type: "Sucesso"}}
but must be returned only:
{code: 1, name: "Login efetuado com sucesso.", message: null, type: "Sucesso"}
1st: I'm using the add action only if post request. It's correct ?
Yes
2nd: This action doesn't have views ($this->autoRender = false;). It's correct ?
Not really. Instead of setting json string to response body in controller you should use JsonView which does the job for you.
3rd: I set a response .json file to this action but I didn't change on routes to routing .json files (the file will be return when access localhost:8765/users/add). It's correct ?
That's fine. Using URL ending in not .json is not necessary. But you should set Accept header in request to application/json.
4th: I'm using Enums(handmade) to store messages that will returned to user. It's correct ?
That's fine. You could check out this enum plugin.
5th: I'm using an object to store the fields of message (that will returned to user), that object will be serialized and returned like this:
As stated above better to use JsonView.
Related
In CakePHP 3.8 the segment of my controller looks like this:
// ...
public function beforeFilter(Event $event)
{
// ...
$this->Cookie->configKey('guestCookie', [
'expires' => '+1 days',
'httpOnly' => true,
'encryption' => false
]);
if(!$this->Cookie->check('guestCookie')) {
$guestID = Text::uuid();
$this->Cookie->write('guestCookie', $guestID);
}
$this->guestCookie = $this->Cookie->read('guestCookie');
// ...
}
public function error()
{
// ...
$this->Cookie->delete('guestCookie');
// ...
}
// ...
How to write the same thing in CakePHP4 version? My problem relates to defining Cookies.
Cookie settings are described here:
https://book.cakephp.org/4/en/controllers/request-response.html#cookie-collections
, but unfortunately this didn't help me at all.
I tried to solve the problem on this way:
public function beforeFilter(EventInterface $event)
{
//...
if(!$this->cookies->has('guestCookie')) {
$cookie = (new Cookie('guestCookie'))->withValue(Text::uuid())->withExpiry(new \DateTime('+20 days'))->withPath('/')->withSecure(false)->withHttpOnly(true);
$this->cookies = new CookieCollection([$cookie]);
}
$this->guestCookie = $this->cookies->get('guestCookie')->getValue();
//...
}
In my case $ this->cookies->has('guestCookie') is always 'false'.
The cookie value is never stored in the browser.
Please help.
There's rarely a need to touch cookie collections, most of the times simple reading of cookie values from the request object, and writing cookies to the response object is all you need, so I would suggest that you stick with that until the actual need for collections comes up.
The docs could probably do a better job here at explaining when to use what.
Reading, writing, and deleting cookies
As shown in the linked docs, cookie values can be read via:
$this->request->getCookie($cookieName)
and written via:
$this->response = $this->response->withCookie($cookieObject)
It's important to reassign the response object (unless you directly return it from the controller), as it is immutable, meaning withCookie() will return a new response object instead of modifying the current one.
Deleting cookies can be done by responding with an expired cookie, using withExpiredCookie() instead of withCookie(), or obtaining the expired version of a cookie via $cookie->withExpired() and passing it to withCookie().
Configuring cookie defaults
If you wanted to, cookie defaults can be set via Cookie::setDefaults():
\Cake\Cookie\Cookie::setDefaults([
'expires' => new DateTime('+1 days'),
'http' => true,
]);
However this will apply application wide to all cookie instances being created after this point, so you'd likely use it rather rarely, and if you do, do so with care!
Porting from the Cookie component
With the new API, your code could be written like this, with $this->guestCookie holding the cookie value, either the newly generated one, or the one obtained from the cookie received by your application:
use Cake\Http\Cookie\Cookie;
// ...
public function beforeFilter(Event $event)
{
// ...
$guestID = $this->request->getCookie('guestCookie');
if(!$guestID) {
$guestID = Text::uuid();
$cookie = Cookie::create('guestCookie', $guestID, [
'expires' => new DateTime('+1 days'),
'http' => true,
]);
$this->response = $this->response->withCookie($cookie);
}
$this->guestCookie = $guestID;
// ...
}
public function error()
{
// ...
$cookie = new Cookie('guestCookie');
$this->response = $this->response->withExpiredCookie($cookie);
// ...
}
// ...
See also
Cookbook > Request & Response Objects > Request > Cookies
Cookbook > Request & Response Objects > Response > Setting Cookies
i'm currently testing an app that simply searches a record by the given id.
It works fine but the testing refuses to return the response in the code. Strangely it is ONLY shown in the CLI.
I'm using phpunit provided by cakephp:
"phpunit/phpunit": "^5.7|^6.0"
Here is the conflicting code:
$this->post('/comunas/findByBarrio',[
'barrio_id'=>1
]);
var_dump($this->_response->body());die(); //This is just a test which always returns NULL... while the CLI shows the actual response, which is a JSON.
Also the same problem occurrs while doing GET or POST to any other action.
But here is the targeted controller's code:
public function findByBarrio()
{
$this->autoRender = false;
if ($this->request->is('POST'))
{
$data = $this->request->getData();
if (!empty($data['barrio_id']))
{
$this->loadModel('Comuna');
$barrio_id = $data['barrio_id'];
$comuna = $this->Comuna->find('list',['conditions' => ['barrio_id'=>$barrio_id]])
->hydrate(false)
->toArray();
if ($comuna)
{
echo json_encode($comuna);
}
else
{
throw new NotFoundException('0');
//echo 0; //Comuna no encontrada para el barrio recibido
}
}
else
{
echo -1;
}
}
}
Thank you in advance!
UPDATE 1: I've only managed to get the output by using "ob_start()" and "ob_get_clean()" around the "$this->post" method. I wish there were a cleaner way though...
UPDATE 2: Now it's working! Just by using the PSR-7 compliant interface. Thank you!
Here is the corrected controller:
public function findByBarrio()
{
$this->autoRender = false;
$this->response = $this->response->withType('json'); //CORRECTION
if ($this->request->is('POST'))
{
$data = $this->request->getData();
if (!empty($data['barrio_id']))
{
$this->loadModel('Comuna');
$barrio_id = $data['barrio_id'];
$comuna = $this->Comuna->find('list',['conditions' => ['barrio_id'=>$barrio_id]])
->hydrate(false)
->toArray();
if ($comuna)
{
$json = json_encode($comuna);
$this->response->getBody()->write($json); //CORRECTION
}
else
{
//Comuna no encontrada para el barrio recibido
$this->response->getBody()->write(0); //CORRECTION
}
}
else
{
//No se recibió el barrio
$this->response->getBody()->write(-1); //CORRECTION
}
}
return $this->response; //CORRECTION
}
Controller actions are not supposed to echo data, even though it might work in some, maybe even most situations. The correct way of outputting data that doesn't stem from a rendered view template, is to configure and return the response object, or to use serialized views.
The test environment relies on doing this properly, as it doesn't buffer possible output, but will use the actual value returned from the controller action.
The following is basically a copy from https://stackoverflow.com/a/42379581/1392379
Quote from the docs:
Controller actions generally use Controller::set() to create a context that View uses to render the view layer. Because of the conventions that CakePHP uses, you don’t need to create and render the view manually. Instead, once a controller action has completed, CakePHP will handle rendering and delivering the View.
If for some reason you’d like to skip the default behavior, you can return a Cake\Network\Response object from the action with the fully created response.
* As of 3.4 that would be \Cake\Http\Response
Cookbook > Controllers > Controller Actions
Configure the response
Using the PSR-7 compliant interface
$content = json_encode($comuna);
$this->response->getBody()->write($content);
$this->response = $this->response->withType('json');
// ...
return $this->response;
The PSR-7 compliant interface uses immutable methods, hence the utilization of the return value of withType(). Unlike setting headers and stuff, altering the body by writing to an existing stream doesn't change the state of the response object.
CakePHP 3.4.3 will add an immutable withStringBody method that can be used alternatively to writing to an existing stream.
$this->response = $this->response->withStringBody($content);
Using the deprecated interface
$content = json_encode($comuna);
$this->response->body($content);
$this->response->type('json');
// ...
return $this->response;
Use a serialized view
$content = json_encode($comuna);
$this->set('content', $content);
$this->set('_serialize', 'content');
This requires to also use the request handler component, and to enable extensing parsing and using correponsing URLs with .json appended, or to send a proper request with a application/json accept header.
See also
Cookbook > Controllers > Controller Actions
Cookbook > Views > JSON and XML views
PHP FIG Standards > PSR-7 HTTP message interfaces
I am building an angular application and want to implement password reset. However, default laravel config doesn't appear to allow one to do this using purely XMLHttpRequest ($http.post) requests and responds with a 302 redirect.
I managed to get postLogin and postRegister to work without issuing redirects by implementing said methods in authController class and returning a json response, doing this overrides the default laravel implementation of said methods. No such luck with postEmail and it appears the method is not hit at all, I just get a 302 response back immediately.
Ideally, other than to check their E-mail, I don't want the user to leave the single page angular application at all.
So 1. User posts E-mail to postEmail -> Email with reset link or better 'reset code' is sent to E-mail address -> User then inputs the reset token code into the already open web app or if it can't be done, browse to reset password page opened in new tab.
I tried implementing postEmail method as such:
public function postEmail(Request $request)
{
$this->validate($request, ['email' => 'required|email']);
$response = Password::sendResetLink($request->only('email'), function (Message $message) {
$message->subject($this->getEmailSubject());
});
switch ($response) {
case Password::RESET_LINK_SENT:
return response()->json(['msg' => 'A reset link has been sent to your E-mail'], 200);
case Password::INVALID_USER:
return response()->json(['msg' => 'This E-mail cannot be found in our system'], 200);
}
}
Also, where is template for the E-mail with the reset link that laravel sends out ?
You can create a PasswordController within the App\Http\Controllers\Auth namespace to extend the password reset methods.
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Contracts\Auth\PasswordBroker;
use Illuminate\Foundation\Auth\ResetsPasswords;
class PasswordController extends Controller
{
use ResetsPasswords;
public function postEmail(Request $request)
{
}
}
To overwrite the email templates you can create a reminder.blade.php in the app/views/emails/auth directory, or change the location of the template file in the app/config/auth.php config.
while the accepted answer is completely valid, another solution without overriding the original notification class is as follows, ResetPassword provides a static method called createUrlUsing which accepts a Closure, So we can override the URL as something like the below:
use Illuminate\Support\Facades\Password;
use Illuminate\Auth\Notifications\ResetPassword;
...
$status = Password::sendResetLink(
['email' => $args['email']],
function ($user, $token) {
ResetPassword::createUrlUsing(function ($notifiable, $token) {
// This is where you override the URL, you can also take a look at
// the `url`, `action` and `route` functions in Laravel and skip
// `sprintf` if you prefer to stick to Laravel functions only.
return sprintf(
"%s/%s/?token=%s&email=%s",
config('your.optional.frontend_url'),
config('your.optional.password_reset'),
$token,
$notifiable->getEmailForPasswordReset(),
); // frontend_url/password_url/?token=TOKEN&email=EMAIL
});
return $user->notify(new ResetPassword($token));
}
);
// This is an optional way to handle the final response, you can convert it to
// JSON or ignore it.
return $status === Password::RESET_LINK_SENT
? ['status' => __($status)]
: throw new Error(__($status));
This piece of code should be placed at a new route to handle password reset requests instead of using the default Laravel one.
i'm developing my website with angularjs and laravel5. i wrote code for login and registration page in both angularjs and laravel5 where validate my value and insert everything works good but redirect url in laravel 5 not occur .
i wrote code like return redirect('Home/profile') in login controller. it returns total page to angularjs controller not redirecting page.
routes.php in laravel:
Route::group(array('prefix'=>'api'),function(){
Route::resource('register','Registration\RegisterController#basicForm');
Route::resource('login','Registration\RegisterController#makeLogin');
});
my controller :
public function makeLogin()
{
$email=Input::get('email');
$pwd=Input::get('pwd');
$verify=Authenticated::attempt($email,$pwd);
if($verify)
{
return redirect('Home/profile');
}
else if($verify=='user')
{
return redirect('/')->with('Email address mismatch');
}
else if($verify=='pwd')
{
return redirect('/')->with('Password Authentication Failed');
}
}
i send post request from angular js controller via factory method:
this.scope.authUserInfo.authenticateUser(this.scope.signin).then(function(data){
console.log(data.data);
});
In this console.log,display 'Home/profile' page
I can see many mistakes in the Laravel code.
What is Authenticated in your code? The authentication service in Laravel is called Auth. The way you use the attempt() method is not correct; this is the method signature:
attempt(array $credentials = array(), bool $remember = false, bool $login = true)
so you should pass the email and the password in the first parameter as an array, something like:
$verify = Auth::attempt(['email' => $email, 'password' =>
Moreover, the attempt() method returns a boolean: true on success and false on failure. Your code
if ($verify) {
// ...
} else if ($verify == 'user') {
// ...
} else if ($verify == 'pwd') {
// ...
}
has no sense and you never run the else parts because on failure false is always different from either 'user' or 'pwd'. So, when the authentication fails you reach the end of the makeLogin() method and Laravel returns a blank page.
You should use something like:
if ($verify) {
// authenticated: go to the profile page
} else {
// username OR password are wrong
}
(In my opinion you shouldn't give hints on what of the two is wrong for security reasons: a potential attacker would know if he/she guessed a right email and concentrate the attempts on guessing the password.)
If you really want to give a hint to the user on what was wrong with her data, you should use a different technique, like searching the users table for a record with the right email to know whether the user exists (the provided password was wrong) or not (the provided email was wrong).
On the client side, I don't think Angular will redirect on your own. See answer to Handle an express redirect from Angular POST, even if in that question the server uses ExpressJs and not Laravel, but the basics are the same.
You should understand that in most cases an Angular client expect to receive only data and not a full HTML page. Here is my little attempt to do what you want:
On the Laravel side:
public function makeLogin(Request $request)
{
$email = $request->get('email');
$pwd = $request->get('pwd');
if (Auth::attempt(['email' => $email, 'password' => $pwd])) {
// authenticated!
// if you return an array from a controller public method, Laravel
// will convert it to JSON; I also use the url() Laravel helper to
// generate a fully qualified url to the path
return [
'status' => 'redirect',
'to' => url('home/profile')
];
}
// failed
return [
'status' => 'failed',
'message' => 'Email or password are wrong'
];
}
Now the method will return a JSON answer. On the Angular side, you can do something like (I'm not an Angular guru, there could be mistakes here):
this.scope.authUserInfo.authenticateUser(this.scope.signin).then(function(data) {
if (data.response == 'redirect') {
$location.url(data.to);
} else {
// failed: you can show the error message
console.log(data.message);
}
});
UPDATE
I noticed there is something wrong in the routes too. Your controller does not seems a resourceful controller, so don't use the Route::resource() method. Use the get() and post() methods instead:
Route::group(array('prefix'=>'api'),function(){
Route::get('register', 'Registration\RegisterController#basicForm');
Route::post('login', 'Registration\RegisterController#makeLogin');
});
so that you can give the method that should be called in your controller.
I am working with CakePHP. What I need in my application is autosuggestion. I used following code to achieve my goal:
jQuery("#name").autocomplete( '<?php echo HTTP_PATH.'songs/sss'; ?>', {
multiple: true,
mustMatch: true,
matchContains: true,
autoFill: false,
});
Sending my request to the SongsController' sss function... My controller function is:
public function sss(){
$this->layout = '';
$condition = '';
$condition = array('Poet.status'=>'3');
$poet_name = $this->Poet->find('list', array('conditions' => $condition));
return $poet_name;
}
First issue is that I am returning my result in array. How would I separate my result again in a suggestion list.
Second thing is that when I tried to check the response using the Firebug panel, I noticed that CakePHP is expecting a view at this point. I don't want any sort of view as I am not updating anything...
You'll want to check out serializing you data as JSON: http://book.cakephp.org/2.0/en/views/json-and-xml-views.html#using-data-views-with-the-serialize-key. By setting a _serialize variable in the view you are telling Cake what data is important when it gets a request for a data view.
You will also need to add Router::parseExtensions('json'); and a .json to the end of your URI in the jQuery call so that Cake knows to respond with a JSON data view and use the data in the _serialize key you set like I mentioned above. There more info on file extensions here: http://book.cakephp.org/2.0/en/development/routing.html#file-extensions
Here's how I would write the method:
public function sss(){
$this->layout = '';
$condition = array('Poet.status'=>'3');
$poets = $this->Poet->find('list', array('conditions' => $condition));
$this->set(compact('poets'));
$this->set('_serialize', $poets);
}