Skip to content

Latest commit

 

History

History
142 lines (112 loc) · 5.01 KB

bridge-http-request.md

File metadata and controls

142 lines (112 loc) · 5.01 KB

HTTP Request

Request

Running as middleware, Yii will process "GET" and "POST" requests fine. However, you may experience problems with other HTTP request methods like "PUT", "DELETE" and so on. This happens because PHP allows reading of raw input stream only once and this reading is performed by Laravel as it starts to function first. In order to avoid the problems you can use \Yii2tech\Illuminate\Yii\Web\Request component. Application configuration example:

<?php

return [
    'components' => [
        'request' => [
            'class' => Yii2tech\Illuminate\Yii\Web\Request::class,
        ],
        // ...
    ],
    // ...
];

This component will pick up input, files and raw body from Laravel request, avoiding data loss. Its usage will also grant you all benefits provided by Laravel middleware like \Illuminate\Foundation\Http\Middleware\TrimStrings, \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull and so on.

In addition, \Yii2tech\Illuminate\Yii\Web\Request provides some methods from \Illuminate\Http\Request, which might be useful inside Yii application:

  • all() - returns all of the input and files for the request as a single array.
  • validate() - runs Laravel validation on request data.

Response

Usage of \Yii2tech\Illuminate\Yii\Web\Request along is not enough to create graceful integration with Laravel. In order to get benefits from all middleware, Yii response should be converted into a Laravel one. This task is handled via \Yii2tech\Illuminate\Yii\Web\Response component. Application configuration example:

<?php

return [
    'components' => [
        'response' => Yii2tech\Illuminate\Yii\Web\Response::class,
        // ...
    ],
    // ...
];

This component creates and fills up \Illuminate\Http\Response instance instead of sending its content to the browser. Created Laravel response will be automatically picked up by \Yii2tech\Illuminate\Http\YiiApplicationMiddleware and returned as its handling result, allowing postprocessing by other middleware in the pipeline.

In addition, usage of \Yii2tech\Illuminate\Yii\Web\Response allows returning of the response, generated by Laravel, from the Yii controller. For example:

<?php

use \Yii2tech\Illuminate\Yii\Web\Response;

class FooController extends \yii\web\Controller
{
    public function actionFoo()
    {
        // ...
        return Yii::$app->response->setIlluminateResponse(redirect('foo/create')->withInput());
    }
    
    public function actionBar()
    {
        // ...
        return new Response(['illuminateResponse' => response()->json(['bar' => $bar])]);
    }
}

Heads up! Remember that you can not return \Illuminate\Http\Response instance directly from controller action. You should always wrap it into \Yii2tech\Illuminate\Yii\Web\Response for the correct processing.

CSRF Validation

Both Yii and Laravel provides cross-site request forgery (CSRF) protection. However, CSRF tokens generated by them will be different. Make sure generation and verification of the CSRF token for particular form is performed by same framework. E.g. controller action, which renders form, and controller action, which handles form submission, should both belong to Yii or both belong to Laravel.

In case you are using both \Yii2tech\Illuminate\Yii\Web\Request and \Yii2tech\Illuminate\Yii\Web\Response, you can utilize \Illuminate\Foundation\Http\Middleware\VerifyCsrfToken middleware to handle CSRF protection for Yii requests. To be able doing so, enable \Yii2tech\Illuminate\Yii\Web\Request::$useIlluminateCsrfValildation and set \yii\web\Request::$csrfParam to '_token'. Application configuration example:

<?php

return [
    'components' => [
        'request' => [
            'class' => Yii2tech\Illuminate\Yii\Web\Request::class,
            'useIlluminateCsrfValildation' => false,
            'csrfParam' => '_token',
        ],
        'response' => Yii2tech\Illuminate\Yii\Web\Response::class,
        // ...
    ],
    // ...
];

Cookie encryption

Both Yii and Laravel provides means for Cookie encryption. Note, however, that you can not use them both simultaneously. It is better to keep Cookie encryption done by Laravel via \Illuminate\Cookie\Middleware\EncryptCookies. This will be possible in case you are using both \Yii2tech\Illuminate\Yii\Web\Request and \Yii2tech\Illuminate\Yii\Web\Response. Just remember you need to disable \yii\web\Request::$enableCookieValidation, so Yii application configuration will look like following:

<?php

return [
    'components' => [
        'request' => [
            'class' => Yii2tech\Illuminate\Yii\Web\Request::class,
            'enableCookieValidation' => false,
        ],
        'response' => Yii2tech\Illuminate\Yii\Web\Response::class,
        // ...
    ],
    // ...
];