Forem: Hossein Hezami The latest articles on Forem by Hossein Hezami (@hosseinhezami). https://forem.com/hosseinhezami https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F205584%2Ff7b90254-50f9-4454-990d-fc2e6f56eee1.jpeg Forem: Hossein Hezami https://forem.com/hosseinhezami en Master Role-Based Access Control with Laravel Permission Manager Hossein Hezami Wed, 24 Sep 2025 14:33:20 +0000 https://forem.com/hosseinhezami/master-role-based-access-control-with-laravel-permission-manager-4nc3 https://forem.com/hosseinhezami/master-role-based-access-control-with-laravel-permission-manager-4nc3 <p>Building a secure, scalable Laravel application often requires a robust permission management system. Enter <strong>Laravel Permission Manager</strong>, a powerful package designed to streamline role-based access control (RBAC) with a flexible, feature-rich API. Whether you're securing routes, managing roles, or integrating permissions into your Blade templates, this package has you covered. In this post, I'll walk you through its installation, configuration, and usage to help you implement a bulletproof RBAC system in your Laravel app.</p> <h2> Why Laravel Permission Manager? </h2> <p>The <a href="https://packagist.org/packages/hosseinhezami/laravel-permission-manager" rel="noopener noreferrer">Laravel Permission Manager</a> package, developed by Hossein Hezami, offers a comprehensive solution for managing roles and permissions in Laravel applications. Here’s what makes it stand out:</p> <ul> <li> <strong>Role-Based Access Control (RBAC)</strong>: Assign multiple roles to users and permissions to roles.</li> <li> <strong>Wildcard Permissions</strong>: Support for flexible route matching (e.g., <code>admin.*</code>, <code>*admin*</code>).</li> <li> <strong>Blade Directives</strong>: Easily check roles and permissions in templates with <code>@hasRole</code> and <code>@hasPermission</code>.</li> <li> <strong>Artisan Commands</strong>: Manage roles and permissions from the command line.</li> <li> <strong>Facade Methods</strong>: Programmatically handle roles and permissions with a fluent API.</li> <li> <strong>Middleware Support</strong>: Protect routes with role or permission checks.</li> <li> <strong>Caching</strong>: Boost performance with permission caching.</li> <li> <strong>Multi-Guard Support</strong>: Works seamlessly with Laravel’s authentication guards.</li> <li> <strong>Export/Import</strong>: Save and restore roles/permissions as JSON.</li> </ul> <p>Ready to get started? Let’s dive into the setup and usage.</p> <h2> Installation </h2> <p>Installing Laravel Permission Manager is straightforward with Composer. Follow these steps to integrate it into your Laravel project:</p> <ol> <li> <strong>Install the Package</strong> Run the following command to install the package: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> composer require hosseinhezami/laravel-permission-manager </code></pre> </div> <ol> <li> <strong>Register the Service Provider (Optional)</strong> If Laravel’s package auto-discovery is disabled, add the service provider and facade to <code>config/app.php</code>: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight php"><code> <span class="s1">'providers'</span> <span class="o">=&gt;</span> <span class="p">[</span> <span class="c1">// ...</span> <span class="nc">HosseinHezami\PermissionManager\PermissionManagerServiceProvider</span><span class="o">::</span><span class="n">class</span><span class="p">,</span> <span class="p">],</span> <span class="s1">'aliases'</span> <span class="o">=&gt;</span> <span class="p">[</span> <span class="c1">// ...</span> <span class="s1">'PermissionManager'</span> <span class="o">=&gt;</span> <span class="nc">HosseinHezami\PermissionManager\Facades\PermissionManager</span><span class="o">::</span><span class="n">class</span><span class="p">,</span> <span class="p">],</span> </code></pre> </div> <ol> <li> <strong>Publish Configuration and Migrations</strong> Publish the configuration file and migrations to set up the package: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> php artisan vendor:publish <span class="nt">--provider</span><span class="o">=</span><span class="s2">"HosseinHezami</span><span class="se">\P</span><span class="s2">ermissionManager</span><span class="se">\P</span><span class="s2">ermissionManagerServiceProvider"</span> <span class="nt">--tag</span><span class="o">=</span><span class="s2">"config"</span> php artisan vendor:publish <span class="nt">--provider</span><span class="o">=</span><span class="s2">"HosseinHezami</span><span class="se">\P</span><span class="s2">ermissionManager</span><span class="se">\P</span><span class="s2">ermissionManagerServiceProvider"</span> <span class="nt">--tag</span><span class="o">=</span><span class="s2">"migrations"</span> </code></pre> </div> <ol> <li> <strong>Run Migrations</strong> Create the necessary database tables for roles and permissions: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> php artisan migrate </code></pre> </div> <ol> <li> <strong>Add the Permission Trait</strong> Add the <code>PermissionTrait</code> to your <code>User</code> model: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight php"><code> <span class="kn">namespace</span> <span class="nn">App\Models</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">HosseinHezami\PermissionManager\Traits\PermissionTrait</span><span class="p">;</span> <span class="kn">use</span> <span class="nc">Illuminate\Foundation\Auth\User</span> <span class="k">as</span> <span class="nc">Authenticatable</span><span class="p">;</span> <span class="kd">class</span> <span class="nc">User</span> <span class="kd">extends</span> <span class="nc">Authenticatable</span> <span class="p">{</span> <span class="kn">use</span> <span class="nc">PermissionTrait</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <ol> <li> <strong>Run the Install Command</strong> For a streamlined setup, use the Artisan install command. Here are some variations: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="c"># Basic installation</span> php artisan permission-manager:install <span class="c"># Install and run migrations</span> php artisan permission-manager:install <span class="nt">--migrate</span> <span class="c"># Install, run migrations, and overwrite existing files</span> php artisan permission-manager:install <span class="nt">--migrate</span> <span class="nt">--force</span> <span class="c"># Install with a custom User model path</span> php artisan permission-manager:install <span class="nt">--user-model</span><span class="o">=</span>/path/to/User.php </code></pre> </div> <h2> Configuration </h2> <p>After publishing the configuration, you can customize the package in <code>config/permission-manager.php</code>. Here’s a sample configuration:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="k">return</span> <span class="p">[</span> <span class="s1">'models'</span> <span class="o">=&gt;</span> <span class="p">[</span> <span class="s1">'role'</span> <span class="o">=&gt;</span> <span class="nc">\HosseinHezami\PermissionManager\Models\Role</span><span class="o">::</span><span class="n">class</span><span class="p">,</span> <span class="s1">'permission'</span> <span class="o">=&gt;</span> <span class="nc">\HosseinHezami\PermissionManager\Models\Permission</span><span class="o">::</span><span class="n">class</span><span class="p">,</span> <span class="s1">'user'</span> <span class="o">=&gt;</span> <span class="nc">\App\Models\User</span><span class="o">::</span><span class="n">class</span><span class="p">,</span> <span class="p">],</span> <span class="s1">'tables'</span> <span class="o">=&gt;</span> <span class="p">[</span> <span class="s1">'roles'</span> <span class="o">=&gt;</span> <span class="s1">'roles'</span><span class="p">,</span> <span class="s1">'permissions'</span> <span class="o">=&gt;</span> <span class="s1">'permissions'</span><span class="p">,</span> <span class="s1">'role_permissions'</span> <span class="o">=&gt;</span> <span class="s1">'role_permissions'</span><span class="p">,</span> <span class="s1">'user_roles'</span> <span class="o">=&gt;</span> <span class="s1">'user_roles'</span><span class="p">,</span> <span class="p">],</span> <span class="s1">'cache_duration'</span> <span class="o">=&gt;</span> <span class="mi">60</span><span class="p">,</span> <span class="c1">// Cache permissions for 60 minutes</span> <span class="s1">'log_denials'</span> <span class="o">=&gt;</span> <span class="kc">false</span><span class="p">,</span> <span class="c1">// Log permission/role denials</span> <span class="s1">'wildcards'</span> <span class="o">=&gt;</span> <span class="kc">true</span><span class="p">,</span> <span class="c1">// Enable wildcard support</span> <span class="p">];</span> </code></pre> </div> <p>This file lets you tweak model classes, table names, caching duration, and wildcard support to suit your application’s needs.</p> <h2> Database Migrations </h2> <p>The package creates four tables to manage roles and permissions:</p> <ul> <li> <strong><code>roles</code></strong>: Stores role details (name, slug, description).</li> <li> <strong><code>permissions</code></strong>: Stores permission routes (e.g., <code>users.edit</code>).</li> <li> <strong><code>role_permissions</code></strong>: Links roles to permissions.</li> <li> <strong><code>user_roles</code></strong>: Links users to roles.</li> </ul> <p>The migrations are automatically published when you run the <code>vendor:publish</code> command for the <code>migrations</code> tag.</p> <h2> Usage </h2> <p>Let’s explore how to leverage Laravel Permission Manager in your application.</p> <h3> 1. Blade Directives </h3> <p>Control access in your Blade templates with intuitive directives:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>@hasRole('admin') &lt;p&gt;Welcome, Admin!&lt;/p&gt; @endhasRole @hasPermission('users.edit') &lt;a href="/users/edit"&gt;Edit User&lt;/a&gt; @endhasPermission </code></pre> </div> <p>These directives make it easy to show or hide content based on roles or permissions.</p> <h3> 2. Middleware </h3> <p>Protect routes with middleware for roles or permissions:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="nc">Route</span><span class="o">::</span><span class="nf">get</span><span class="p">(</span><span class="s1">'/admin'</span><span class="p">,</span> <span class="p">[</span><span class="nc">AdminController</span><span class="o">::</span><span class="n">class</span><span class="p">,</span> <span class="s1">'index'</span><span class="p">])</span> <span class="o">-&gt;</span><span class="nf">middleware</span><span class="p">(</span><span class="s1">'pm:role:admin|manager'</span><span class="p">);</span> <span class="nc">Route</span><span class="o">::</span><span class="nf">get</span><span class="p">(</span><span class="s1">'/posts'</span><span class="p">,</span> <span class="p">[</span><span class="nc">PostController</span><span class="o">::</span><span class="n">class</span><span class="p">,</span> <span class="s1">'create'</span><span class="p">])</span> <span class="o">-&gt;</span><span class="nf">middleware</span><span class="p">(</span><span class="s1">'pm:permission:posts|post.create'</span><span class="p">);</span> </code></pre> </div> <p>The <code>pm</code> middleware ensures only users with the specified roles or permissions can access the route.</p> <h3> 3. Artisan Commands </h3> <p>Manage roles and permissions directly from the terminal:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># List roles and permissions</span> php artisan roles:list php artisan permissions:list <span class="c"># Create a role</span> php artisan role:create admin <span class="s2">"Administrator"</span> <span class="s2">"Has full system access"</span> <span class="c"># Update a role</span> php artisan role:update admin <span class="nt">--name</span><span class="o">=</span><span class="s2">"Super Admin"</span> <span class="nt">--description</span><span class="o">=</span><span class="s2">"Updated description"</span> <span class="c"># Delete a role</span> php artisan role:delete admin <span class="c"># Create permissions</span> php artisan permission:create <span class="s2">"users.*"</span> php artisan permission:create <span class="s2">"users.create,users.edit"</span> <span class="c"># Sync routes with permissions</span> php artisan permission:sync-routes <span class="c"># Assign/revoke permissions to a role</span> php artisan role:assign-permission admin <span class="s2">"users.*"</span> php artisan role:revoke-permission admin <span class="s2">"users.edit"</span> <span class="c"># Assign/revoke roles to a user</span> php artisan user:assign-role 1 admin php artisan user:revoke-role 1 admin <span class="c"># Export/import roles</span> php artisan role:export roles.json php artisan role:import roles.json </code></pre> </div> <p>These commands make it easy to manage your RBAC system without writing code.</p> <h3> 4. Facade Methods </h3> <p>For programmatic control, use the <code>PermissionManager</code> facade:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="kn">use</span> <span class="nc">HosseinHezami\PermissionManager\Facades\PermissionManager</span><span class="p">;</span> <span class="c1">// Create a role</span> <span class="nc">PermissionManager</span><span class="o">::</span><span class="nf">roles</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">create</span><span class="p">([</span> <span class="s1">'slug'</span> <span class="o">=&gt;</span> <span class="s1">'admin'</span><span class="p">,</span> <span class="s1">'name'</span> <span class="o">=&gt;</span> <span class="s1">'Administrator'</span><span class="p">,</span> <span class="s1">'description'</span> <span class="o">=&gt;</span> <span class="s1">'Has full system access'</span> <span class="p">]);</span> <span class="c1">// Assign permissions to a role</span> <span class="nc">PermissionManager</span><span class="o">::</span><span class="nf">role</span><span class="p">(</span><span class="s1">'admin'</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">assignPermission</span><span class="p">(</span><span class="s1">'users.edit'</span><span class="p">);</span> <span class="c1">// Assign a role to a user</span> <span class="nc">PermissionManager</span><span class="o">::</span><span class="nf">user</span><span class="p">(</span><span class="mi">1</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">assignRole</span><span class="p">(</span><span class="s1">'admin'</span><span class="p">);</span> <span class="c1">// Check permissions</span> <span class="nv">$hasPermission</span> <span class="o">=</span> <span class="nc">PermissionManager</span><span class="o">::</span><span class="nf">user</span><span class="p">(</span><span class="mi">1</span><span class="p">)</span><span class="o">-&gt;</span><span class="nf">hasPermission</span><span class="p">(</span><span class="s1">'users.edit'</span><span class="p">);</span> </code></pre> </div> <h3> 5. Wildcard Permissions </h3> <p>Wildcard permissions add flexibility to route matching:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="c1">// Match all routes starting with 'admin'</span> <span class="nc">PermissionManager</span><span class="o">::</span><span class="nf">permissions</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">create</span><span class="p">(</span><span class="s1">'admin.*'</span><span class="p">);</span> <span class="c1">// Match all routes containing 'admin'</span> <span class="nc">PermissionManager</span><span class="o">::</span><span class="nf">permissions</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">create</span><span class="p">(</span><span class="s1">'*admin*'</span><span class="p">);</span> </code></pre> </div> <h3> 6. Trait Methods </h3> <p>The <code>PermissionTrait</code> adds convenient methods to your <code>User</code> model:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="nv">$user</span> <span class="o">=</span> <span class="nc">User</span><span class="o">::</span><span class="nf">find</span><span class="p">(</span><span class="mi">1</span><span class="p">);</span> <span class="c1">// Assign a role</span> <span class="nv">$user</span><span class="o">-&gt;</span><span class="nf">assignRole</span><span class="p">(</span><span class="s1">'admin'</span><span class="p">);</span> <span class="c1">// Check permissions</span> <span class="k">if</span> <span class="p">(</span><span class="nv">$user</span><span class="o">-&gt;</span><span class="nf">hasPermission</span><span class="p">(</span><span class="s1">'users.edit'</span><span class="p">))</span> <span class="p">{</span> <span class="c1">// Allow edit action</span> <span class="p">}</span> </code></pre> </div> <h2> Best Practices </h2> <ul> <li> <strong>Use Descriptive Slugs</strong>: Choose clear, meaningful slugs for roles and permissions (e.g., <code>users.edit</code> instead of <code>edit</code>).</li> <li> <strong>Leverage Wildcards</strong>: Group related routes with wildcards (e.g., <code>users.*</code> for all user-related actions).</li> <li> <strong>Sync Routes Regularly</strong>: Run <code>php artisan permission:sync-routes</code> to keep permissions aligned with your routes.</li> <li> <strong>Enable Caching</strong>: Set a reasonable <code>cache_duration</code> in production to improve performance.</li> <li> <strong>Handle Exceptions</strong>: Use the package’s custom exceptions (e.g., <code>UnauthorizedException</code>) for robust error handling.</li> </ul> <h2> Conclusion </h2> <p>The <strong>Laravel Permission Manager</strong> package is a game-changer for developers building secure Laravel applications. Its intuitive API, comprehensive Artisan commands, and flexible features like wildcard permissions and Blade directives make it a must-have for implementing RBAC. Whether you’re managing a small app or a large-scale system, this package simplifies access control without compromising on power.</p> <p>Check out the <a href="https://hosseinhezami.github.io/laravel-permission-manager" rel="noopener noreferrer">official documentation</a> for more details, and feel free to contribute via the <a href="https://github.com/hosseinhezami/laravel-permission-manager" rel="noopener noreferrer">GitHub repository</a>. Got questions? Reach out to the maintainer at <a href="mailto:hossein.hezami@gmail.com">hossein.hezami@gmail.com</a>.</p> <p>What’s your favorite way to manage permissions in Laravel? Share your thoughts in the comments!</p> laravel permission php acl Build Laravel AI Features in Minutes: A Guide to the Gemini Package Hossein Hezami Fri, 12 Sep 2025 23:40:51 +0000 https://forem.com/hosseinhezami/build-laravel-ai-features-in-minutes-a-guide-to-the-gemini-package-2om5 https://forem.com/hosseinhezami/build-laravel-ai-features-in-minutes-a-guide-to-the-gemini-package-2om5 <p>Tired of reading docs and just want to see the code? Let's dive straight into how you can use the <code>hosseinhezami/laravel-gemini</code> package to add powerful AI features to your Laravel application. The API is clean, fluent, and incredibly powerful.</p> <h2> Installation &amp; Setup </h2> <p>First, get the package.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>composer require hosseinhezami/laravel-gemini </code></pre> </div> <p>Publish the config file and set your API key.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>php artisan vendor:publish <span class="nt">--tag</span><span class="o">=</span>gemini-config </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code># .env GEMINI_API_KEY=your_gemini_api_key_here </code></pre> </div> <h2> Code Examples: See It in Action </h2> <h3> 1. Basic Text Generation &amp; Chat </h3> <p>The <code>TextBuilder</code> makes generating text or creating a chat interface simple.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="kn">use</span> <span class="nc">HosseinHezami\LaravelGemini\Facades\Gemini</span><span class="p">;</span> <span class="c1">// Simple prompt</span> <span class="nv">$response</span> <span class="o">=</span> <span class="nc">Gemini</span><span class="o">::</span><span class="nf">text</span><span class="p">()</span> <span class="o">-&gt;</span><span class="nf">prompt</span><span class="p">(</span><span class="s1">'Write a tagline for a developer blog.'</span><span class="p">)</span> <span class="o">-&gt;</span><span class="nf">generate</span><span class="p">();</span> <span class="k">echo</span> <span class="nv">$response</span><span class="o">-&gt;</span><span class="nf">content</span><span class="p">();</span> <span class="c1">// Chat with history</span> <span class="nv">$history</span> <span class="o">=</span> <span class="p">[</span> <span class="p">[</span><span class="s1">'role'</span> <span class="o">=&gt;</span> <span class="s1">'user'</span><span class="p">,</span> <span class="s1">'parts'</span> <span class="o">=&gt;</span> <span class="p">[[</span><span class="s1">'text'</span> <span class="o">=&gt;</span> <span class="s1">'Hello!'</span><span class="p">]]],</span> <span class="p">[</span><span class="s1">'role'</span> <span class="o">=&gt;</span> <span class="s1">'model'</span><span class="p">,</span> <span class="s1">'parts'</span> <span class="o">=&gt;</span> <span class="p">[[</span><span class="s1">'text'</span> <span class="o">=&gt;</span> <span class="s1">'Hi there! How can I help?'</span><span class="p">]]]</span> <span class="p">];</span> <span class="nv">$response</span> <span class="o">=</span> <span class="nc">Gemini</span><span class="o">::</span><span class="nf">text</span><span class="p">()</span> <span class="o">-&gt;</span><span class="nf">prompt</span><span class="p">(</span><span class="s1">'What’s the weather like?'</span><span class="p">)</span> <span class="o">-&gt;</span><span class="nf">history</span><span class="p">(</span><span class="nv">$history</span><span class="p">)</span> <span class="o">-&gt;</span><span class="nf">temperature</span><span class="p">(</span><span class="mf">0.7</span><span class="p">)</span> <span class="o">-&gt;</span><span class="nf">generate</span><span class="p">();</span> <span class="k">echo</span> <span class="nv">$response</span><span class="o">-&gt;</span><span class="nf">content</span><span class="p">();</span> </code></pre> </div> <h3> 2. Structured Data Extraction </h3> <p>Need consistent JSON output from a messy prompt? Use <code>structuredSchema</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="nv">$response</span> <span class="o">=</span> <span class="nc">Gemini</span><span class="o">::</span><span class="nf">text</span><span class="p">()</span> <span class="o">-&gt;</span><span class="nf">structuredSchema</span><span class="p">([</span> <span class="s1">'type'</span> <span class="o">=&gt;</span> <span class="s1">'object'</span><span class="p">,</span> <span class="s1">'properties'</span> <span class="o">=&gt;</span> <span class="p">[</span> <span class="s1">'sentiment'</span> <span class="o">=&gt;</span> <span class="p">[</span> <span class="s1">'type'</span> <span class="o">=&gt;</span> <span class="s1">'string'</span><span class="p">,</span> <span class="s1">'enum'</span> <span class="o">=&gt;</span> <span class="p">[</span><span class="s1">'positive'</span><span class="p">,</span> <span class="s1">'negative'</span><span class="p">,</span> <span class="s1">'neutral'</span><span class="p">]</span> <span class="p">],</span> <span class="s1">'confidence'</span> <span class="o">=&gt;</span> <span class="p">[</span><span class="s1">'type'</span> <span class="o">=&gt;</span> <span class="s1">'number'</span><span class="p">],</span> <span class="s1">'key_points'</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="s1">'type'</span> <span class="o">=&gt;</span> <span class="s1">'array'</span><span class="p">,</span> <span class="s1">'items'</span> <span class="o">=&gt;</span> <span class="p">{</span><span class="s1">'type'</span> <span class="o">=&gt;</span> <span class="s1">'string'</span><span class="p">}</span> <span class="p">}</span> <span class="p">],</span> <span class="s1">'required'</span> <span class="o">=&gt;</span> <span class="p">[</span><span class="s1">'sentiment'</span><span class="p">]</span> <span class="p">])</span> <span class="o">-&gt;</span><span class="nf">prompt</span><span class="p">(</span><span class="s1">'The product is amazing but the delivery was late. I love the features though.'</span><span class="p">)</span> <span class="o">-&gt;</span><span class="nf">generate</span><span class="p">();</span> <span class="nv">$analysis</span> <span class="o">=</span> <span class="nb">json_decode</span><span class="p">(</span><span class="nv">$response</span><span class="o">-&gt;</span><span class="nf">content</span><span class="p">());</span> <span class="c1">// $analysis-&gt;sentiment, $analysis-&gt;key_points, etc.</span> </code></pre> </div> <h3> 3. Image Generation </h3> <p>Generate images from a text description.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="nv">$response</span> <span class="o">=</span> <span class="nc">Gemini</span><span class="o">::</span><span class="nf">image</span><span class="p">()</span> <span class="o">-&gt;</span><span class="nf">prompt</span><span class="p">(</span><span class="s1">'A minimalist logo for a tech startup called "Nexus", using blue and green'</span><span class="p">)</span> <span class="o">-&gt;</span><span class="nf">generate</span><span class="p">();</span> <span class="c1">// Save the generated image directly</span> <span class="nv">$response</span><span class="o">-&gt;</span><span class="nf">save</span><span class="p">(</span><span class="nf">storage_path</span><span class="p">(</span><span class="s1">'app/logo.png'</span><span class="p">));</span> </code></pre> </div> <h3> 4. Document Understanding </h3> <p>Upload a file (PDF, DOC, image) and ask questions about it.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="c1">// First, upload the file to Gemini's servers</span> <span class="nv">$fileUri</span> <span class="o">=</span> <span class="nc">Gemini</span><span class="o">::</span><span class="nf">files</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">upload</span><span class="p">(</span><span class="s1">'document'</span><span class="p">,</span> <span class="nv">$pathToInvoicePdf</span><span class="p">);</span> <span class="c1">// Then, use it in a prompt</span> <span class="nv">$response</span> <span class="o">=</span> <span class="nc">Gemini</span><span class="o">::</span><span class="nf">text</span><span class="p">()</span> <span class="o">-&gt;</span><span class="nf">upload</span><span class="p">(</span><span class="s1">'document'</span><span class="p">,</span> <span class="nv">$pathToInvoicePdf</span><span class="p">)</span> <span class="c1">// or use the $fileUri</span> <span class="o">-&gt;</span><span class="nf">prompt</span><span class="p">(</span><span class="s1">'What is the total amount due on this invoice?'</span><span class="p">)</span> <span class="o">-&gt;</span><span class="nf">generate</span><span class="p">();</span> <span class="k">echo</span> <span class="nv">$response</span><span class="o">-&gt;</span><span class="nf">content</span><span class="p">();</span> </code></pre> </div> <h3> 5. Text-to-Speech (Audio) </h3> <p>Generate spoken audio from text.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="nv">$response</span> <span class="o">=</span> <span class="nc">Gemini</span><span class="o">::</span><span class="nf">audio</span><span class="p">()</span> <span class="o">-&gt;</span><span class="nf">prompt</span><span class="p">(</span><span class="s1">'Welcome to our application. We are thrilled to have you on board.'</span><span class="p">)</span> <span class="o">-&gt;</span><span class="nf">voiceName</span><span class="p">(</span><span class="s1">'Kore'</span><span class="p">)</span> <span class="c1">// Check docs for available voices</span> <span class="o">-&gt;</span><span class="nf">generate</span><span class="p">();</span> <span class="c1">// The package smartly handles the binary response,</span> <span class="c1">// allowing you to save it directly.</span> <span class="nv">$response</span><span class="o">-&gt;</span><span class="nf">save</span><span class="p">(</span><span class="nf">public_path</span><span class="p">(</span><span class="s1">'audio/welcome.mp3'</span><span class="p">));</span> </code></pre> </div> <h3> 6. Real-Time Streaming </h3> <p>Crucial for building chat interfaces that feel fast and responsive.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight php"><code><span class="c1">// In your controller (e.g., app/Http/Controllers/ChatController.php)</span> <span class="k">public</span> <span class="k">function</span> <span class="n">stream</span><span class="p">(</span><span class="kt">Request</span> <span class="nv">$request</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">response</span><span class="p">()</span><span class="o">-&gt;</span><span class="nf">stream</span><span class="p">(</span><span class="k">function</span> <span class="p">()</span> <span class="k">use</span> <span class="p">(</span><span class="nv">$request</span><span class="p">)</span> <span class="p">{</span> <span class="nc">Gemini</span><span class="o">::</span><span class="nf">text</span><span class="p">()</span> <span class="o">-&gt;</span><span class="nf">model</span><span class="p">(</span><span class="s1">'gemini-2.5-flash-lite'</span><span class="p">)</span> <span class="c1">// Use a fast model for streaming</span> <span class="o">-&gt;</span><span class="nf">prompt</span><span class="p">(</span><span class="nv">$request</span><span class="o">-&gt;</span><span class="nf">query</span><span class="p">(</span><span class="s1">'message'</span><span class="p">))</span> <span class="o">-&gt;</span><span class="nf">stream</span><span class="p">(</span><span class="k">function</span> <span class="p">(</span><span class="nv">$chunk</span><span class="p">)</span> <span class="p">{</span> <span class="nv">$text</span> <span class="o">=</span> <span class="nv">$chunk</span><span class="p">[</span><span class="s1">'text'</span><span class="p">]</span> <span class="o">??</span> <span class="s1">''</span><span class="p">;</span> <span class="k">if</span> <span class="p">(</span><span class="nb">connection_aborted</span><span class="p">())</span> <span class="k">return</span><span class="p">;</span> <span class="k">echo</span> <span class="s2">"data: "</span> <span class="mf">.</span> <span class="nb">json_encode</span><span class="p">([</span><span class="s1">'text'</span> <span class="o">=&gt;</span> <span class="nv">$text</span><span class="p">])</span> <span class="mf">.</span> <span class="s2">"</span><span class="se">\n\n</span><span class="s2">"</span><span class="p">;</span> <span class="nb">ob_flush</span><span class="p">();</span> <span class="nb">flush</span><span class="p">();</span> <span class="p">});</span> <span class="p">},</span> <span class="mi">200</span><span class="p">,</span> <span class="p">[</span> <span class="s1">'Content-Type'</span> <span class="o">=&gt;</span> <span class="s1">'text/event-stream'</span><span class="p">,</span> <span class="s1">'Cache-Control'</span> <span class="o">=&gt;</span> <span class="s1">'no-cache'</span><span class="p">,</span> <span class="s1">'Connection'</span> <span class="o">=&gt;</span> <span class="s1">'keep-alive'</span><span class="p">,</span> <span class="s1">'X-Accel-Buffering'</span> <span class="o">=&gt;</span> <span class="s1">'no'</span><span class="p">,</span> <span class="p">]);</span> <span class="p">}</span> </code></pre> </div> <h2> Ready to Build? </h2> <p>This is just the surface. The package also handles <strong>video generation</strong>, <strong>embeddings</strong>, and full <strong>file management</strong>.</p> <p><strong>For complete documentation, check out the official docs:</strong><br> <a href="https://hosseinhezami.github.io/laravel-gemini/" rel="noopener noreferrer">https://hosseinhezami.github.io/laravel-gemini/</a></p> <p>Source:</p> <ul> <li><a href="https://github.com/hosseinhezami/laravel-gemini" rel="noopener noreferrer">https://github.com/hosseinhezami/laravel-gemini</a></li> <li><a href="https://packagist.org/packages/hosseinhezami/laravel-gemini" rel="noopener noreferrer">https://packagist.org/packages/hosseinhezami/laravel-gemini</a></li> </ul> <p>What will you build first? Let me know in the comments! 👇</p> laravel gemini ai api TOTP Authenticator: A Lightweight PHP Library for Secure Two-Factor Authentication Hossein Hezami Fri, 05 Sep 2025 11:08:13 +0000 https://forem.com/hosseinhezami/totp-authenticator-a-lightweight-php-library-for-secure-two-factor-authentication-428p https://forem.com/hosseinhezami/totp-authenticator-a-lightweight-php-library-for-secure-two-factor-authentication-428p <p>Two-Factor Authentication (2FA) has become an essential layer of security for web applications, helping protect user accounts even if passwords are compromised. Among the most widely used 2FA methods is TOTP (Time-based One-Time Password), supported by popular apps like Google Authenticator, Authy, and Microsoft Authenticator.</p> <p>For PHP developers looking to add TOTP-based authentication to their projects, TOTP Authenticator provides a simple, lightweight, and secure solution.</p> <p><strong>Key Features</strong></p> <p>🔐 Secure Secret Generation: Generates cryptographically secure secrets with configurable lengths.</p> <p>⏱ Time-based OTP Generation: Produces 6-digit one-time passwords compliant with RFC 6238.</p> <p>✅ Code Verification: Validates user input with support for slight time drift to accommodate clock differences.</p> <p>📱 QR Code Generation: Creates URLs compatible with Google Authenticator and similar 2FA apps.</p> <p>🔒 Timing-Safe Comparison: Protects against timing attacks during code verification.</p> <p>💡 Zero Dependencies: Pure PHP library (requires PHP 7.4 or higher).</p> <p><strong>Installation</strong><br> Install the library easily using Composer:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>composer require hosseinhezami/totp-authenticator </code></pre> </div> <p><strong>Getting Started</strong><br> Here's a quick example demonstrating the core functionality of the library:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>use HosseinHezami\TotpAuthenticator\Authenticator; // Generate a secure secret $secret = Authenticator::createSecret(16); // Generate a TOTP code $code = Authenticator::generateCode($secret); // Verify the code $isValid = Authenticator::verifyCode($secret, $code); echo $isValid ? "Valid code" : "Invalid code"; // Generate a QR code URL for Google Authenticator $qrCodeUrl = Authenticator::generateQrCodeUrl("user@example.com", $secret, "MyApp"); echo $qrCodeUrl; </code></pre> </div> <p>The QR code URL can be scanned directly in any TOTP-compatible authenticator app.<br> Verification uses timing-safe comparison to ensure maximum security.</p> <p><strong>Laravel Integration Example</strong><br> Integrating this library into a Laravel project is straightforward. For example, a route can be defined to test all the functionalities:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>use HosseinHezami\TotpAuthenticator\Authenticator; Route::get('/totp-test', function () { $secret = Authenticator::createSecret(16); $code = Authenticator::generateCode($secret); $isValid = Authenticator::verifyCode($code, $secret); $qrCodeUrl = Authenticator::generateQrCodeUrl('testuser@example.com', $secret, 'MyApp'); return response()-&gt;json([ 'secret' =&gt; $secret, 'generated_code' =&gt; $code, 'verify_code' =&gt; $isValid, 'qr_code_url' =&gt; $qrCodeUrl ]); }); </code></pre> </div> <p>This provides a ready-to-use JSON response for testing secret generation, code verification, and QR code creation.</p> <p><strong>Why Use TOTP Authenticator?</strong></p> <ul> <li>Lightweight &amp; Minimal Setup: Easy to integrate without heavy dependencies.</li> <li>Secure &amp; Standards-Compliant: Follows RFC 6238 and implements cryptographically secure operations.</li> <li>Flexible: Works in both plain PHP and frameworks like Laravel.</li> <li>Developer-Friendly: Provides all the core TOTP functionality without complexity.</li> </ul> <p><strong>Resources</strong><br> GitHub: <a href="https://github.com/hosseinhezami/totp-authenticator" rel="noopener noreferrer">https://github.com/hosseinhezami/totp-authenticator</a><br> Packagist: <a href="https://packagist.org/packages/hosseinhezami/totp-authenticator" rel="noopener noreferrer">https://packagist.org/packages/hosseinhezami/totp-authenticator</a></p> php totp authentication 2fa