0
0
Laravelframework~10 mins

Security best practices in Laravel - Interactive Code Practice

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Practice - 5 Tasks
Answer the questions below
1fill in blank
easy

Complete the code to protect a route with authentication middleware in Laravel.

Laravel
Route::get('/dashboard', function () {
    return view('dashboard');
})->middleware('[1]');
Drag options to blanks, or click blank then click option'
Aapi
Bguest
Cweb
Dauth
Attempts:
3 left
💡 Hint
Common Mistakes
Using 'guest' middleware which allows only unauthenticated users.
Using 'api' middleware which is for API routes, not authentication.
Using 'web' middleware which is a group, not specifically for auth.
2fill in blank
medium

Complete the code to hash a password before saving it in Laravel.

Laravel
$user->password = [1]($request->password);
Drag options to blanks, or click blank then click option'
Amd5
Bbcrypt
Csha1
Dhash
Attempts:
3 left
💡 Hint
Common Mistakes
Using insecure hash functions like md5 or sha1.
Using 'hash' without specifying algorithm.
Not hashing the password at all.
3fill in blank
hard

Fix the error in the CSRF token field in a Blade form.

Laravel
<form method="POST" action="/submit">
    [1]
    <input type="text" name="name">
    <button type="submit">Submit</button>
</form>
Drag options to blanks, or click blank then click option'
A@csrf
B@csrf_token
C{{ csrf_field() }}
D@token
Attempts:
3 left
💡 Hint
Common Mistakes
Using '@csrf_token' which is not a valid directive.
Using '{{ csrf_field() }}' inside Blade without echoing properly.
Using '@token' which does not exist.
4fill in blank
hard

Fill both blanks to validate input and prevent SQL injection in Laravel.

Laravel
public function store(Request $request) {
    $validated = $request->validate([[1] => 'required|string|max:255']);
    User::create([[2] => $validated['name']]);
}
Drag options to blanks, or click blank then click option'
A'name'
B'email'
C'password'
D'username'
Attempts:
3 left
💡 Hint
Common Mistakes
Using different keys for validation and creation causing errors.
Using keys unrelated to the input field.
5fill in blank
hard

Fill the blanks to safely retrieve user input, validate it, and hash the password.

Laravel
public function register(Request $request) {
    $data = $request->only([1], [2]);
    $validated = $request->validate([
        [1] => 'required|string|max:255',
        [2] => 'required|string|min:8'
    ]);
    $user = User::create([
        [1] => $validated['name'],
        [2] => bcrypt($validated['password'])
    ]);
}
Drag options to blanks, or click blank then click option'
A'name'
B'password'
C'email'
D'username'
Attempts:
3 left
💡 Hint
Common Mistakes
Mixing up field names causing validation or saving errors.
Not hashing the password before saving.