Creating a new project with laravel and angularjs
I am creating a new project with angularjs and almost my front end job is done.
I am planning for laravel php to interact with my data and use it only for basic operations like fetching data, mailing etc.
Here are my questions.
I plan to take a subdomain, db.mydomain.com where laravel is loaded and the api is referred to that $http call in angularjs. Is this a good practise?
If yes, how do i enable cors request with laravel.
How can i confirm that the $http request is originated only from my website. I assume we can make it via postman too and using postman the users can copy paste the data. How to make it confirm that the laravel main route works only with base url of my website application.
hope i was clear.
Edit 1 After doing as per instructions,i was able to make cors call. But if i use model to collect data from database, its again throwing cors error.
<?php
namespace App\Http\Controllers;
use App\Task;
class TechnologiesController extends Controller {
public function index()
{
$technologies = Task::getAll("technologies"); // not working if dont have header in task.php
//$technologies = array("subjects"=>array()); // working. This is without interacting with database.
$encodedArray = json_encode($technologies);
echo $encodedArray;
}
}
task.php
use Illuminate\Database\Eloquent\Model;
use DB;
header("Access-Control-Allow-Origin: *"); //using this line solves the cors problem.But i want it to center accesssed
class Task extends Model {
public static function getAll($tableName){
return DB::table($tableName)->get();
}
}
Note : I used to work with laravel 4 and lost my touch. Now i couldnt understand where the model file exactly to be written.
Answer
- Yup this is good practice. Personally I like the subdomain api.domain.com but it's up to you.
- I've used this package for CORS in laravel and it works for me. [Edit: Like @hogan mentioned if you use a subdirectory like /api you won't need CORS to be set up.]
- You'll want to implement some kind of authentication. I use JWT. It is very difficult to verify the source with something like
HTTP_HOSTbecause it is set by the client and easy to spoof.
Related Questions
- → Make a Laravel collection into angular array (octobercms)
- → Laravel {!! Form::open() !!} doesn't work within AngularJS
- → Angularjs not working inside laravel form
- → Analysis of Flux implementations
- → how to write react component to construct HTML DOM
- → angular ng-repeat and images in a row
- → Conditional BG Color on AngularJS
- → Should I 'use strict' for every single javascript function I write?
- → getting the correct record in Angular with a json feed and passed data
- → "Undefined is not a function" at .toBe fucntion
- → angularjs data binding issue
- → Angular / JavaScript auto hydrate an instance
- → Convert generic text string in json object into valid url using Angular