Diving into Laravel Password Reset

Laravel provides out-of-the-box users management, handling authentication, password recovery, authorization and much more. But to work it expects some preconditions, and if you violate those preconditions you have to manually re-wire many things. The precondition I've violated today is that users have not a single associated email address, but many contacts of different types are listed in a different table of the database. This implies that password recovery mechanism has no longer a mail address to which send the reset link, and everything breaks badly. Anyway, hacking around I've been…

Keep reading

Laravel Dynamic Mail Configuration

Use case: from a Laravel application, use a dynamic (database driven) configuration for sending mails. Eventually, different for each user which is actually logged in. Everywhere on the internet you find references to this thread on a forum, raccomanding to load the configuration and create a new Mailer to overwrite the one registered at bootstrap, but it is obsolete: the mentioned share method no longer exists in Laravel 5.4. Probably there is a different way to do the same thing, but I've achieved my goal in easier way: don't…

Keep reading

They Are Many

In a complex Laravel application I'm working on, I had to implement a dynamic system to integrate external and heterogeneous sources of data. So I built on the ServiceProviders feature provided by Laravel and created a ContentsDriver abstract class including the internal events handling flow and to be extended by the different effective files each implementing a source. Now I have to dynamically create those drivers on behalf of a configuration got from the database, and the whole construction breaks down: each ContentsDriver handles a single source, I would have…

Keep reading

Assets Minification Salt and Pepper

Recently I discovered this awesome Laravel module to minify and aggregate assets. My only issue was about generated hashes for aggregated files: as I had to distribute the files on different balanced servers I could not depend on mtime timestamps to salt them (as last git pull time could slightly change on different servers), I could not leave the hashes depending only on original filenames (as they never change, and so did the hash, leaving rotting copies of the assets on the users' browser caches), so I had to leverage…

Keep reading

Transparent Caching of Eloquent Models

In a Laravel application I had to iterate a large set of items and, for each of them, access to a related other item which, in most cases, is selected within a smaller set. The reference example: a lot of food products, each having a unit measure such as "kilos", "liters", and a few others. $products = Product::get(); foreach ($products as $product) { echo $product->measure->name; } This triggers a new query for each access to the measure attribute of each $product, since each product has be to populated…

Keep reading

Cookies from the Dark Side

I spent some hour trying to get Laravel and Varnish live together peacefully, and mixing various sources from the web I obtained some result. The base issue is that Laravel drops a session cookie for every users, even when not authenticated, and this fools any evaluation about pass/hash contents in Varnish. The secondary issue (more related to my own deployment) is that authentication happens via OAuth through another instance, so I cannot just relay on pass'ing POST login requests and replying a doors-opening cookie. Mashing up many ideas and…

Keep reading