Skip to content

JayeMcC/LaravelTest

Repository files navigation

I use an ubuntu dockerised dev environment to keep the experience consistent across machines.

  • To run, open Docker Desktop and VSCode
  • In VSCode, open the repo, hit F1, and select "Dev containers: Rebuild and Reopen in Container" to spin up a local dev environment
  • On Windows this will require enabling WSL

This will set up and run the queue worker, the DB, and the site itself. This readme will be hosted at: http://localhost:8000/

To manually dispatch the welcome email job run the following command:

php artisan email:send-welcome {user_id}

The DB is automatically seeded, so feel free to log in with the following details, or register to gain your own (I recommend [email protected] as it's an admin account):

email: [email protected]
password: password123

email: [email protected]
password: password123

If the above accounts don't work, run:

php artisan migrate:fresh --seed

In PHP files I've marked any meta code assessment specific comments with a "#"

  • If you search for "# " and filter for only .php files you will find my reasoning behind including features
  • Standard comments have been made with "//"

Requirements and setup history

  1. Setup (handled by dockerfile) Create a new Laravel project using the latest stable version
composer create-project laravel/laravel example-app

Set DB to mysql in .env Set up .devcontainer/docker-compose.yml to run a mysql db

Install Laravel Sanctum

php artisan install:api
  1. API Endpoints
  • Posts and users are explicitly requested, but comments are implied too
  1. Database Design

  2. Features

  • Pagination on posts, comments, and users
  1. Queue implementation
  • Queued job for sending a welcome email
app/Jobs/SendWelcomeEmail.php

Artisan command to dispatch that job

app/Console/Commands/SendWelcomeEmailCommand.php

Run by:

php artisan email:send-welcome {user_id}

Check completed jobs by logging into the mysql container

docker exec -it mysql mysql -u user -p
pass: pass

And reviewing the job histories table

USE test_db;
SELECT * FROM job_histories;
  1. Validation

  2. Testing

  3. Documentation

  • I've opted to use swagger via external definitions rendered here: http://localhost:8000/swagger-ui/index.html#/
  • There's a button in the nav of the web app to grab a valid bearer token that makes authenticating the swagger ui easy
  • But you could also just run the login

Things I've considered out of scope of the requirements, but potentially in the scope of the evaluation criteria:

Security

  • Email confirmation on account creation
  • Password requirements
  • MFA
  • Account recovery
  • Admin controls
  • Successive login failure protections
    • After three failed attempts introduce
      • Captcha
      • Exponentially increasing timeouts
    • Admin override to reset the current protection status
  • Rate limiting on APIs/Debouncing

Performance

  • Google lighthouse setup

Testing

  • End to end Playwright tests
  • Unit testing components via a Storybook component library
  • CI/CD via github actions
    • Lint rules
    • Test suite
    • Dependabot

Prod deployment

  • Would point to a prod instance instead of spinning up a DB instance/seeding the DB
  • Would implement secure secrets management (probably via pipeline vars or AWS secrets)

Things out of scope that I did anyway:

Front end setup history: There was no mention of a front end, but I figured it would be nice to test the features and flow as a user too. I opted for some react content as that's your current stack. I would have opted for an SPA, but that would have been more complex. VSCode won't stop "Configuring Dev Container", it's just because it's running npm dev so the react components build

php artisan ui react --auth

Install NPM

apt install npm

Use NPM to install depenencies

npm install

Build the react assets

npm run dev

Things I would have liked to have done, but I'd need to sleep on it

API sad path handling: http://localhost:8000/swagger-ui/index.html#/ Exception handler was redirecting api requests to web links

  • Logging out while unauthenticated throws a redirect to welcome page
  • Attempting to hit an auth required page while unauthenticated throws a redirect to the login page
  • Hitting the post update while unauthenticated redirects to /

Linting:

  • Fill in phpdoc

Web:

  • Add pagination to web

Swagger UI:

  • Caching issue, seems to hold onto old files even when told not to by laravel routes
  • Temp fix is to always open in incognito
  • Figure out answer later

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published