search

Nexmo / nexmo-laravel

Add Vonage functionality such as SMS and voice calling to your Laravel app with this Laravel Service Provider.
MIT License
317 stars 79 forks source link

Add ValidSignatureRequest form request #31

Closed mheap closed 2 years ago

mheap commented 5 years ago

This allows customers to type hint on \Nexmo\Laravel\ValidSignatureRequest in any route and their application will automatically validate any webhook requests using their signature secret

If the user wants more control, they can use the nexmo_signature validation rule when calling Validation::make()

lornajane commented 5 years ago

I'm not really sure how to evaluate this. I can test that it works but I'm not Laravel enough to know if this is an expected feature - I haven't seen a pattern like this before and would personally avoid it as it could be tricky to understand/extend/debug. Can anyone else provide more useful input? @cr0wst or @afolson might have more context ...

dragonmantank commented 5 years ago

I'm not really sure how to evaluate this. I can test that it works but I'm not Laravel enough to know if this is an expected feature - I haven't seen a pattern like this before and would personally avoid it as it could be tricky to understand/extend/debug. Can anyone else provide more useful input? @cr0wst or @afolson might have more context ...

I've seen this general pattern with Route Model Binding, so I'm guessing this is an extension (I want to say exploitation but the magic inside Laravel is still a mystery to me) of that same thing.

Laravel also supports type hinting for method injection on controllers, so we're just injecting that object automatically. Overall this seems fine.

cr0wst commented 5 years ago

I'm not really sure how to evaluate this. I can test that it works but I'm not Laravel enough to know if this is an expected feature - I haven't seen a pattern like this before and would personally avoid it as it could be tricky to understand/extend/debug. Can anyone else provide more useful input? @cr0wst or @afolson might have more context ...

I've seen this general pattern with Route Model Binding, so I'm guessing this is an extension (I want to say exploitation but the magic inside Laravel is still a mystery to me) of that same thing.

Laravel also supports type hinting for method injection on controllers, so we're just injecting that object automatically. Overall this seems fine.

I just got an email notification about this and also wanted to chime in! I'd say what we're doing here is a mix of https://laravel.com/docs/5.6/validation#creating-form-requests by providing them with a custom FormRequest that has validation rules on it. And then defining a custom rule in NexmoServiceProvider.