Demo of Admin Panel temporarily down
- username = [email protected] | password = password
Demo of User Frontend temporarily down
The purpose of this application is to provide a starting point for development where the code provided can be copy/pasted and used as an example for future expansion (ie Implementation of a Post object). This demo uses Laravel 4 at its core and Sentry 2 for user authentication and roles. The code is seperated into three different "modules", consisting of a User frontend, and an Admin backend. Both of which make internal API calls. The API is built on Dingo/Api. The admin panel has been built with AdminLTE. The HTML and views for Metronic can be provided upon request however the assets will not be as those need to be acquired through ThemeForrest.
- HMVC-esque: This application is split into different modules
- API
- all urls are prefixed with
/api
for examplewww.forret.dev/api/users
- The API layer is the only module that communicates with the database.
- Also where validation occurs.
- All responses (success or errors) are generated by Dingo/Api
- Transformers for consistent data output.
- all urls are prefixed with
- Admin
- Makes internal API calls to do everything from log a user in, to gathering the requested data to display
- Users must have the necessary roles to access any admin url
- Frontend
- Can be accessed by non authenticated users as well as users with only the
Users
role.
- Can be accessed by non authenticated users as well as users with only the
- Folder/File Structure None of the following should be taken as "Best Practice". This is simply how I feel I get the most clean and organized code
- Controllers - Code dealing with getting data from the user or db, and return data to the user. Filters are also executed in the
__construct
of each controller. Note that the filters for each "module" are contained in theapp\filters\
folder. * Models - Code dealing with how models relate to each other as well as various db settings * Routes - No filters here. Only for translating uri->Controller@method. Not that the routes for each "module" are contained in theapp\routes\
folder. * Views - The views only reference urls. They have no knowledge of routes or route names. They have been heavily broken up to allow for easy editing. * Repositories - The code that is processing data, or getting data from models, for exampleUser::find(1)
is placed in the repositories. * Exceptions - All custom exceptions are placed in theapp\Starter\Exceptions
folder
- Validation
- Validation is done through the Respect/Validation library.
- The UserValidator class contains the rules to be executed for various situations that would need validation (Login, Creation, Updating). This class extends the Validator class which contains the code to execute validation.
- Logging
- Every page load and api call is logged to the
actions
table via theAction
model. Ifconfig\queue.php
is set assync
the user will have to wait for these rows to be written. If configured for Iron-io however this logging will be done asynchronously.
- Every page load and api call is logged to the
- OAuth2 Authentication
- Integration of OAuth2 Server to allow the API to be protected by access-tokens.
- Grant Types
- Password
- Integrates with Sentry.
- Internal calls to the API are made on behalf of the current Authenticated User.
- Modules - WIP
- Plugins - WIP
This is a Laravel application that is best installed via Forge. Forge makes dealing with environment variables incredibly easy, see here. The below environment variables need to be set
- DB_DATABASE
- DB_HOSTNAME
- DB_USERNAME
- DB_PASSWORD
- API_BUGSNAG (set as blank string if not using bug snag)
- CONF_DEBUG ('true' or 'false' to set debug mode)
- Run the migrations for the oauth2-server-laravel package
php artisan migrate --package="lucadegasperi/oauth2-server-laravel"
- Create atleast 1 client in the oauth_clients table. (Admin -> OAuth2 Clients)
- This is the client_id, client_secret you will use to get the access token from the oauth server.
- Create a 'basic' scope to use as the default in the
oauth_scopes
table.
- Laravel4
- Sentry2
- Dingo/Api
- OAuth2-Server-Laravel
- AdminLTE
- Laravel-4-Generators
- Iron-mq
- Faker
- Laravel-vendor-cleanup
- Laravel-ide-helper
- Laravel-debugbar
- Bugsnag
- Respect/Validation
- Many tests have currently been added.
- Forret was originally designed to be a tool for internal use only. Because this became so useful internally, Appit Ventures decided that it would be a good product to make open source and allow the community to utiltize it as well.
- Swap out Laravel's auth for Oauth2
- Add try catch statements to frontend
- Catch all exceptions and throw the proper Dingo/API exceptions
- All views for admin panel
- All views for user frontend
- Continue to write acceptance tests for backend API
- Selenium tests for frontend
- Swap out Respect/Validation for either stock Laravel validation or other library
======= This Starter kit is open-sourced software licensed under the MIT license