August 25, 2020 / PovilasKorop Laravel has a great out-of-the-box Auth system, but surely we need to customize things here and there. For some of them, no need to look for external packages or write a lot of custom code, let’s explore what interesting abilities are hiding under the hood of Auth. Tip 1. Auth::routes() Parameters We all probably know the method Auth::routes() that comes from the Laravel UI package (before Laravel 7, it was included in the core). But did you know it may accept an array of parameters to enable/disable certain Auth routes? As of Laravel 7, here are possible parameters, with their default values: Those parameters just enable or disable some routes. To understand how they work, you can look at the file AuthRouteMethods in Laravel UI: Tip 2. Laravel UI: Generate Controllers Only The official documentation specifies this main way of using Laravel UI: But what if you don’t need the visual UI? What if you’re creating only an API-based project, and you don’t have any front-end on the Laravel side? You can still use Laravel Auth and its Controllers. Install Laravel UI package and run this: It will generate only app/Http/Controllers/Auth contents, so you don’t need Blade/Vue files to use them. See the implementation of this Artisan command in Github repository. Tip 3. Re-Confirm Password for Important Settings Have you ever maintained a Github repository, and tried to change its access settings? Then Github asks you to re-enter your password again, just to make sure it’s you. Since Laravel 6.2, we also have that feature in the framework. All you need to do is...
Alexander Andersson 2020-02-12 Cyber Security Insecure deserialization is a common vulnerability (OWASP TOP10) that very often leads to arbitrary code execution. Today, I’m going to explain how to turn a seemingly harmless deserialization into code execution. This recently came in handy for me in a penetration test of a PHP/Laravel based application. Before we jump down the rabbit hole, I’ll shortly explain the misconfigurations that allowed me to exploit the vulnerability in the first place. Laravel is weirdly helpful when APP_DEBUG is enabled. It should never be used outside a local dev environment. Errors will not only print out a really fancy error message with the entire stack trace, but also include all environment variables of the application account. That’s not something you want, since environment variables very often contain secrets. In a Laravel application, a variable named APP_KEY is used as the encryption secret for all symmetric encryption within the application. The app key was however not included in the error message. A reasonable explanation would be that it is simply not defined as a environment variable but instead hard coded or inserted in the source code at some point in the pipeline. There was however a few interesting secrets in the environment variables. Among them an AWS key ID and corresponding secret. I knew the target made use of S3 so I put together a script that retrieves directory list of the files I can access. for bucket in $(aws s3 ls | cut -d " " -f 3); do aws s3 ls s3://$bucket --recursive > ./$bucket.txt; done; One of the buckets was particularly interesting, it served...
Healthcare IT Company App Development The services of mPatientCare can help any other healthcare IT company too. We have been working in the field for several years and have engaged in multiple healthcare website developments as well as healthcare mobile app development projects. So, we have complete expertise in healthcare mobile app development. We understand all the rules and compliances that need to be followed in order to build a healthcare app. We have worked with clients around the world,so we are aware of the international norms and standards that need to be followed. These are the things that make us unique and the best healthcare IT company in the market today. You can check out the following reasons that would convince you to use the services of mPatientCare today! 1. Outsource Your Work to The Best People in The Market: When you outsource your work to mPatientCare, you can be assured that you are working with top healthcare IT company with the latest technology and a highly skilled workforce. We are a team of highly enthusiastic healthcare IT developers who leave no stones unturned to design extremely impressive apps and websites. Our numerous satisfied clients can easily attest to the fact that we are a trusted healthcare IT company India. Therefore, you will get exactly what you want when you avail our services. Our team gets deeper into each project and understand the unique requirements of each client before starting the work on the project. So, it will be a very pleasant experience for you when you work with mPatientCare. 2. Save Time : If you avail our...
Blazor and ASP.NET Core Get Faster in .NET 5 When looking at the updates to web development in the new .NET 5 milestone release, one thing stands out: speed. “ASP.NET Core in .NET 5 is the fastest .NET web framework we’ve ever shipped!” said Microsoft this week in highlighting improvements to the web-dev component of the unifying .NET 5 framework. ASP.NET Core, the open source, cross-platform successor to ASP.NET (part of the old .NET Framework), is also where Blazor lives, providing a C# option for web development. It allows for full-stack web development via two components: Blazor WebAssembly for the client side and Blazor Server for the server side. The red-hot project has been garnering a lot of attention in the Microsoft-centric development ecosystem and has seen steady performance increases. “For .NET 5, we made significant improvements to Blazor WebAssembly runtime performance with a specific focus on complex UI rendering and JSON serialization,” Microsoft said in the release notes for .NET 5. “In our performance tests, Blazor WebAssembly in .NET 5 is two to three times faster for most scenarios.” As shown in the charts below, the focus on JSON handling paid off well, along with grid rendering performance. [Click on image for larger view.] JSON Handling (source: Microsoft). [Click on image for larger view.] Grid Rendering (source: Microsoft). Microsoft previously explained the team improved runtime code execution in Blazor WebAssembly in .NET 5 over v3.2 with optimizations of the core framework libraries and improvements to the .NET IL interpreter. Along with JSON handling, that speeds up things like string comparisons, and dictionary lookups. And those Blazor speed improvements...
Today, the mobile app market is booming. Some companies fight for users, others build apps using React Native and hold all the hype. choose this framework for creating their applications. To enlist a few: Facebook, Skype, Tesla, Uber, Walmart, Salesforce and so on. But why is it so popular? What benefits do apps and websites built with React Native bring to businesses and users? Keep on reading to find out. What is React Native? React Native has turned the developers’ lives upside down. Its first release for iOS was in March 2015 on GitHub. Then in September, React Native for Android came out and made it a truly cross-platform framework. Since then, React Native keeps growing its community and the number of . For example, in March 2020, it got 2075 contributors on GitHub. Surprisingly how Facebook’s internal Hackathon project grew into a competitive cross-platform framework. So, what is actually React Native? To make things clear: it isn’t a special template language. React Native is a UI component library made of React using JavaScript. These components convert the code into Android and iOS views as they can “talk” with native APIs. What does it mean for a business owner? The dev team works faster and uses the same code for different platforms. The iOS and Android versions are developed simultaneously. Besides, the websites built with React Native are also growing their popularity. What does it mean for a user? The apps using React Native provide you with a native-like experience. Despite the platform, the app will run equally on Android and iOS devices. Why Is React Native So Popular?...
Server-Side Scripting: Back-End Web Development Technology Internet is super exciting. A lot of stuff happens when as user you make a request to URL, lots of code is at work to bring a page requested by you. What connects actually your App’s database to the browser? That’s the program built by server-side scripts; Server-side language build your site behind the scenes. The goal of the server-side language is to provide a smooth experience for a user. There are innumerous server-side scripting languages effective in reaching the end goal. The server-side programming language you select depend on the preferences of your development team and the project requirements such as your database/operating system setup. Being aware of what each server-side scripting language can offer what is unique is deciding your backend technology, and whom to hire for these tasks. Let’s take A LOOK AT YOUR WEBSITE’S BACK END The back end is made up of three parts: the server, the database, APIs, and a back-end web application written using server-side languages. For instance, if a user is updating a password on web application, the server-side scripts will collect the information the user enters, the application will process that information on the back-end server, then will interact with the database to update that information. The backend web developers use server-side scripting language to develop back-end application and this language in turn communicates between user, server, and database. Anything that is explicitly written goes into the text markup of a website which is the front-end or back-end software. When user request an Edit, delete and update (For Example, the fields in menus, photos,...
mobile app development singapore,web development singapore,web application singapore,mobile application developer singapore,web design singapore,mobile application development singapore,singapore web development,singapore app developer,mobile apps singapore,singapore mobile application developer,mobile app developer singapore,website design singapore,singapore web design,mobile apps development singapore,ios app development singapore,web development company singapore,ruby on rails developer singapore,developer in singapore,singapore website design,singapore web design services,app development singapore,website developer singapore,mobile game developer singapore,mobile developer singapore,design firms in singapore,website development singapore,developers in singapore,graphic designer in singapore,web design services singapore,singapore mobile app developer,design agency singapore,web design company singapore,android developer singapore,web designer singapore,ios developer singapore,app developer singapore,website designer singapore
