I inherited a Laravel 5.4 application at work(very well coded and complex). The application has four route groups according to four different end-users in the routes.php file. All the route groups have their own namespace in App\Http\Controllers.
like App\Http\Controllers\Api App\Http\Controllers\Admin
My question is regarding two of the route groups-Api and Admin.The major share of code is under the Admin namespace and Api namespace has a smaller share. Right now, API calls from external environment use the Api route group using the Api namespace and the web application works through the Admin route group using the Admin namespace.
I need to make API calls to the application to GET/POST data in the database.The same create and fetch tasks are perfectly done in the web application within a browser, as there are functions in one of the controllers under the Admin namespace to carry out those tasks. I want to use those existing functions to execute the new API calls.
I'm using Postman to test these API calls.
I have two options:
- Make new functions for API Calls in the
ApiControllerunder the Api namespace.Use the existing Api route group with theauth:apimiddleware in theroutes.phpfile by creating fresh routes for those API calls. This would require replicating those existing functions under the Admin namespace. - Use the existing functions in the Admin namespace. Create a separate route group in the
routes.phpfile which uses the Admin namespace butauth:apimiddleware instead of the usualwebmiddleware. The route in this would be similar to the one pre-existing under the Admin route group. This would not require writing much newer code as compared to the other option.
I have tried both the solutions and both work. I am able to store data in the database. But I have to execute this API call to fetch huge amount of data for the statistics purpose and copy-pasting a lot of code just for this doesn't seem right when I already have functions doing the same task. Hence, the question being asked here.
Can someone please tell me which approach from the above two is better? And are there any security issues with any of these options?
Here's my code.
Option 1:
routes.php file
Route::group(['domain' => getenv('API_URL') , 'namespace' => 'Api', 'middleware' => 'api-auth'], function () {
Route::match(['get', 'post'], 'v1/createTask1', 'ApiController@create_task1');
Route::match(['get', 'post'], 'v1/createTask2', 'ApiController@create_task2');
Route::match(['get', 'post'], 'v1/getStats', 'ApiController@get_stats_task');
);
Option 2:
routes.php file
// Routes for making API calls to the Web functions already present under the Admin namespace
Route::group(['domain' => getenv('API_URL') , 'namespace' => 'Admin', 'middleware' => 'api-auth'], function() {
Route::match(['get', 'post'], 'v1/controller1_prefix/create', 'Controller1@createAction');
Route::match(['get', 'post'], 'v1/controller2_prefix/create', 'Controller2@createAction');
Route::match(['get', 'post'], 'v1/controller3_prefix/fetchStats', 'Controller2@statsAction');
});
Route::group(['domain' => getenv('ADM_URL') , 'namespace' => 'Admin', 'middleware' => 'web'], function () {
Route::group(['middleware' => 'auth:admins'], function() {
Route::match(['get', 'post'], 'v1/controller3_prefix/fetchStats', 'Controller2@statsAction');
});
*** Whole lot of routes ***
Route::group(['middleware' => ['auth:admins', 'check-role:SUPER_ADMIN|ADMIN']], function() {
Route::match(['get', 'post'], 'v1/controller1_prefix/create', 'Controller1@createAction');
Route::match(['get', 'post'], 'v1/controller2_prefix/create', 'Controller2@createAction');
});
});
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire