A Laravel API boilerplate with Firebase Storage integration designed to accelerate your application development with pre-configured authentication, file storage, and API structure.
- Features
- Requirements
- Installation
- Configuration
- Deployment
- API Documentation
- Troubleshooting
- License
- RESTful API Architecture - Well-structured API endpoints with consistent response formats
- Advanced Rate Limiting - Customizable rate limiting for different API actions (read, write, delete)
- Firebase Storage Integration - Secure file uploads for user profiles and post attachments
- Authentication System - Secure token-based authentication with Laravel Sanctum
- Role-Based Access Control - Built-in roles (client, admin, freelancer) with permissions
- Email Notifications - Integrated email system using Gmail SMTP
- Comprehensive Error Handling - Standardized error responses with appropriate HTTP status codes
- Database Transactions - Ensures data integrity for all operations
- Well-Documented Code - Extensive PHPDoc comments throughout
- PHP 8.1 or higher
- Composer
- MySQL 5.7+ or PostgreSQL 9.6+
- Node.js and NPM (for frontend assets and Vercel deployment)
- Firebase account
- Gmail account (for sending emails)
git clone https://github.com/codebykenth/laravel-boilerplate.git
cd laravel-boilerplatecomposer installcp .env.example .envphp artisan key:generatephp artisan migrate:freshcomposer require kreait/laravel-firebase
php artisan vendor:publish --provider="Kreait\Laravel\Firebase\ServiceProvider" php artisan serveUpdate your .env file with your database credentials:
DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306 DB_DATABASE=your_database_name
DB_USERNAME=your_database_username
DB_PASSWORD=your_database_password
To use Gmail for sending emails from your application:
- Go to your Google Account Security Settings
- Enable 2-Step Verification if not already enabled
- Under Signing in to Google, click App Passwords
- Select "Mail" as the app and your device type
- Click Generate
Create your app password here
- Copy the 16-character password provided
- Configure your
.envfile:
MAIL_MAILER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_PORT=587 MAIL_USERNAME=your_gmail@gmail.com
MAIL_PASSWORD=your_16_character_app_password
MAIL_ENCRYPTION=tls
MAIL_FROM_ADDRESS="your_gmail@gmail.com"
MAIL_FROM_NAME="${APP_NAME}"
This boilerplate uses Firebase Storage for handling file uploads:
- Go to the Firebase Console
- Create a new project or select an existing one
- Navigate to Project Settings > Service Accounts
- Click Generate new private key and download the JSON file
- Create a directory for your credentials:
mkdir -p storage/app/private- Move the downloaded JSON file to storage/app/private directory
- Update your .env file:
FIREBASE_CREDENTIALS=storage/app/private/your-firebase-credentials.json
FIREBASE_PROJECT_ID=your_project_id
FIREBASE_API_KEY=your_api_key
FIREBASE_STORAGE_BUCKET=your-firebase_project-id.firebasestorage.app - Enable Firebase Storage in your Firebase Console:
- Go to Build > Storage in your Firebase project
- Click Get Started and follow the setup wizard
- Set appropriate security rules for your storage bucket
- Install the Vercel CLI:
npm install -g vercel- Create a vercel.json file in your project root:
{
"version": 2,
"framework": null,
"functions": {
"api/index.php": { "runtime": "vercel-php@0.7.3" }
},
"routes": [{
"src": "/(.*)",
"dest": "/api/index.php"
}],
"env": {
"APP_ENV": "production",
"APP_DEBUG": "true",
"APP_URL": "https://(your-project-name)-(username)-(username)-projects.vercel.app/api",
"APP_CONFIG_CACHE": "/tmp/config.php",
"APP_EVENTS_CACHE": "/tmp/events.php",
"APP_PACKAGES_CACHE": "/tmp/packages.php",
"APP_ROUTES_CACHE": "/tmp/routes.php",
"APP_SERVICES_CACHE": "/tmp/services.php",
"VIEW_COMPILED_PATH": "/tmp",
"CACHE_DRIVER": "array",
"LOG_CHANNEL": "stderr",
"SESSION_DRIVER": "cookie"
}
}- Create api folder then create index.php then copy and paste this code
<?php
// require __DIR__."/../public/index.php";
// Load the Laravel application
require __DIR__ . '/../vendor/autoload.php';
$app = require_once __DIR__ . '/../bootstrap/app.php';
// Run the application
$kernel = $app->make(Illuminate\Contracts\Http\Kernel::class);
$response = $kernel->handle(
$request = Illuminate\Http\Request::capture()
);
$response->send();
$kernel->terminate($request, $response); -
Create empty dist folder
-
Modify .htaccess located at /public folder. Copy and paste this code
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Send Requests To Front Controller...
RewriteCond %{REQUEST_URI} !^/api
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# Send Requests To API Front Controller...
RewriteRule ^api/.*$ /api/index.php [L]
</IfModule>
-
Create .vercelignore file then paste this /vendor
-
Run this on terminal.
vercel .- If there is an error, go to Vercel Dashboard->Settings
- Override the output directory and change it to public
-
Disable vercel authentication to access endpoint
-
Copy and paste .env from project
-
Redeploy project
vercel .For more details, see the official tutorials:
LARAVEL DEPLOY TO VERCEL IN 5 MINUTES
[Deployment] Deploy Laravel to Vercel
Go to Clever Cloud Dashboard
- Go to Personal space
- Create an add-on
- Select MySQL
- Choose DEV plan
- Name and choose a location for your database
- Copy the database information and paste it to .env
| Method | Endpoint | Description | Authentication |
|---|---|---|---|
| POST | /api/register/{userType} | Register a new user (userType: client, admin, freelancer) | None |
| POST | /api/login | Login an existing user | None |
| POST | /api/logout | Logout the current user | Required |
| Method | Endpoint | Description | Authentication |
|---|---|---|---|
| GET | /api/posts | List all posts | Required |
| GET | /api/posts/{id} | View a specific post | Required |
| POST | /api/posts | Create a new post | Required |
| POST | /api/posts/{id} | Update a specific post | Required |
| DELETE | /api/posts/{id} | Delete a specific post | Required |
| Method | Endpoint | Description | Authentication |
|---|---|---|---|
| GET | /api/profiles | List all profiles | Required |
| GET | /api/profiles/me | View profile of authenticated user | Required |
| GET | /api/profiles/{id} | View a specific profile | Required |
| POST | /api/profiles | Update the authenticated user's profile | Required |
| DELETE | /api/profiles | Delete the authenticated user's account | Required |
This API implements the following rate limits to prevent abuse:
| Limiter Type | Endpoints | Limits |
|---|---|---|
| auth | Login, Register | 5 requests per minute, 100 requests per day |
| api | All authenticated endpoints | 60 requests per minute, 1000 requests per day |
- Ensure the Firebase credentials JSON file path is correctly set in
.env - Check that your Firebase Storage security rules allow read/write operations
- Verify that the Firebase Storage bucket name matches your
.envconfiguration
- Confirm your Gmail app password is correctly set in
.env - Ensure 2FA is enabled on your Google account
- Make sure "Less secure app access" is enabled for your Google account
- Check your firewall settings to ensure SMTP traffic is allowed
- For Vercel deployment issues, ensure your
vercel.jsonis properly configured - Set all environment variables in the Vercel dashboard
- Check that your PHP version is compatible (Vercel supports PHP 8.0+)
- Verify your database is accessible from Vercel's servers
The Laravel framework is open-sourced software licensed under the MIT license.