api: [L5] Request validation breaks router

If I make input validation on a request using a request class like so

<?php namespace App\Http\Requests;

use App\Http\Requests\Request;

class LoginRequest extends Request {

    /**
     * Determine if the user is authorized to make this request.
     *
     * @return bool
     */
    public function authorize()
    {
        return true;
    }

    /**
     * Get the validation rules that apply to the request.
     *
     * @return array
     */
    public function rules()
    {
        return [
            'email'    => 'required|email' ,
            'password' => 'required'
        ];
    }

}

it breaks the router on invalid input. The request class will issue a RedirectResponse and the Dingo router is expecting a normal Response resulting in the following exception being thrown.

Argument 1 passed to Dingo\\Api\\Http\\Response::makeFromExisting() must be an instance of Illuminate\\Http\\Response, instance of Illuminate\\Http\\RedirectResponse given, called in \/home\/vagrant\/code\/traede-l5\/vendor\/dingo\/api\/src\/Routing\/Router.php on line 551 and defined

I don’t know if changing the type hinting to Symfony\Component\HttpFoundation\Response and dropping the getOriginalContent for a getContent is a valid solution. I tried it out and it seemed to work, however I did not thoroughly test it.

Dingo\Api\Http\Response

public static function makeFromExisting(\Symfony\Component\HttpFoundation\Response $old)
    {
        $new = static::create($old->getContent(), $old->getStatusCode());

        $new->headers = $old->headers;

        return $new;
    }

About this issue

  • Original URL
  • State: closed
  • Created 9 years ago
  • Comments: 32 (16 by maintainers)

Most upvoted comments

Haha oh god, not that bloody EU cookie law stuff! Ridiculous.

Oh and @lightvision, that said, I don’t encourage you to authenticate a user then save that state. As far as authentication goes an API should be stateless. I do think there are people that would want to disable cookies completely though. So I might add a way for people to do that should they want to.

+2
jasonlewis on Jul 17, 2015

@Anahkiasen turning that into a trait which could then be added to the base form request might be even better.

That would make it easy to implement and doesn’t require extending the base.

something like this


trait ApiRequestTrait
{
    /**
     * {@inheritdoc}
     */
    protected function failedValidation(Validator $validator)
    {
        if($this->is(config('api.prefix') . '/*')) {
            throw new ResourceException('Invalid request', $validator->getMessageBag());
        }

        parent::failedValidation($validator);
    }
}
+2
tomschlick on Jun 26, 2015

I understand, but if I’m going to be supplying the code in the docs I might as well supply a simple base API form request in the code. I’ve gone ahead and added it. It’s very simple, but will suit many use cases and will no doubt be fine for the majority of users.

It’s located at: Dingo\Api\Http\FormRequest

Docs have been updated.

+1
jasonlewis on Aug 3, 2015
Read more comments on GitHub
← api: Internal routing bug: doesn't work with middleware
api: Laravel 5 Controller not found →