Skip to content
Hexium

Guidelines

Authorization

  • Use the Gate facade to authorize an action in controllers.

Controller

  • Use response()->json() to return a response (when not returning a resource or collection).
    • Use the HttpCode class to set the status code json(status: HttpCode::OK).

Model

  • Always use Model::shouldBeStrict(). This prevents three things (more details) :
    1. Lazy loading
    2. Silently discarding attributes
    3. Silently discarding attributes

Request

  • Delete the authorize method if you don’t need it, as the default value is already true.
  • Name your request file with the controller name followed by the method name it’s used for.
    • UserStoreRequest if you need a request in your UserController for the store method.
  • Use array notation ['required', 'string', 'max:20'] rather than the string notation required|string|max:20 as it’s easier to apply custom rules if needed.
  • All custom validation rules must use snake_case.

Resource

Routing