Added Dingo Api, Plus Implement a Working Complete Auth Api, With Roles and Abilities Middleware, and Docs

Author: root

.env.docker

@@ -0,0 +1,44 @@
+APP_ENV=local
+APP_NAME="Laravel Dev"
+APP_KEY=base64:ExExqfImrGk+wFJg/IrePYV0yrES5f84ojB7dBvvczE=
+APP_DEBUG=true
+APP_LOG_LEVEL=debug
+APP_URL=http://laravel.dev
+APP_DOMAIN=laravel.dev
+
+API_DOMAIN=api.laravel.dev
+API_DEBUG=true
+API_STANDARDS_TREE=vnd
+API_SUBTYPE=apisubtype
+API_VERSION=v1
+API_NAME="Laravel Dev Api"
+SIGN_UP_RELEASE_TOKEN=true
+PASSWORD_RESET_RELEASE_TOKEN=true
+JWT_SECRET=aYLINRYJugcmNYoZ8xDVJUh2EcibPduu
+
+DB_CONNECTION=mysql
+DB_HOST=mysql
+DB_PORT=3306
+DB_DATABASE=api
+DB_USERNAME=root
+DB_PASSWORD=root
+
+REDIS_HOST=redis
+REDIS_PASSWORD=null
+REDIS_PORT=6379
+
+BROADCAST_DRIVER=redis
+CACHE_DRIVER=file
+
+SESSION_DRIVER=file
+SESSION_DOMAIN=.laravel.dev
+
+QUEUE_HOST=beanstalkd
+QUEUE_DRIVER=beanstalkd
+
+MAIL_DRIVER=smtp
+MAIL_HOST=smtp.mailtrap.io
+MAIL_PORT=2525
+MAIL_USERNAME=ccbcdcb6f224ce
+MAIL_PASSWORD=7ad210d0196bb5
+

.vscode/settings.json

@@ -0,0 +1,49 @@
+// Place your settings in this file to overwrite the default settings
+{
+    "terminal.integrated.fontFamily": "DejaVuSansMonoForPowerline NF",
+    "terminal.integrated.fontSize": 16,
+    "window.zoomLevel": 1,
+    "editor.fontFamily": "DejaVuSansMonoForPowerline NF",
+    "editor.fontSize": 19,
+    "editor.fontLigatures": true,
+    // Fix the bug on Blade Not Highlighting pair html tag
+    "files.associations": {
+    "*.vue": "vue",
+    "*.blade.php": "html"
+    },
+    "emmet.syntaxProfiles": {
+        // I disable Blade Since im Using Vue Template
+        "blade": "html",
+        "vue-html": "html"
+    },
+    // Add the Following In Your Packages.json to use this
+    // "babel-eslint"
+    // "eslint":
+    // "eslint-config-standard"
+    // "eslint-plugin-html"
+    
+    "eslint.validate": [ "javascript", "javascriptreact", { "language": "html", "autoFix": true } ],
+    "workbench.iconTheme": null,
+    // Auto rename HTML tags
+    "auto-rename-tag.activationOnLanguage": [
+        "html",
+        "xml",
+        "php",
+        "javascript",
+        "blade"
+    ],
+
+    
+
+    // Exclude Vendor Folders During Search and Replace
+    "files.watcherExclude": {
+    "**/vendor/**": true
+    },
+    "search.exclude": {
+        "**/vendor/**": true
+    },
+    "stylelint.enable": true,
+    "css.validate": false,
+    "eslint.autoFixOnSave": true
+
+}

Docs/ACL.md

@@ -0,0 +1,120 @@
+
+## ACL 
+
+#### Uses JWT as Default Driver for Auth User
+```
+App\Http\Controllers\Auth
+
+ - LoginController
+
+```
+
+Note: Auth User is Using JWT by Default... users auth:api Middleware
+
+
+#### Roles Abilities Middlewares
+Add Roles to User
+```
+Bouncer::assign('admin')->to($user);
+or 
+$user->assign('admin')
+```
+
+Add Abilities to User
+```
+\Bouncer::allow($user)->to('view-dashboard');
+or
+$user->allow('view-dashboard');
+or 
+\Bouncer::allow('owner')->to('*', $post);
+```
+
+Abilities and Roles Middleware (Default is Non Strict)
+
+```
+$api = app('Dingo\Api\Routing\Router');
+$api->version('v1', function ($api) {
+     $api->group(['middleware' => ['roles'],
+     'roles' => ['admin','manager'],
+    'rolesStrict' => true,
+    'prefix' => 'admin'
+     ]
+     , function ($api) {
+         $api->get('/', function(){
+        return 'Im a user with Admin and Manager Role';});
+    });
+    $api->group(['middleware' => ['jwt.auth', 'abilities'],
+     'abilities' => ['view-dashboard', 'login'],
+    'abilitiesStrict' => true,
+    'prefix' => 'abilities'
+     ]
+     , function ($api) {
+         $api->get('/', function(){
+        return 'I can view Dashboard and Login!';});
+    });
+});
+```
+
+#### Using Authorize Middleware
+Can be used with a simple ability:
+```
+Route::group(['middleware' => 'can:access-dashboard'], function () {
+    // Dashboard routes...
+});
+```
+
+Can be used on a single model
+It will pull the $user model from the route.
+```
+Route::get('users/{user}', 'UserController@show')->middleware('can:view,user');
+```
+ it can be used on a model type
+ ```
+Route::get('users', 'UserController@index')->middleware('can:view,'.User::class);
+ ```
+A new AuthorizesResources trait
+```
+class UsersController extends Controller
+{
+    public function __construct()
+    {
+        $this->authorizeResource('user', User::class);
+    }
+}
+```
+#### Retracting Roles From Set of Users
+
+```
+Bouncer::retract('admin')->from(User::pluck('id')->all());
+Or much Efficient Way
+Bouncer::retract('admin')->from(User::whereIs('admin')->pluck('id')->all());
+```
+
+
+#### Retracting All Roles From a User
+
+```
+$user->roles->each(function ($role) {
+    $user->retract($role);
+});
+```
+
+#### WildCards
+```
+// This Will Give You All Abililities No restriction in your Account
+Bouncer::allow($user)->everything();
+// This Will Allow You to Manage Specific Post
+Bouncer::allow($user)->toManage($post);
+// Allows You to Manage the Whole Post Class
+Bouncer::allow($user)->toManage(Post::class);
+// Allows User to Give Specific Abilities to Any Models
+Bouncer::allow($user)->toAlways('view');
+```
+
+#### Assigning Specific Model to User
+```
+// All Permissions
+Bouncer::allow($user)->toOwn(User::class);
+// With Specific Permission
+\Bouncer::allow($user)->toOwn(User::class,['view','update']);
+```

Docs/API.md

@@ -0,0 +1,69 @@
+### Using Dingo Api
+
+#### using api.domain.com
+if you are using this. you need to uncomment at VerifyCsrfToken.php
+
+Meaning you set you API_DOMAIN=api.domain.dev at your .env
+```
+protected $except = [
+       // 'api/*'
+    ];
+```
+
+#### using prefix /api
+if you are using this you need this at VerifyCsrfToken.php
+
+```
+protected $except = [
+       // 'api/*'
+    ];
+```
+
+#### Using Transformers
+
+#### Configuring Config/api.php
+
+
+#### Using Postman
+- Open [Postman](https://chrome.google.com/webstore/detail/postman/fhbjgbiflinjbdggehcddcbncdddomop?hl=en)
+
+- add to header ,where API_SUBTYPE is define in our .env (Use for Accessing Specific Api Version)
+
+```
+Accept: application/vnd.YOUR_SUBTYPE.v1+json
+```
+
+
+- Make Post Request to login
+
+```
+http://api.laravel.dev/auth/login
+or
+http://laravel.dev/auth/login
+```
+
+- Add to Body
+```
+email = admin@laravel.dev
+password = password
+```
+
+- You will see Response something like this
+```
+{
+  "status": "ok",
+  "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjEsImlzcyI6Imh0dHA6XC9cL2FwaS5sYXJhdmVsLmRldlwvYXV0aFwvbG9naW4iLCJpYXQiOjE0ODkzMzI1OTcsImV4cCI6MTQ4OTM5NzM5NywibmJmIjoxNDg5MzMyNTk3LCJqdGkiOiJjODMxNTMzZjkzMGFiOTkzMGExMzhkMGNkOTI5NGI3ZCJ9.3v-cGtXA-ySmL67pp4kZ4U4Mf3v7ge_CzUEdWIRKSeM"
+}
+```
+If .env
+```
+API_STRICT =  true
+```
+Header 
+
+Key:
+Accept
+
+Value:
+application/x.apisubtype.v1+json
+