Routes, Controllers, Middleware trong Laravel
<?php
// routes/web.php
use Illuminate\Support\Facades\Route;
// Basic routes
Route::get('/', function () {
return view('welcome');
});
Route::get('/about', function () {
return view('about');
});
// Route với parameters
Route::get('/users/{id}', function (string $id) {
return "User ID: " . $id;
});
// Optional parameters
Route::get('/posts/{slug?}', function (?string $slug = null) {
return $slug ? "Post: $slug" : "All posts";
});
// Route constraints
Route::get('/orders/{id}', function (int $id) {
return "Order: $id";
})->whereNumber('id');
Route::get('/categories/{slug}', function (string $slug) {
return "Category: $slug";
})->whereAlpha('slug');<?php
// routes/api.php
use App\Http\Controllers\Api\UserController;
use App\Http\Controllers\Api\PostController;
// API v1 group
Route::prefix('v1')->group(function () {
Route::apiResource('users', UserController::class);
Route::apiResource('posts', PostController::class);
});
// Authenticated routes
Route::middleware(['auth:sanctum'])->group(function () {
Route::get('/profile', [ProfileController::class, 'show']);
Route::put('/profile', [ProfileController::class, 'update']);
// Admin routes
Route::middleware(['admin'])->prefix('admin')->group(function () {
Route::get('/dashboard', [AdminController::class, 'dashboard']);
Route::resource('users', AdminUserController::class);
});
});# Tạo resource controller
php artisan make:controller PostController --resource
# Tạo API resource controller
php artisan make:controller Api/PostController --api<?php
// app/Http/Controllers/PostController.php
namespace App\Http\Controllers;
use App\Models\Post;
use Illuminate\Http\Request;
use Illuminate\View\View;
use Illuminate\Http\RedirectResponse;
class PostController extends Controller
{
public function index(): View
{
$posts = Post::with('author')
->latest()
->paginate(15);
return view('posts.index', compact('posts'));
}
public function create(): View
{
return view('posts.create');
}
public function store(Request $request): RedirectResponse
{
$validated = $request->validate([
'title' => 'required|string|max:255',
'content' => 'required|string',
'category_id' => 'required|exists:categories,id',
]);
$post = $request->user()->posts()->create($validated);
return redirect()
->route('posts.show', $post)
->with('success', 'Bài viết đã được tạo!');
}
public function show(Post $post): View
{
$post->load(['author', 'comments.user']);
return view('posts.show', compact('post'));
}
public function update(Request $request, Post $post): RedirectResponse
{
$this->authorize('update', $post);
$validated = $request->validate([
'title' => 'required|string|max:255',
'content' => 'required|string',
]);
$post->update($validated);
return redirect()
->route('posts.show', $post)
->with('success', 'Đã cập nhật!');
}
public function destroy(Post $post): RedirectResponse
{
$this->authorize('delete', $post);
$post->delete();
return redirect()
->route('posts.index')
->with('success', 'Đã xóa bài viết!');
}
}php artisan make:middleware EnsureUserIsAdmin<?php
// app/Http/Middleware/EnsureUserIsAdmin.php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class EnsureUserIsAdmin
{
public function handle(Request $request, Closure $next): Response
{
if (!$request->user() || !$request->user()->is_admin) {
abort(403, 'Unauthorized');
}
return $next($request);
}
}
// Đăng ký trong bootstrap/app.php (Laravel 11+)
->withMiddleware(function (Middleware $middleware) {
$middleware->alias([
'admin' => \App\Http\Middleware\EnsureUserIsAdmin::class,
]);
})bootstrap/app.php thay vì Kernel.php.