Posted inLaravel

Mastering Laravel Routing – Part 1

aravel Laravel Views & Blade Templates – Beginner’s Guide

What is a Route?

In Laravel, a route is a rule that tells the framework:

“When someone visits a certain URL (URI), run this code.”

Example:
If someone visits /about, show them the “About” page.

URI and Closure Explained

URI (Uniform Resource Identifier)

This is the path in the browser after your domain name.

Examples:

  • /abouthttps://example.com/about
  • /contacthttps://example.com/contact

Closure

A closure is a function written directly in the route definition (also called an anonymous function).
Instead of pointing to a controller, you can write the response right in the route.

Example:

use Illuminate\Support\Facades\Route;

Route::get('/hello', function () {
    return 'Hello World!';
});

Here:

  • /helloURI
  • function () { return 'Hello World!'; }Closure

No Complicated Config Files

Some older frameworks required you to define routes in large XML or config files.
Laravel avoids that.
Just open:

routes/web.php

and write your route in plain PHP.

The Default Route Files in Laravel

In Laravel, all application routes are stored in special files inside the routes directory. Laravel automatically loads these files based on the configuration in bootstrap/app.php, so you don’t need to include them manually.

routes/web.php

  • This file is specifically for web interface routes — routes that return HTML views, handle form submissions, etc.
  • All routes in this file are automatically assigned the web middleware group, which provides important features:
    • Session state → Keeps track of user data between requests.
    • CSRF protection → Prevents cross-site request forgery attacks.
    • Cookie encryption → Secures cookies sent to the browser.

How It Works

  • When you define a route in routes/web.php, Laravel automatically makes it available in your application.
  • You can access that route by entering its corresponding URL in your browser.
  • The URL’s path (like /user) determines which route is matched and which code is executed.

Key Point

For most web-based Laravel applications, web.php is the main place to start defining routes, as it is designed to handle browser-based interactions securely and efficiently.

Explanation of Flow:

  1. Browser Request → User types a URL or clicks a link.
  2. Laravel Kernel → Initializes the framework and prepares to handle the request.
  3. Load Route Files → Laravel automatically loads routes from the routes directory (web.php for web requests).
  4. Match URI → Laravel checks which route matches the requested URL.
  5. Apply Middleware → Adds features like session handling, CSRF protection, and cookie encryption.
  6. Run Code → Executes the logic defined for that route.
  7. Send Response → The result is sent back to the browser.

Here’s a short tutorial version of that content:

Laravel API Routes Overview

If your Laravel app needs a stateless API, you can enable API routing with:

php artisan install:api

This command:

  • Installs Laravel Sanctum for simple yet secure API token authentication.
  • Creates routes/api.php for defining API routes.

Defining an API Route

Example from routes/api.php:

Route::get('/user', function (Request $request) {
    return $request->user();
})->middleware('auth:sanctum');
  • Routes here are stateless and use the api middleware group.
  • All routes automatically get the /api prefix (e.g., /api/user).

i) Stateless Routes

  • Stateless means these routes don’t use sessions or cookies to remember user state across requests.
  • Each request must carry its own authentication credentials (like API token, Sanctum token, or JWT).
  • Useful for APIs because clients (mobile apps, third-party apps, SPAs) should not rely on server-side sessions.

Example:

// routes/api.php
Route::get('/users', [UserController::class, 'index']);

When calling /api/users, Laravel won’t track session data for that request.

ii) API Middleware Group

  • Laravel has a default middleware group called api, defined in app/Http/Kernel.php.
  • It includes middleware like:
    • throttle:api → rate limiting (to avoid abuse).
    • SubstituteBindings → enables route model binding.
    • No session state middleware (that’s why it’s stateless).

So when you put routes inside routes/api.php, they automatically get wrapped in the api middleware group.

Changing the API Prefix

Modify in bootstrap/app.php:

->withRouting(
    api: __DIR__.'/../routes/api.php',
    apiPrefix: 'api/admin'
)

Now /api/user becomes /api/admin/user.

Flow Summary:

  1. Client sends request → SPA, mobile app, or API consumer calls an endpoint like /api/user.
  2. Laravel routes/api.php → Laravel automatically applies /api prefix and loads the correct route.
  3. API Middleware Group → Ensures the request is stateless, usually returning JSON.
  4. Sanctum Auth → Checks for a valid API token or authenticated session.
  5. Route Logic Runs → Your code processes the request.
  6. Response Sent → Client gets a JSON response.