LARACON EU 2024 // TAYLOR OTWELL :: LARAVEL UPDATE

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

please welcome the man the myth the legend Make some noise from Taylor Oswell hey everyone welcome to LaRon Europe thanks for having me I think this is my eighth or ninth uh LaRon Europe maybe almost my 20th laracon in general um so we've had a lot of these things and they it feels like they just keep getting better uh so thank you for coming thank you for supporting uh this community and this ecosystem uh it's great to be back in Amsterdam and I always love coming here every year um thanks to all the staff and volunteers that make this uh event possible and our sponsors of course be sure to check them out in the lobby and uh hear what they have to say as well they've got some great uh services and products to offer you if you're a laravel developer which I assume you are um I've been building laravel for a while um this makes about 14 years since I wrote the first lines of the larl framework in my apartment M uh back in late 2010 um and after all of this time thanks to the great core team we have at larabel thanks to all the contributions from the community members like you I'm still incredibly motivated to keep working on this framework and this ecosystem uh because after all this time I still feel um that this is the singular most productive way to build full stack web applications all these years later just the development experience the speed the productivity of building applications with larel is unmatched I feel like in the web development ecosystem and I love making it easy to build web applications it keeps me energized to keep building this ecosystem and I have honestly never felt burnt out working uh on making laravel awesome for all of you so thank you um we'll cover a lot of cool new stuff today hopefully you find it cool I think it's cool um and first I want to get started with just kind of a recap of some interesting things we've done recently just to sort of bring you up to speed on some things um you may have missed so um back at laracon us we had the release of Vault and Live Wire 3 volt is an amazing way to build very Dynamic very modern reactive feeling applications just in PHP so this is a volt template here where you can see we've find some interactivity at the top of the template and then we have of course our HTML at the bottom and there's no build step there's no JavaScript compilation that has to happen here we're just editing this code in a blade template and we have interactivity right there with no build step so it's an incredibly productive feedback loop as a developer to be able to just edit the file and hit it in your browser immediately with no other in between compilation step um and for many PHP developers Livewire has been a game changer because it allows you to build these modern reactive applications in the language that you're used to and without the complexity of a lot of other builds and compilation steps and things like that so I think it's really been a game Cher for a lot of people um to level up their PHP apps in terms of how they feel to the end user more polished more modern more reactive uh we also launched laravel herd uh which was developed in collaboration with Beyond code uh herd makes it it absolutely incredibly easy to get started building laravel applications on your Mac so how it works is you download herd which is just a an application a Mac application you drop in your applications folder on your Mac and you have everything you need to start building laravel applications you have PHP you have composer you have the laravel installer and you have a bunch of other tools actually within the herd settings themselves to start building laral applications right away and the cool thing about this to me me is it doesn't use any external dependency managers like Homebrew or Docker behind the scenes everything is actually compiled into herd itself so that it's truly one application and the only application you need to get started building laral applications so you can literally go to the Apple Store buy a Macbook download herd and that's all you need to start building laravel applications which I think is super cool and it's something I have wanted for a long [Music] time [Music] this win we winter we also launched laravel pulse uh pulse is the best way to get a highlevel overview of your laravel applications health and it was developed here at laravel by Jess Archer and Tim McDonald two of our of course incredibly talented developers we have on the team um there's no complicated configuration you just compose your acquire laravel pulse and you're good to go and you start getting really interesting metrics about your laral application immediately and I tell people I like to think of pulse as sort of the family doctor of your laral application it's sort of a good first point of contact to figure out what might be going wrong with your application so for example you can see users that are making a lot of requests or an endpoint that is slow or an exception that's been happening a little bit more than usual and it's a great starting point to maybe dig into some deeper tools from there maybe you head over to your preferred error monitor ing solution to really dig into a certain exception or you use a profiling tool to really dig into a certain code path and get down to a really granular granular level but pulse I think is the best starting point for figuring out what's actually happening in your laravel app and it's something we built based on our own frustrations of wanting to diagnose things and things like laravel Forge and Vapor really quickly and get answers really quickly when something was happening in production and we were so frustrated that we weren't be able ble to get these answers as quickly as we would like and so laravel pulse was really the product of that scratching our own itch you might say we also recent recently released our Franken PHP integration with octane which you heard about this morning uh this integration was contributed by Kevin dunglas the author of Franken PHP um it is a super fast modern PHP application server of course I probably don't have to tell you too much about it since you heard about it this morning but it keeps your application in memory and serves it request at a blazing fast rate so that you can really double the speed of your laral application just by using a tool like this and of course we have first-party octane integration and Franken PHP integration in laravel Forge so that you can deploy these applications very easily to production speaking of Forge we've continued to improve our commercial family of offerings uh tools that allow you to get your laral application in production as fast and productively as possible one of the cool new additions we've had recently is the forge application panel which was developed by James Brooks here at laravel and when you deploy your project out to forge the application panel which you can see here automatically detects what laravel packages you're using and gives you nice toggles to enable them or disable them so for example in this project it knows that I'm using laravel Octane and I can flip the toggle switch to turn on or off the octane server anytime I want same with maintenance mode or the larl scheduler larl horizon or even inertia's server side rendering engine there's a toggle for that as well if you're using that in your application so it makes it super simple to in or gives a more Fuller integrated experience with your laral application in Forge and makes it super simple to enable these various services on Vapor we recently introduced support for serverless elastic cache instances on Amazon AWS so what's cool about this is you can launch a serverless R cluster and you do not have to choose how many nodes or what size your cash should be up front it will automatically scale to meet the demands of your application this was integrated into vapor by Joe Dixon here at laravel it's a really cool new feature and I always love to use these kinds of features because it takes out sort of the decision paralysis of deciding how much resources I actually need for my application I can just go with a serverless option and let it scale to meet the demand automatically we also launched support for arm architecture on laravel Vapor so arm processors are more efficient and they're also faster so it's a win-win and they're also cheaper so win-win wiwin on AWS um and to start using an arm architecture for your Vapor power Lil application it's truly just as simple as going into your configuration file going to the runtime line there in the middle and putting dasm at the end of the runtime and then redeploying your application and within minutes your whole application is running on an arm architecture and you've cut your AWS bill down and you've increased your performance and efficiency and this is just a sampling of some of the things we've launched over the last year and even this screen right here is just another sampling there's so much more that goes on behind the scenes and every week a new release of the laravel framework is released with a cool new feature and a handful of bug fixes so I'm incredibly proud of our team and what we've been able to ship and hopefully you've enjoyed a lot of these things that we' brought to you over the last year so that's a brief glimpse into some of the things we've launched recently what about the future um we have a lot of plans for the future actually a lot of exciting new things that we're pumped to develop and some of them I'll show you today so let's go ahead and get started and I'd like to get started with laravel 11 so let's dive into that all right laral 11 which is scheduled to be released at the beginning of next month when I first started developing it I had one primary goal and that was to simplify the entire development experience uh lille's been around like I said for 13 years publicly but I've been working on it for 14 years and over time it's easy to become blind to complexity in software um for example take the service providers directory of a new Lil application it almost becomes assumed that there should be five files in that directory in every new laravel application you just get used to it it's sort of Insidious the way complexity creeps into software you add a new file one year a couple new files the next year another file the next year and after a period of years you've accumulated quite a bit of crft in your application and take middleware for example it becomes easy to become a customer to the fact that there should be n middleware files in every new laravel application that every new larl developer needs to understand and it starts to become overwhelming it feels like we have a few dozen extra files that we don't actually need so with laral 11 I challenge myself to step back and look at the framework with fresh eyes and say what do we actually need here what are the core files that are absolutely required and what can we strip away to give laravel a leaner more minimal more modern feel and that was my goal with laral 11 and the great thing is if you're on laravel 10 when you upgrade to laral 11 you don't have to change anything about your application structure the framework's been fine-tuned internally to support both structures so that the upgrade process is totally seamless all right so enough of chattering let's get into some actual code uh let's start our Exploration with routes this is usually the first file that people interact with in a laravel application um and if I open the routes directory you'll see that it actually has a few less files it just has a web routes file and a console routes file and there's no API routes or Channel routes by default and the reason for that is most larl applications actually don't have a public facing API that's consumed by Third parties they just have your own internal routes and your own internal application so there's no need for us to have this extra API routes file by default but what if my application does have an API routes file how can I install it and get back to where I want to be quickly and we can do that through some new Artisan commands so I'm going to pop open a terminal and I'm going to run PHP Artis install API and this command will add the API routes file it will install laravel sanctum and I'll be ready to go developing my API with authentication token based authentication using larabel sanctum using that one command everything is ready to go it's just that simple what about Channel routes let's get rid of our API stuff Channel routes if you're not familiar tie into Laro event broadcasting system so when you're using Laro event broadcasting system you define channels that users will listen to for events for building real-time applications and you'll broadcast events onto those channels and again many applications that are built with larvo don't use event broadcasting and this channel routes file can feel necessary or like a little bit of file bloat but how can we get it back if we need it and we can get it back really easily so very similarly to the way I installed the API routes I can just come to my command line and do PHP Artis install broadcasting and I'm ready to go the Channel's route file is installed broadcasting route authentication is enabled and everything is autodiscover and ready to go to build my application all right so it's super simple to get these routes back when you need them but the default skeleton is slimmer a little bit leaner for to fit the use case of most laravel applications all right let's get rid of that close that out and let's go back to the console routes file if we take a look at this file we can see that we can now schedule commands directly from this file which was not possible before so if you look at this closure based Artisan command you'll see at the very end of it on line 8 I'm chaining on the hourly method and I could also chain on The Daily method or the weekly method or the monthly method or whatever schedule I want this command to run and I can do that right from this file without needing to leave or go anywhere else what if I have other things I want to schedule I can use a new schedule facade to say things like schedule even just a closure I could schedule it to run every second using laravel's new sub-minute scheduling functionality I can do that right from this file and because I can do it from this file I actually don't need another file which is the console kernel which who knows what a console kernel is anyway but that file is not needed anymore because we can schedule commands and Define commands right here from this file and streamline the whole process now what if I want to make a class-based artisen command I think it's a little bit too complicated for a closure maybe I want to put that in a separate file I can do that really easily using Artis so to say Artis make Command sure maybe I'll call it send emails and it's put into my application now I can come into that Command put some code in here sending emails and now I can run that command without registering anything else in the application everything is autodiscover there's no need to go into a console console kernel file and register the command or if you want to schedule it there's no need to go in a separate file to do do that either you can do it all from the routes console file so you can really manage your whole console experience from this singular file and what that means is your application directory actually becomes much simpler you just have an HTTP a models and a provider's directory out of the box much leaner much more streamlined thank [Applause] you so that's what the default routes layout looks like in laravel of course I'm sure many of you are familiar with the web routes file which is sort of your standard routes that you had Define for your application nothing has changed there um so typically these files would be sort of configured and loaded by the route service provider but in laral 11 you'll notice that my app providers directory just has one provider not five this has an app service provider so how does the framework know how to find my rout or where they even are on the file system and that brings me to a really important file in larav val 11 which is the application bootstrap file and I like to think of this file as like the route file equivalent of application configuration it's much more minimal it's much more functional whereas a lot of the stuff used to be spread out across about 10 different classes things have been Consolidated into this file to provide one streamlined app configuration EXP experience so that you can come into this file and get an great overview of the entire configuration of the application without going all over the file system so how does this file work well first we call this with providers method and what this does is tell the application to load all the service providers for our application and anytime we want to create our own custom service provider we can again just use Artis so let's do Artis make provider maybe this is like an invoicing service provider to sort of configure the invoicing section of our application we'll create that and what's cool is let me drop some code in here maybe I'll just do the classic D and D hello world and I don't have to go into any other configuration files to register this provider it's autodetected by the framework so that if I actually hit this larel application you can see that I hit that hello world statement in that provider and larl 10 you would have had to go into your app configuration file locate the provider's array and add it manually into that array and laravel 11 more things are automatically discovered for you by the framework in a more intelligent way so it leads to less configuration file changes and more autodiscovery all right I'm going to get rid of that provider now what about routing you can see in this file that this is where our application's routes are configured and this is where the work that used to be done in the route service provider can be easily configured here and we're leaning hard on Laro conventions here so the web routes of course get all of the webbased middleware things like encrypted cookies sessions csrf protection everything that goes into your traditional web routes in laravel while the API routes typically don't receive those things maybe they receive a rate limiting middleware but they don't receive cookies for example so you can see that the API routes are commented out by default which you know makes sense considering new applications don't have an API routes file but if I bring open my terminal again and run that Artis install API command that we ran earlier we'll let that run and you'll see that laravel will automatically enable that routes file for me within this file so when I run that command it's enabling and disabling these routes on demand based on what my application needs oops sorry about that another new feature of is the health route which you'll notice on line 14 and this simple directive defines a route that you can use for uptime monitoring or as a health check for your container orchestration services and when it's enabled and I hit this URL what will happen is I'll just get a simple status page that lets me know my application is working and again this is just a simple convenience mechanism that you can throw in your favorite uptime monitor or if you're using something like kubernetes to let the system know that your application is healthy and responding and when this route is hit laravel will fire a diagnosing Health event that you can listen to and do other health checks that make sense for your application so for example if you want to check if your database is up or your cash is up you can do that when you listen to that event and throw an exception if it's not which will of course trigger a 500 response from the server letting your tools know that your application is down and of course if you don't want this route at all you can just delete it from your configuration and build your own health route as you you see fit now what if we want to customize how routing is done in a more bespoke way a way that we might have done typically in the route service provider some really heavy customization of how routes are initialized we can do that by registering a then call back and within this closure we can do anything we want we can make route groups anything we need to do within this closure we can do to Define our routes however we want to do so this lets you hook into the entire routing system and customize anything you need for the needs of your application all right what about middleware we can see this with middleware method first let's look in the HTTP directory of this application and you can see that there's actually no middleware directory at all in laravel 11 and it's not there until you actually need it to be there when you create a middleware so the skeleton used to contain nine middleware like I said and I feel like that's just kind of a lot of files to put in a default laravel application it feels kind of heavy it feels kind of bloated um and the only reason many of these files were there is because they had one property on them that could be customized to for example disable csrf protection on one URI or say that one piece of input should not have the Whit space trimmed around um the input value and a lot of these values were never customized by any larel application they were just standard default values that made sense for most applications and there was no need to ever tweak them but what if we do how how would we tweak them in larav 11 and it's super simple using this method I can do lots of different things with the middleware stack in the application so for example I can say middleware validate csrf tokens except these Uris and maybe I put you know no csrf URI here and csrf protection will be disabled for that URI same with trimming strings so I can just do Tim trim strings accept and then I can list the strings that should not have the white space trimmed around their input value so it's really easy to customize that behavior but what if we want to add new middleware to the application how would we do that and let's go ahead and create one again we'll use Artis PHP Artis make middleware maybe we could call it ensure subscribed to make sure our user is subscribed to our application that will put it in the HTTP middleware directory and I like that only the middleware that actually belong to my application are in this directory it's not um it's not muddled in with other core framework middleware I can see my own application sort of shining through the file system without getting distracted by a bunch of core larl framework e things I can just focus on what matters for my app now of course I've got this middleware here uh maybe we put some code here in middleware and maybe we want to add it to the entire web stack so we want to append it to the web stack of middleware so that all web routes receive this middleware what we can actually do is just say middleware web ained and sure subscribed import that class and that should put it on all of the routes in the web stack just that easily of course we could also add this middleware in the routes file by just attaching it to a route directly but if we wanted to do it to the whole stack we could do it from right here we could also do things like pre- pinned the middleware to the middleware stack or we could do a variety of operations to the middleware stack we could prein things maybe appending other things and we can even replace some core laravel middleware like maybe we want to replace the Authentication middleware with our own custom authenticate middleware we can do that right here from this file and what this lets us do is when we come into a new layer Val application we can look at this file to get a quick overview of what's customized about the application how its middleware is set up how its exception handling is set up how its routes are configured and one file to get a good overview really quickly for how the application is configured in a very streamlined way without jumping around to 10 different files [Applause] all right let's see what else in this file the with exceptions method the with exceptions method lets us customize as you might guess the exception handling properties of the application so for example I could say that certain exceptions should not be reported to our exception logging system at all um you know so we should ignore some custom exception that we have in our application we don't want that to go to Century for example for report boing we also Define how certain exceptions are rendered so we could say exceptions renderable some custom exception and we could return some view here for how this exception should be rendered all right so we can customize how the exceptions are rendered and how they're logged we could even send them to some third party monitoring service right from this method now some of you might be thinking what if I don't want to put all of that stuff in this file and what I like about this actually more minimal structure is it gives you more freedom to build the application structure that you want so let's for example go back to the middleware uh method the with middleware middleware method and what if we want to encapsulate all of our middleware configuration into a different file to maybe house that separately from the rest of the application bootstraping because maybe it's a little bit complicated in our case we could actually just make a new class using Lara 11's new make class command we'll make that an invocable class we could call it something like oh let's say actions configure middleware that will drop it in the app actions config configure middleware file and then we could always just new up that file right here and pass it the middleware and let that take care of configuring all the middleware for our application we could house it all within this invocable action so with a new minimal application skeleton you can feel like you have some freedom to sort of build the bootstrapping process that makes sense for you and however much scaffolding that you want around your bootstrapping process and how your application is started you get to choose how heavy that is or how light that is but by default it is Slim modern and streamlined into this singular file where we can see everything that's going on so feel free to enjoy that flexibility as you start building your own laravel applications all right so let's come back to providers for a second I said that there's only one provider in every new laral application and that's the app service provider now what about the other providers where have they gone so for example the broadcast service provider used to be in every default laravel tin application it's no longer needed because the broadcast routes are automatically discovered by the framework when you enable them and the broadcast authentication routes that are used to authenticate a user's access to a channel are also automatically registered when the framework knows that you've enabled broadcasting there's no need for the broadcast service provider at all because it doesn't have any purpose anymore the off service provider again is not needed because authorization policies are also autoed discovered so if we have an authorization policy and we have a corresponding model the framework knows that the policy goes with the model and there's no need to go into a service provider and register it by hand so the entire development feedback loop is much quicker and much more based on autodiscovery what about the event service provider you know this is where we used to list our events and our listeners uh for our application that's also not needed because event Discovery is enabled by default and laral 11 and let me show you what that looks like so if I go into artisan and make a new event maybe podcast processed as it suggests um and then we'll also make a listener for that event uh we'll call this send podcast notification or something and I love how larl prompts give me gives me this drop down here of my available events in this case I just have one and I can just select the event that this listener handles and it will automatically put that event in The Listener file so if I jump into that listener I'll put some code here podcast processed and now for my route I can just dispatch that a bit all right and I don't have to go into any service provider or configuration file to tell laravel where the listener is I should just be able to hit this route and see that the podcast was processed and larabel does this by reading the Ty pin information on our listener so it can see that this listener requests the podcast processed event so it knows where the event needs to be routed to and what listener it needs to go to there's no need for an event service provider to configure those things and of course if you do happen to have some complicated configuration or event registration logic logic that's bespoke and complicated for your application you can always just put it in the app service provider there was nothing magical about having five service providers um it was just sort of bloat that had accumulated over the years but you could always just use the app service provider for anything you need all right that's kind of enough about the app bootstrapping process let's talk about a few other things in laral 11 so let's hop into the database migrations folder and you can see that the migrations have been squashed a little bit so there's users the cash and jobs as the three default migrations and as you might ECT they create the users table as well as a sessions database table a cash table and a cash locks table and our jobs database table and that's because in larav val 11 the database driver is the default driver for cash cues and sessions and this is in keeping with laravel's 11's push for Simplicity the database driver is a great place to start not only for local development but it's robust enough to actually ship into production and get your application actually pretty far in terms of scalability before you have to move to a different option I also really like the database driver for local development because it's very easy to inspect what's in the cash or what's in the queue or what's in the sessions table just by using your database tool that you're already using to look at the rest of your data so you don't need to install any other services like reddis to dig into your queue it's a little bit harder to inspect you can just look at the database and continuing on the topic of databases for new applications when you use the laravel installer the default database system that it will ask you to use will be SQL light and this is only a decision you have to make when you create a new larvel application because what's cool is no matter what database you choose here Lara will automatically configure your environment file for the database that you pick but by default this option will be selecting SQL light which gives us a nice self-contained fast minimal database across all operating systems without needing to install any additional software so it's a great starting point and you might have also noticed when I created this new app that it also selected pest as the default testing framework again this is something that you only have to choose when you create a new app and what's great is in Lara 11 larav will actually automatically detect which testing framework you're using and when I run the make test command it will automatically create the properly formatted test for my testing framework so I choose PHP unit or pest up front and then from then on I can just use Artis make test invoice test for example and in this example it will be created using pest syntax but if I had chosen PHP unit it would have created a PHP unit test without me needing to pass any additional arguments to the make test command it just knows what my application [Applause] needs all right so the last topic I want to cover on the laral 11 application structure is configuration and by default you'll see there is no configuration um so we approach this in a couple different ways we've greatly expanded the use of environment variables and we've added more environment variables to the example environment file so you can now configure things like your fallback application local your application maintenance mode driver and other things directly from this file and that means when you're starting your application you really only have to configure it in One Singular file and not across 10 different configuration files you can get one overall picture of how your application is configured here but what if your application grows and you need those configuration files back maybe you're going to have multiple database Connections in your application and you actually need the database configuration file in your application in order to configure that again let's just use Artis we can use the new config publish command which works great with laravel prompts and it gives me a nice userfriendly scrollable list of all the available configuration files that I can publish so let's pick the database file that will put it right here in my config directory and what's really great about laravel 11 is any of the options I don't need in this file I can actually just remove them entirely and the framework's defaults will be used instead so I only need the configuration options that I'm actually customizing for my application to stay in this file which means I can make the files much leaner and more streamlined for my actual customization needs thanks [Music] now what if I just want all the configuration files back maybe I liked having all those configuration files I can just run artist and config publish D- all and every configuration file will be published to the configuration directory for me to browse through and see what options are available and I can always remove the files I don't need later uh once I've kind of figured out how my application is going to be configured all right so I think that's pretty much everything I wanted to cover in terms of the application structure of Lara 11 hopefully you find it Slimmer leaner more modern and I hope less overwhelming for new developers into the lville ecosystem to not have to learn what 20 different files do in a new lville application it's a more streamlined leaner modern experience I think uh that sets us up for a good the next 10 years of laril development let's say all right so larabel 11 is not just about application structure there are actually new features in this version of laravel and I'd like to dive into some of those now all right so let's clear out everything we've done here and I'm going to switch to another Branch LaRon EU demo all right so I'm going to walk through some of the cool new highlights and laral 11 and show you some of the new things that it can do and I'm going to start with the once function an all-time favorite of mine that is near and dear to my heart I wrote this function back in November of 2016 and put it in a GitHub gist just publicly like hey here's a cool idea that might be neat in laravel um it was eventually turned into a spoty package as all code must be through a ride of P Ride of Passage before it uh goes anywhere else and now we've eventually Incorporated that idea back into the framework because I feel like it is so so helpful and let me show you how it works so in this route I'm newing up an invoice service and then I'm calling this all method twice you can see right there on Lin 21 and 22 and then I'm going to new up the service again to get a new instance and call the all method again on line 27 and let me show you what this method looks like so if I hop into the invoice service you can see that the all method calls this once function which accepts a function and the return value of this closure will be locally cached by the once function for this instance of the service and anytime that I call this again I'll get the same result back out so you can see here we're turning an array of three random strings so what we would expect to happen in this route is we would expect these first two calls to return the exact same array and we would expect this third call to actually return an array of different strings uh because this is a new instance of the service so let's actually hit this route and see what happens all right and you can see here here's those first two dumps we made and you can see they are in fact the same strings in the array and you can see on this third dump that they're different strings because it was a new instance of the service so this once function it's just a really convenient helper for memorizing the results of a function and I find myself using this a lot in form request and QED jobs when I need to maybe retrieve something from the database or do something computationally expensive the once function sort of s saves you from having to make a local variable store the results in the variable store that on the instance return it check if it's been set that whole song and dance is eliminated the want function which I find super helpful and hopefully you do [Applause] [Music] too Tim McDonald has contributed a great new feature uh to laral 11 and it's per second rate limiting so in laral 10 of course you can throttle requests to a certain endpoint using either the cash or redus or some sort of automic Locking System but in laral 10 you could only do that at the minute level of granularity so you could say that I expect this endpoint or I don't want to allow this endpoint to get any more than five requests per minute and how you would do that is let me hop into my app service provider is you would Define a rate limiter and you just give it an arbitrary name of your choosing and you could just say that you know I want to limit this per minute to five requests well similarly now in laral 11 you can say limit per second so there are some applications out there that actually need per second Grand it on rate limiting and if that is you you're in luck in larav val 11 because you can now do that so if we hop back into these routes you can say see that on this first route on line 36 I'm assigning that the per minute rate limiter uh that's the minute route and down here on line 38 on the second route I'm assigning that the lon-2 rate limiter which is at second level granularity for rate limiting so let's actually try hitting these routes so I'll go to the minute route in my web browser and we should be able to hit this a few times before we eventually hit the rate limit of course because we limited it to I think five requests per minute now if we hit the second route we should be able to keep hitting this pretty much indefinitely as long as we don't make one or more than one request per second but if I start trying to hit it really fast you can see that I'm of course getting rate limited down to the per second level so this is a great new feature in larvo 11 for those of you that have potentially very high traffic applications that need per second rate limiting on your API or even on your app itself so thank you Tim for that [Applause] feature this next feature is a very highly requested feature for uh a number of years and let me give you an illustration of what it does so first let's look at our database Cedar and you can see that we have two test users here and I'm going to assign each user 10 block blog posts so just imagine a simple system where we have users users can have blog posts users can have any number of blog posts potentially but these users have 10 a piece and let's imagine we want to load the users from the database and we want to eager load their posts in the same eloquent operation but we want to get the latest post and only the three latest posts for each user so in this case we want to get back the two users and three posts per user that are sorted by the date they posted in laravel 10 this was just not possible at all without requiring an external package actually but in Lara 11 we've integrated the open source work done by Jonas STM in this regard and now it's just built right into the framework so let's go ahead and hit this route and you can see we get the user we get three posts we get the second user and we get their three latest posts as well so it's super simple this is a very common use case actually and I'm super pumped that we were able to get this in larav val 11 and hopefully that makes your life quite a bit easier when you encounter this [Applause] situation now I'm actually going to stay on the topic of databases for a second um did you know that laravel actually has these cool commands built in like model show user and it will actually dump out information about your eloquent model for example all of its attributes what data type they are in the database what relationships the model has any event observers that are registered with the model um there's also the artison DB table command which dumps out information about a specific database table it's just a quick way to sort of inspect your databased table at a moment's notice and sort of remind yourself of what the structure is or what the data types are in the table and if you've ever run these commands on laravel 10 you might notice that it's a little bit different on larav Val 11 on larl 10 when you run these commands you're prompted to install another library before you can continue and that's the doctrine database abstraction library and in larav val 11 we're no longer dependent on this Library so it Slims down your dependencies quite a bit because that's a big dependency to include in your application and now you can inspect your database and even update and change the data types of columns without installing any additional packages because all of that work is now handled natively in laravel itself so we've eliminated that dependency from the framework [Applause] now I want to talk a little bit about Q testing so I recently contributed to feature myself to laravel to make a certain Q testing scenario much easier where is my Q test there it is all right so let's imagine we have this process podcast CU job and if we go into this job if the ID is 123 we'll release the job back onto the queue with a 30second delay so we'll say hey we're not ready to process these jobs yet this job yet try it again in 30 seconds and in Lille 10 there was no way to actually test that this happened in a feature test to test that the job was released back out onto the cube with a certain delay or to test that the job was deleted manually or that it failed manually by the by the developer so I recently contributed a feature to larl 11 to make this super easy um so what you can do is actually in your test you can say that you want this job to have fake Q inter actions so this stubs out the interacts with Q trait that is available on this job and it allows us to test the interactions with those methods so now that I faked those interactions I can just come down here and say job assert released and run that test and we can see that the test passes and of course I can actually pass the delay that I expected there to be and if the delay is not what we expect it to be you can see that the test test fails and it says that we expected the job to be released with a delay of 45 seconds but it was actually released with a delay of 30 seconds so we can correct that behavior so it makes it much easier to test this whereas before you would have actually had to extend the job build a fake release method all on your own keep track of if if it's been called or not it was a real it was a real hassle so this makes it much more streamlined much more efficient to test these applications which weren't testable [Music] before all right let's talk about uh command Lin validation and larel prompts in specifically so I'm going to hop into my routes console file and as you know last year we released larel prompts which was developed by Jess Archer here at laravel really a groundbreaking new CLI Library I would say for PHP and something that really hadn't been done before in the PHP ecosystem to be able to have these very interactive uh beautiful prompts on your command line when you interact with your laravel application so what if you want to use larl prompts and validate the data that a user is typing into your command line application this is how the laravel prompts documentation shows it currently so you pass uh a closure to the validate argument that closure receives the value of this um whatever the user types in on the command line and then you sort of have arbitrary control over what you do from there so for example in this situation I'm saying if the string length is less than three we want to show an error message that the name must be less or at least three characters if it's greater than six we'll say that the name must not be longer than six characters and you can see if we hit this command on the command line um and say for example I do uh you know something really short it will say the name must be at least three characters if I do for example six characters that actually passes the validation but if I do something a little bit longer that actually fails the validation so we can see that that's working but you could imagine as your rules got a little bit more complex if you needed to do more validation this would become a little bit uh of a mouthful to put all of this code in here and it would be a little bit cumbersome well the good news is larl actually has a really awesome validator built in so what if we could just leverage that to you to validate our prompts which is exactly what we can do in laral 11 so we can actually just delete all of this code say name let's actually just shorten this to required Min 3 Max 6 just like we would validate an HTTP request and now let's try this command again you can see that it's working as we expect if the name is too short it tells us it needs to be longer if it's just right it lets us pass the validation [Applause] [Music] so you can actually tap into the full power of the laravel validator from your laral prompts and laral 11 which I think is a super cool new feature all right moving on let's talk about encryption um I want to show you a new feature that I actually recently contributed to assist with encryption key rotation encryption is used on every new request to laravel because every cookie that's added to the response by the framework is actually encrypted and signed uh with an authentication code so you can't avoid using encryption if you're using laravel um of course we're a very security-- minded framework and it's sort of baked into a lot of the core functionality of what we do in terms of session handling and cookie handling now let me go ahead and like register a new user with this application all right so let's go in here I'm going to hit register I've already sort of preceded this form all right we have a new account now let's say we want to rotate our encryption key so the encryption key is the appcore key in our environment file so most of you are probably familiar with this key that is what is used to actually encrypt the data that's the key that is used to perform that encryption now what you'll notice is that if I rotate this key key generate Force to generate a new key and then if we try to hit this application we're actually logged out and that's because when the next request came in laravel was unable to decrypt that cookie because we changed the encryption key so it discarded the cookie as in valid which logged us out of the application and of course that's not very fun for our users uh we don't want them to be logged out of the application if we need to rotate the encryption key this also prevents or presents a problem if we have encrypted data stored in the database so for example let me reive the database and you can see this example I'm pulling a user from the database and if I look at that user model the pass phrase has the encrypted cast on it so that means that when we store this value in the database we want laravel to encrypt it for us when it stores it in the database column and if we look at our database wrong database if we look at our database and we see that passphrase column right here you can see that it is encrypted it's a big long jumbled string of data all right so on this encryption route we're just going to pull the user we're going to pull the passphrase we're going to pretend we do some work maybe during the requests we put the passphrase back on the user we save it back to the database and then we return the original passphrase so let's see if we can actually decrypt this which we should be able to hit the encryption route okay my secret phrase which is what was encrypted into that column now again what if we rotated our encryption key let's go ahead and do that and we can see if we hit the route again we get an error that we were unable to decrypt that data so all the encrypted data stored in our database is now invalid okay yikes uh that's not good um what we really want to do is be able to rotate these encryption Keys gracefully all right and I contributed a featured toara 11 to do just that so let me show you how it works let's hop back into our app get a fresh database on our hands here and let's go ahead and go into the application register all right we're back in let's walk through that original scenario again and see how we could handle it differently with encryption key rotation so I'm going to go back into my application and I'm actually going to duplicate this key to a new previous Keys environment variable all right so I'm going to put the old key there then I'm going to rotate the encryption key just like we did before all right so now if I hit the application you can see I'm not being logged out so how does this work and how it works is when larl encrypts data it will always use the master application key the appcore key but when we decrypt data we'll try the current key first but if it doesn't work we'll try the previous keys that have been configured one of those works and then we'll reencrypt the data using the new key so that everything is gracefully migrated to the new encryption key over time as users hit the application all right it's the same way or it's a similar situation with the application that's stored in the database okay so let's receive the database we have that user pass phrase okay my secret phrase let's try to rotate the key again and see if we can still get this phrase all right so again we'll copy this at previous Keys we will rotate the encryption key and we should be able to still hit this route with no errors and the data was actually saved back to the database using the new encryption key so now it's been updated to our rotated key gracefully and automatically with no errors for our users all right next I want to finish up with one quick feature uh also related to security which is automatically upgrading the bcrypt work factor of your stored passwords I'm sorry we're getting a little bit into the weeds here in terms of security but I think this uh feature will be very valuable to your apps all right fresh database again now if we look into this database and we look at our users table the password column this is a little small I'm not sure if you can see this but right here there's a112 and what that actually means is this is a bcrypt hash bcrypt is a hash for hashing passwords it's a slow hashing algorithm which is great for hashing passwords you actually don't want your password hashing algorithm to be fast because it's easier to brute force your passwords if it's very quick to calculate the hashes so bcrypt is cool because it actually lets you configure how slow it is and that dollar 12 is sort of the work factor it's called of the bcrypt hashing algorithm and you can increase or decrease that based on the computational power over time so as the years go by gpus get faster CPUs get faster you typically want to increase the work factor to match the increasing processor capabilities you know here in the real world so that your applications can't be brute forced so in Lara 11 this can actually be done for you automatically so I'm going to actually register my new user again all right I'm in the system there's my new user record with the 12 work Factor now if I go into my environment file there's actually a new Option of bcrypt rounds and let's bump that up to 13 maybe we think processors are getting a lot faster we want to increase our work Factor now what happens is the next time the user logs into the application the password will be automatically rehashed to use the new work Factor seamlessly without anything needing to be done on you the developer part your passwords are kept up to dat on the latest work Factor configur configured for application as users log in it's all totally [Applause] seamless all right so that is a preview of laravel 11 uh which again we plan to release in early March probably the first week of March I hope you really enjoy the minimal new structure uh it has a more modern lean feel and let you build the application you want while letting your application shine through without a lot of file system bloat so that's an I didn't apparently no I need to get this we need to get this working that's all that happened strangely at the same time B how are you doing good but there's still more to show you you're going to stand there okay so okay at laravel or at LaRon us we introduced laravel herd a new desktop application for Mac that includes everything you need to get started building laravel applications and like I said it doesn't provide any of this through external dependency managers or Docker or Homebrew or anything like that it's all self-contained and herd is an amazing contribution to the lville ecosystem in collaboration with Beyond code but we thought there could be even more that herd could do for your applications so now I'm pleased to introduce you to herd Pro and I'd like to show you some of the cool new features that are available in this new edition of lar all right so the First new feature I want to show you is male debugging I've actually got herd Pro running on my laptop already and you can see in this route I'm just sending an email to the application and let's see what happens when I do that we can see we have a new male debugger built right into laravel herd so as I send emails you can see them coming into this inbox I can actually inspect the emails what they look like all of their headers directly from laravel herd without needing any external tools and it's a really great way to preview these emails without needing to send them to a real [Applause] inbox and you can see here when I don't have any mail I have a nice empty State here that shows me how to configure my application to send emails to larel herd all right so the next thing I want to show you is related to dumps so dump is a popular function in laravel and in herd Pro it can actually intercept intercept your dumps for you and show them to you right there from herd so let's go to this route if I hit dumps you can see of course we get this dump at the top of the screen as you might expect now in herd Pro I can actually bring up a dump whoops not not the mail I can actually bring up a dump server all right let's clear that out and I can just hit this antenna button to start listening for dumps for my application so I can kind of togg of that on and off as I need it and when I dump something it shows up right here in the dump server integrated directly into herd and I can even pin this window on the top of everything else so it's super easy to start debugging these dumps and get them out of your application and of course I can just turn that off when I'm not interested anymore all right herd Pro also has a built-in log viewer so I can open up the logs Tab and I can see all the recent logs for this application and I can even search through my logs in a really easy to use intuitive interface baked right into laravel herd no additional software needed all right so that's laravel herd Pros log viewer now the next feature is something that I think is pretty powerful and that I think a lot of you might enjoy her Pro makes it super easy to interact with X debug and set break points in your code with zero configuration on your part so let me actually open up PHP [Music] [Applause] storm all right so here we go this is the same application we've been looking at if I come into this route maybe we set like a variable here that is a random string all right I'm going to kind of do haves here all right um put my browser on this half all right and then let's come in here and let's set a break point here okay so we want to maybe intercept the larabel applications execution at this point and we'll hit this root route of our application and you'll see that we're prompted if we want to allow this incoming connection from X debug we will accept that and boom we've hit this break point we can actually see of course the contents of this variable as we're stopped right here on this breakpoint you can see my browser is still spinning I can step into this code and sort of debug what is happening in my Lara application with again zero configuration on your part it's just baked right into herd Pro and it works like magic all right let's hit this and we can just go through the entire application and you can see now we got the response all right and again we can come back to our web routes file remove the breakpoint hit the application and we're not stopped at all because the break Point's been removed all right so automatic integration with X debug powerful integration with PHP storm all streamlined and automatic [Applause] awesome so that's a quick preview of heard Pro the best way to develop laravel applications on a Mac but what if you're not on a Mac um I love Mac you know as much as anyone youall know that um but the reality is a lot of our developers are actually on Windows and for a lot of developers around the world buying a Mac is actually not economically accessible they're they're on Windows machines actually the majority of the users that hit the laravel website are on a Windows machine we've heard from develop ERS for years that they want valet for Windows what about Windows you're forgetting about Windows don't just focus on Mac and we've heard you so I just happen to have as one does an extra Windows PC right here in my backpack have it thank you here is golden yeah all right so let me let this boot up all right here we go am I on Windows yet all right welcome to Windows all right we can see here if I go to my taskbar and I'm pleased to show you for the first time herd for [Music] Windows all of the same features you're used to in the Mac version even the herd Pro features that I showed you earlier are in this new herd for Windows and just like the Mac version everything is bundled into herd there's no need for Docker there's no need for any external package manager you buy a new Windows laptop you install laravel herd and you're ready to start developing laravel applications and you can see here if I open up my edge browser that laravel doest pulls up the laravel application just like herd or valet would it's an incredibly productive development experience and I think will be an awesome contribution to the windows PHP community and I'm happy to announce that herd for Windows will be coming out next month with laral 11 but the herd Pro is available today so you can go to the herd website and check that out immediately and start enjoying that all right I'm going to switch back to my Mac that's not a Windows disc but I just know the rest of the presentation's on the Mac all right I've got one more thing I'm sorry I know it's been a long talk let's wrap up here finish strong so before I wrap up the last thing I want to show you um and to preface this about 8 years ago we launched a library called laravel Echo and laravel received the event broadcasting feature in the framework and event broadcasting lets you broadcast your PHP events to the front end to build real-time applications and we use this extensively on things like laral Forge and laral Vapor to give real-time updates as your deployment is happening of course you get the output of the deployment as it's happening or you get the status of your server provisioning as it's actually happening that's powered by event broadcasting and laravel Echo C now laravel's event broadcasting capabilities work with a couple of different backends so right now on the larel documentation we have official integration with Pusher and a which are both commercial serverless applications for using websockets great Solutions but it's always bothered me that we didn't have our own laravel maintained first-party open source websocket server so today I'm happy to introduce you to laravel reverb so if you go to the Reverb website you can start sending me some emojis here this is all powered by Reverb you can send those in real time to each other larabel reeverb is a extremely powerful and blazing fast websocket server for PHP of course it's Pusher protocol compatible so it works immediately with with laravel Echo and it's built for scale it's the first PHP websocket server to be horizontally scalable using reddis Pub sub so you can scale thank you so you can scale Your websocket solution across multiple servers to handle tons of connections for your app this is actually running on a very small singular web server and you can see that we're not struggling at all to handle all of these emojis so larabel Reverb will be coming next month with laral 11 about four weeks away I'm not going to dig into the details of laravel Reverb but you don't have to wait long because in the morning Joe Dixon the author of Reverb is going to give you the full tour of laravel Reverb and everything that comes with it which I hope that you'll definitely [Music] enjoy so larl 11 slim modern lean new skeleton for the future herd herd Pro and herd for Windows the best PHP development experience anywhere and Reverb coming soon next month I hope you enjoy all of these new things let's go have a drink and hang out thank [Applause] you [Applause] I have questions let me just go there actually a lot Cherry Peck some okay because people are craving for a beer so first of all Gus yep pretty sure that you know that guy he's asking why does the config install not know about the database that I'm using so it only CHS sqlite in my SQL options we show postris and SQL server sqlite and MySQL so there's four options out of the box and they'll configure automatically based on what you choose Co it's working that's frak so last one Euro Dev is asking what about Linux next year next year next year

Info

Channel: Laracon EU

Views: 49,573

Rating: undefined out of 5

Keywords: laracon, laravel, php, laraconeu, herd, herd windows, taylor otwell

Id: 0g7HqfsCX4Y

Channel Id: undefined

Length: 70min 47sec (4247 seconds)

Published: Fri Feb 23 2024