-
Notifications
You must be signed in to change notification settings - Fork 3
Bonus steps
Q: What could be better than reinventing the wheel?
A: Simple, reinvent it, figure out how to make it work and then discover other systems that already exist that allow you to solve the problem faster, more completely and more safely.
Below are some bonus steps you can follow and implement to improve the code you've written so far using classes and methods offered by the framework or other libraries
Uses Traits to set the user_id in creation of posts and comments automatically, without having to manage it in every Controller function.
Use the Gates and Policies to authorize the modification and deletion of posts and comments so that they can be modified and deleted only by their creator.
Bonus of bonuses: use JWT tokens instead of a randomly-generated, self-managed and preatty weak access token.
To do so you will altso probably need to write out some new endpoints, like logout and refresh.
I recommend using jwt-auth library.
Tokens will no longer be saved to DB (so, you probably won't need users.api_token anymore), but cached, which by default in Lumen is managed locally: you might think of introducing Redis into your project and use it as a cache driver.
The registered user who is a Premium subscriber can, in addition to what the registered user can do, edit and delete their own comments.