Now, let's talk about validation. What happens if the user doesn't pass anything?
First, let's see what we get if we don't send the name
field.
We get a 500 error code and a SQL error message, which is also a security issue. We don't want customers to see the actual error.
For the backend part, we can validate the regular way using Form Request.
php artisan make:request StoreCategoryRequest
app/Http/Requests/StoreCategoryRequest.php:
class StoreCategoryRequest extends FormRequest{ public function authorize(): bool { return true; } public function rules(): array { return [ 'name' => ['required'] ]; }}
app/Http/Controllers/Api/CategoryController.php:
use App\Http\Requests\StoreCategoryRequest; class CategoryController extends Controller{ // ... public function store(Request $request) public function store(StoreCategoryRequest $request) { $category = Category::create($request->all()); return new CategoryResource($category); }}
Now, we see a better result that can be shown...