andresayej

<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Support\Facades\Vite;
use Illuminate\Support\Str;

/**
 * Simple Content Security Policy middleware.

andresayej

PUSHER_HOST=socket.yourdomain.com
PUSHER_APP_ID=unlock
PUSHER_APP_KEY=123
PUSHER_APP_SECRET=456
PUSHER_PORT=443
PUSHER_SCHEME=https

andresayej

Deploying Laravel on a shared hosting using only .htaccess

Making Laravel work on a shared hosting can be troublesome, because Laravel needs to have its document root set to the public directory. This may not be configurable by a user or even desirable, when the server is hosting multiple websites.

Here's a simple method using only a .htaccess file placed in Laravel's root directory - e.g. alongside app, bootstrap, config, ... No changes whatsoever are necessary to your code.

The file rewrites all the requests so that requesting /file.png would in fact return /public/file.png and anything else is routed to /public/index.php. This also ensures that nothing outside the public folder can be accessed, thereby protecting any sensitive files like .env or database/*.

The simple method

andresayej

{
  "Id": "S3PolicyId1",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowRead",
      "Effect": "Allow",
      "Principal": {
        "AWS": "*"
      },

andresayej

<template>
  <h1>About Us Component</h1>
  <h3>{{ url }}</h3>

  <p>Test fade/in out on page transition</p>

</template>

<script>

andresayej

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Http;
use Laravel\Passport\Exceptions\OAuthServerException;

class PassportLoginController extends Controller
{

andresayej

# Deployment with zero downtime
# By default keeps 2 last deployments in KEEP_DEPLOYMENTS_DIR and current deployment 

# Project domain
PROJECT_NAME=test.com
# Project directory
PROJECT_DIR=/home/forge/test.com

# Deployments directory
KEEP_DEPLOYMENTS_DIR=/home/forge/deploy

andresayej

cd {{ release }}

# link node_modules from last deployment
ln -s {{ project }}/node_modules

# update linked folder with latest deps
yarn install

# remove the symlink
rm node_modules

andresayej

Laravel Envoyer - Diffed conditional webpack run/npm install

At work we use Envoyer to build our assets as part of our deployment. This has removed a lot of the headaches related to merge conflicts.

However, due to this, deployment takes a long time. Even when you just deploy a update to a controller or some other things.

We use these deployment hooks to run npm install and npm run production only if there's been changes to the source files.

The hooks should work as long as your assets are in resources/assets (which was the default up to Laravel 5.7).

andresayej

If you're not familiar: What is fail2ban? fail2ban is an awesome linux service/monitor that scans log files (e.g. auth.log for SSH) for potentially malicious behavior. Once fail2ban is tripped it will ban users for a specified duration by adding rules to Iptables. If you're unfamiliar with fail2ban Chris Fidao has a wonderful (& free!) series about security including setting up fail2ban here.

Recently Laravel released a new feature in 5.1 to throttle authentication attempts by simply adding a trait to your authentication controller. The Laravel throttle trait uses the inputted username, and IP address to throttle attempts. I love seeing this added to a framework out of the box, but what about some of our other apps not built on Laravel? Like a WordPress login? Or even an open API etc.? Ultimately,