Reputation: 6887
Creating a new project with laravel and angularjs
I am creating a new project with angularjs and almost my front end job is done.
I am planning for laravel php to interact with my data and use it only for basic operations like fetching data, mailing etc.
Here are my questions.
I plan to take a subdomain, db.mydomain.com where laravel is loaded and the api is referred to that $http call in angularjs. Is this a good practise?
If yes, how do i enable cors request with laravel.
How can i confirm that the $http request is originated only from my website. I assume we can make it via postman too and using postman the users can copy paste the data. How to make it confirm that the laravel main route works only with base url of my website application.
hope i was clear.
Edit 1 After doing as per instructions,i was able to make cors call. But if i use model to collect data from database, its again throwing cors error.
<?php
namespace App\Http\Controllers;
use App\Task;
class TechnologiesController extends Controller {
public function index()
{
$technologies = Task::getAll("technologies"); // not working if dont have header in task.php
//$technologies = array("subjects"=>array()); // working. This is without interacting with database.
$encodedArray = json_encode($technologies);
echo $encodedArray;
}
}
task.php
use Illuminate\Database\Eloquent\Model;
use DB;
header("Access-Control-Allow-Origin: *"); //using this line solves the cors problem.But i want it to center accesssed
class Task extends Model {
public static function getAll($tableName){
return DB::table($tableName)->get();
}
}
Note : I used to work with laravel 4 and lost my touch. Now i couldnt understand where the model file exactly to be written.
Upvotes: 0
Views: 98
Answers (2)
Reputation: 6348
- Yup this is good practice. Personally I like the subdomain api.domain.com but it's up to you.
- I've used this package for CORS in laravel and it works for me. [Edit: Like @hogan mentioned if you use a subdirectory like /api you won't need CORS to be set up.]
- You'll want to implement some kind of authentication. I use JWT. It is very difficult to verify the source with something like
HTTP_HOSTbecause it is set by the client and easy to spoof.
Upvotes: 0
Reputation: 1551
You can go by subdomain and this is good.
As @jfadich pointed out, go with https://packagist.org/packages/barryvdh/laravel-cors
An alternative option: Add something like /api to your URL.
I used mydomain.com/api because I like that approach and I don't have to do any CORS thing. In this case, depending on your webserver you have to direct the different requests though. The partial example for nginx here is:
location /api/ {
try_files $uri $uri/ /index.php?$query_string;
}
location / {
try_files $uri $uri/ /index.html;
}
index.php is your Laravel index file and index.html your Angular one.
Configure Laravel for this by wrapping all the routes in
Route::group(['prefix' => 'api'], function(){ ... });
For Auth I also use JWT, still having trouble with refreshing the Token before its invalid but this is another story.
Upvotes: 1
Related Questions
- Setup a Laravel existing project
- How to run AngularJS project with Laravel
- separate AngularJS controller files in Laravel&Angular Project
- Create a base project using Angular JS with CodeIgniter
- Laravel Project on Existing Website
- Create new Project in Angular-js
- Creating your first laravel project on web server
- How to correctly create a laravel project?
- Laravel Create New Project
- Angular and Laravel