laravel route api request working without any restriction for method

1
votes

I am a beginner in laravel framework, and while i am building a simple api routes i have faced a problem which is : I have created in api.php

Route::resource('userss','User\UserController');

User controller has standard api methods (index,store, show etc..) after that i listed the routes with this command :

php artisan list:route

and i have got the results as in the below image

enter image description here

route/api.php

use Illuminate\Http\Request;
Route::resource('userss','User\UserController');

UserController.php

namespace App\Http\Controllers\User;
use App\Http\Controllers\Controller;
use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Validator;

class UserController extends Controller
{

public $successStatus = 200;
public $appNameToken = 'stiskAppNameToken';
/**
 * Display a listing of the resource.
 *
 * @return \Illuminate\Http\Response
 */
public function index()
{
    //

    $users = User::all();
    return response()->json(['data'=> $users],200);
}

/**
 * Show the form for creating a new resource.
 *
 * @return \Illuminate\Http\Response
 */
public function create()
{
    //
}

/**
 * Store a newly created resource in storage.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return \Illuminate\Http\Response
 */
public function store(Request $request)
{
    //


    $rules = [
    'name' => 'required|min:4',
    'username' => 'required|min:4|unique:users',
    'email' => 'required|email|unique:users',
    'password' => 'required|min:4|confirmed',
    'status' => 'required',
    'dept_id' => 'required'

    ];

    $this->validate($request,$rules);

    $data = $request->all();
    $data['password'] = bcrypt($request->password);
    $data['verified'] = User::USER_VERIFIED;
    $data['verification_token'] = User::generateVerificationCode();

   $user = User::create($data);
   return response()->json(['data' => $user],201);
}

/**
 * Display the specified resource.
 *
 * @param  int  $id
 * @return \Illuminate\Http\Response
 */
public function show($id)
{
    //
    $user = User::findOrFail($id);
    return response()->json(['data'=>$user],200);

}

/**
 * Show the form for editing the specified resource.
 *
 * @param  int  $id
 * @return \Illuminate\Http\Response
 */
public function edit($id)
{
    //
}

/**
 * Update the specified resource in storage.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  int  $id
 * @return \Illuminate\Http\Response
 */
public function update(Request $request, $id)
{
    //
}

/**
 * Remove the specified resource from storage.
 *
 * @param  int  $id
 * @return \Illuminate\Http\Response
 */
public function destroy($id)
{
    //
}

}

But the problem now is every time i make a request from postman to mylocal.test/userss/ with different methods (PUT,POST,GET etc..) i got a list of the users ( index methods executed!)

what is the problem? why all methods requests are going to execute @index method body.

I already handled MethodNotAllowedHttpException in render function but no way

is suppose that Route::resource('userss','User\UserController'); handling such that problem? and route my request to a correct method in my controller?

Update: The problem i think was in postman or my local web server Also after using Authentication you will not face this problem thanks for you all

3
phplaravelpostman
all Route::resource does is register those routes you are showing, that is alllagbox
Do you maybe have a wildcard route before this resource that catches all the requests and returns list of users? Sharing the web.php content might help more. And the controller code won't hurt to be shared :)nakov
@Fadi Ramzi, Would you please to show your Controller as well?Wee Hong
kindly show you store function of UserController.fahim152
@lagbox yes i know, but i couldn't find the problem :(Fadi Ramzi

3 Answers

1
votes

It should have a api/ in front of the URI if you are defining the route in api.php correctly.

Would you please double check?

+--------+-----------+--------------------------+----------------+--------------------------------------------------+--------------+
| Domain | Method    | URI                      | Name           | Action                                           | Middleware   |
+--------+-----------+--------------------------+----------------+--------------------------------------------------+--------------+
|        | GET|HEAD  | /                        |                | Closure                                          | web          |
|        | GET|HEAD  | api/user                 |                | Closure                                          | api,auth:api |
|        | GET|HEAD  | api/userss               | userss.index   | App\Http\Controllers\User\UserController@index   | api          |
|        | POST      | api/userss               | userss.store   | App\Http\Controllers\User\UserController@store   | api          |
|        | GET|HEAD  | api/userss/create        | userss.create  | App\Http\Controllers\User\UserController@create  | api          |
|        | GET|HEAD  | api/userss/{userss}      | userss.show    | App\Http\Controllers\User\UserController@show    | api          |
|        | PUT|PATCH | api/userss/{userss}      | userss.update  | App\Http\Controllers\User\UserController@update  | api          |
|        | DELETE    | api/userss/{userss}      | userss.destroy | App\Http\Controllers\User\UserController@destroy | api          |
|        | GET|HEAD  | api/userss/{userss}/edit | userss.edit    | App\Http\Controllers\User\UserController@edit    | api          |
+--------+-----------+--------------------------+----------------+--------------------------------------------------+--------------+

I cloned the controller you posted but everything is working fine.
Please refer to the screenshot below.

enter image description here

enter image description here

0
votes

the problem is not from the Route::resource() because all it does is register them for the methods but to check anyways try registering the POST or any other method manually.
what i think the problem would be is the Controller so if you could share the code of the controller that you have it would be helpfull.

0
votes

when you execute GET request with postman to url mylocal.test/userss/ you gonna get all the users, because /userss is linked to controller function index, if you want to create user you should use /userss/create POST request, for update ussers/{user_id} PUT or PATCH method and so on. From the routes list you can see clearly method and route endpoint.

Best luck.