Professional Documents
Culture Documents
https://laravel.com/docs/5.2/routing
HTTP Routing
# Basic Routing
# Route Parameters
# Required Parameters
# Optional Parameters
# Regular Expression Constraints
# Named Routes
# Route Groups
# Middleware
# Namespaces
# Sub-Domain Routing
# Route Prefixes
# CSRF Protection
# Introduction
# Excluding URIs
# X-CSRF-Token
# X-XSRF-Token
12/07/2016 16:26
https://laravel.com/docs/5.2/routing
# Basic Routing
All Laravel routes are defined in the
routes simply accept a URI and a
app/Http/routes.php
Closure
file, which is automatically loaded by the framework. The most basic Laravel
Route::get('foo', function () {
return 'Hello World';
});
routes.php
RouteServiceProvider
web
provides access to session state and CSRF protection. Most of the routes for your application will be defined within this file.
Route::get($uri, $callback);
Route::post($uri, $callback);
Route::put($uri, $callback);
Route::patch($uri, $callback);
Route::delete($uri, $callback);
Route::options($uri, $callback);
Sometimes you may need to register a route that responds to multiple HTTP verbs. You may do so using the
match
12/07/2016 16:26
https://laravel.com/docs/5.2/routing
even register a route that responds to all HTTP verbs using the
any
method:
Route::any('foo', function () {
//
});
# Route Parameters
Required Parameters
Of course, sometimes you will need to capture segments of the URI within your route. For example, you may need to capture a user's ID
from the URL. You may do so by defining route parameters:
12/07/2016 16:26
https://laravel.com/docs/5.2/routing
//
});
Route parameters are always encased within "curly" braces. The parameters will be passed into your route's
Closure
executed.
Note: Route parameters cannot contain the
) instead.
Optional Parameters
Occasionally you may need to specify a route parameter, but make the presence of that route parameter optional. You may do so by
placing a
mark aer the parameter name. Make sure to give the route's corresponding variable a default value:
where
where
12/07/2016 16:26
https://laravel.com/docs/5.2/routing
name of the parameter and a regular expression defining how the parameter should be constrained:
Global Constraints
If you would like a route parameter to always be constrained by a given regular expression, you may use the
define these patterns in the
boot
method of your
RouteServiceProvider
pattern
/**
* Define your route model bindings, pattern filters, etc.
*
* @param \Illuminate\Routing\Router $router
* @return void
12/07/2016 16:26
https://laravel.com/docs/5.2/routing
*/
public function boot(Router $router)
{
$router->pattern('id', '[0-9]+');
parent::boot($router);
}
Once the pattern has been defined, it is automatically applied to all routes using that parameter name:
# Named Routes
Named routes allow the convenient generation of URLs or redirects for specific routes. You may specify a name for a route using the
as
12/07/2016 16:26
https://laravel.com/docs/5.2/routing
Route::get('user/profile', [
'as' => 'profile', 'uses' => 'UserController@showProfile'
]);
Alternatively, instead of specifying the route name in the route array definition, you may chain the
name
definition:
Route::get('user/profile', 'UserController@showProfile')->name('profile');
as
keyword in the route group attribute array, allowing you to set a common route
route
function:
12/07/2016 16:26
https://laravel.com/docs/5.2/routing
// Generating URLs...
$url = route('profile');
// Generating Redirects...
return redirect()->route('profile');
If the named route defines parameters, you may pass the parameters as the second argument to the
route
parameters will automatically be inserted into the URL in their correct positions:
# Route Groups
Route groups allow you to share route attributes, such as middleware or namespaces, across a large number of routes without needing
to define those attributes on each individual route. Shared attributes are specified in an array format as the first parameter to the
Route::group
method.
To learn more about route groups, we'll walk through several common use-cases for the feature.
Middleware
12/07/2016 16:26
https://laravel.com/docs/5.2/routing
To assign middleware to all routes within a group, you may use the
middleware
Route::get('user/profile', function () {
// Uses Auth Middleware
});
});
Namespaces
Another common use-case for route groups is assigning the same PHP namespace to a group of controllers. You may use the
namespace
parameter in your group attribute array to specify the namespace for all controllers within the group:
12/07/2016 16:26
10
https://laravel.com/docs/5.2/routing
RouteServiceProvider
includes your
App\Http\Controllers
App\Http\Controllers
routes.php
namespace prefix. So, we only need to specify the portion of the namespace that
namespace.
Sub-Domain Routing
Route groups may also be used to route wildcard sub-domains. Sub-domains may be assigned route parameters just like route URIs,
allowing you to capture a portion of the sub-domain for usage in your route or controller. The sub-domain may be specified using the
domain
Route Prefixes
The
prefix
group attribute may be used to prefix each route in the group with a given URI. For example, you may want to prefix all route
admin
12/07/2016 16:26
11
https://laravel.com/docs/5.2/routing
});
});
prefix
# CSRF Protection
Introduction
Laravel makes it easy to protect your application from cross-site request forgery (CSRF) attacks. Cross-site request forgeries are a type of
malicious exploit whereby unauthorized commands are performed on behalf of an authenticated user.
Laravel automatically generates a CSRF "token" for each active user session managed by the application. This token is used to verify
that the authenticated user is the one actually making the requests to the application.
Anytime you define a HTML form in your application, you should include a hidden CSRF token field in the form so that the CSRF protection
middleware will be able to validate the request. To generate a hidden input field
csrf_field
_token
helper function:
12/07/2016 16:26
12
https://laravel.com/docs/5.2/routing
// Vanilla PHP
<?php echo csrf_field(); ?>
The
csrf_field
You do not need to manually verify the CSRF token on POST, PUT, or DELETE requests. The
in the
web
VerifyCsrfToken
middleware group, will automatically verify that the token in the request input matches the token stored in the session.
$except
property of the
VerifyCsrfToken
web
routes.php
file, or by
middleware:
<?php
namespace App\Http\Middleware;
12/07/2016 16:26
13
https://laravel.com/docs/5.2/routing
X-CSRF-TOKEN
In addition to checking for the CSRF token as a POST parameter, the Laravel
X-CSRF-TOKEN
VerifyCsrfToken
request header. You could, for example, store the token in a "meta" tag:
meta
tag, you can instruct a library like jQuery to add the token to all request headers. This provides simple,
$.ajaxSetup({
headers: {
12/07/2016 16:26
14
https://laravel.com/docs/5.2/routing
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
X-XSRF-TOKEN
Laravel also stores the CSRF token in a
XSRF-TOKEN
X-XSRF-TOKEN
JavaScript frameworks, like Angular, do this automatically for you. It is unlikely that you will need to use this value manually.
User
Implicit Binding
Laravel will automatically resolve type-hinted Eloquent models defined in routes or controller actions whose variable names match a
route segment name. For example:
12/07/2016 16:26
15
https://laravel.com/docs/5.2/routing
$user
{user}
Laravel will automatically inject the model instance that has an ID matching the corresponding value from the request URI.
If a matching model instance is not found in the database, a 404 HTTP response will be automatically generated.
id
/**
* Get the route key for the model.
*
* @return string
*/
public function getRouteKeyName()
{
return 'slug';
}
Explicit Binding
To register an explicit binding, use the router's
bindings in the
RouteServiceProvider::boot
model
method to specify the class for a given parameter. You should define your model
method:
12/07/2016 16:26
16
https://laravel.com/docs/5.2/routing
$router->model('user', 'App\User');
}
{user}
parameter:
profile/1
{user}
parameter to the
User
App\User
model, a
User
If a matching model instance is not found in the database, a 404 HTTP response will be automatically generated.
Route::bind
method. The
Closure
bind
method will
receive the value of the URI segment, and should return an instance of the class you want to be injected into the route:
12/07/2016 16:26
17
https://laravel.com/docs/5.2/routing
Closure
model
method:
PUT
PATCH
or
_method
DELETE
PUT
PATCH
or
_method
DELETE
method:
_method
method_field
helper function:
12/07/2016 16:26
18
https://laravel.com/docs/5.2/routing
{{ method_field('PUT') }}
Route::current()
method will return the route handling the current HTTP request, allowing you to inspect the full
Illuminate\Routing\Route
instance:
$route = Route::current();
$name = $route->getName();
$actionName = $route->getActionName();
currentRouteName
and
currentRouteAction
Route
action:
$name = Route::currentRouteName();
$action = Route::currentRouteAction();
Please refer to the API documentation for both the underlying class of the Route facade and Route instance to review all accessible
methods.
12/07/2016 16:26
19
https://laravel.com/docs/5.2/routing
12/07/2016 16:26