2_1_Overview - OpenISDM/VMS GitHub Wiki

Volunteer management system (VMS) backend is built on Laravel 5.2 and PHP 5.6 above and implements by Model-View-Controller architecture. However, VMS contains model and controller. The view is in VMS-frontend repository.

The VMS backend uses Composer for managing PHP dependencies. The composer.json defines the package dependencies. The composer.lock provides version specified. The more details about composer.json and compose.lock are in Composer Basic usage.

Authentication

VMS uses username and password for authentication. After a client logins, the client gets a validated token which is generated via JSON Web Token (JWT) from VMS backend. The client will send a request to protected endpoints with the token. The HTTP middleware api.auth which is defined by Dingo API Authentication validates the token. In addition, the token is able to get the client's identification via getVolunteer() or getUser() in App\Services\JwtService class.

Authorization

VMS provides authorization to allow or restrict users to access resource. For example, a user creates a project, only the user is able to update/delete the project. The authorization mechanism is implemented with policies and Gate by Laravel Authorization .

Dependency packages

dingo/api

The package provides to build RESTful API, including JSON response with Transformer, API versioning and so on.

• Project: https://github.com/dingo/api

thephpleague/fractal

The package provides a transformation layer for JSON response. The dingo/api also uses the package.

• Project: https://github.com/thephpleague/fractal
• Documentation: http://fractal.thephpleague.com/

tymon/jwt-auth

The package provides authentication via JSON Web Token (JWT).

• Project: https://github.com/tymondesigns/jwt-auth

barryvdh/laravel-cors

The package provides Cross-Origin Resource Sharing (CROS) HTTP headers support.

• Project: https://github.com/barryvdh/laravel-cors