Laravel - Raw query using Rest API JSON

Question

I'm pretty new to Laravel and i'd like to know if I'm doing the follow API in the proper way.

I have a mobile app that will make a request to have the restaurants around a position, sending this URL with parameters (lng, lat, rad) :

localhost/restaurant/@59.931412,59.931342,15

I came up with this route for the moment:

Route::get('restaurants/@{latitude},{longitude},{radius}', 'RestaurantsController@show'})
->where(['latitude' => '[0-9]+', 'longitude' => '[0-9]+', 'radius' => '[0-9]+']);

But I saw that if I want to make it REST I should use:

Route::resource('restaurants', 'RestaurantsController');

What I don't understant is:

• how do i pass the parameters ?
• The mobile app is supposed to send an GET verb and i have to make a 'show' method in my controller ?
• instead of doing verification of parameters in the route, i have to use a middleware at the begining of the methode, right ?

Bonus : Is my query well written, is it secure ?

public function show($latitude, $longitude, $radius)
{
    //Middleware to control parameters later

    $results = DB::select(
                'SELECT * ( 3959 * acos( cos( radians(:latitude) ) *
                cos( radians( lat ) ) * cos( radians( lng ) - radians(:longitude) ) +
                sin( radians(:latitude) ) * sin( radians( lat ) ) ) ) AS distance FROM events HAVING 
                distance < :radius ORDER BY distance LIMIT 0 , 20',
                ["latitude" => $latitude, "longitude" => $longitude, "radius" => $radius]);

    return Response::json($results);
}

Edit : It's such a mess in my head, i have so many question that i came up with a post title a bit different to my questions, sorry.

Update 1: Here is my route

Route::get('restaurants/@{latitude},{longitude},{radius}', 'EventsController@show');

and my request rule (who's injected in the controller)

public function rules()
    {
        return [
            'latitude' => 'required|digits_between:-90,90',
            'longitude' => 'required|digits_between:-180,180',
            'radius' => 'required|numeric',
        ];
    }

i'm having the page "The page isn't redirecting properly" and in the log i have "Invalid request (Unexpected EOF)"

i use artisan and my url is : http://localhost:8000/restaurants/@59.93141200,30.31992300,15

without the request in the controller, the route works... I tried puting simple rule like 'required' only for latitude alone, it still does not want to access the request process.

The probleme comes from required (required: The field under validation must be present in the input data.), i don't understant values are here.

Answer 1

Pointers w.r.t your API(s):

1. Use post calls while making API, why show user which parameters are needed to get response.

2. You're using Raw query in Laravel, where this framework provides eloquent way to write query, stick with newer approach.

3. It's not mandatory to use resource if you're building API, until and unless you want API to have (Insert, Update, Delete, Detail and Listing feature all at once)

As per your question:

Q: How do I pass the parameters?
A: Since it's a get request, you just have to concat the params to the URL.

Q: The mobile app is supposed to send an GET verb and I have to make a 'show' method in my controller?
A: It depends upon your route, which function you're calling, if you write Route::get('list', 'ABController@list'); then, list function will be called. As per you route defined in the question, the show function will be called.

Q: Instead of doing verification of parameters in the route, I have to use a middleware at the begining of the methode, right?
A: It's better to use middleware to do validation. In laravel there is an other concept called Request, which will watch your parameter and apply validation as you need.