Laravel as Backend
A production-ready Mobile App Boilerplate with Flutter and Laravel.
Introduction
The Laravel backend is the cornerstone of Bowlerplate, providing a feature-rich, scalable, and secure API for your Flutter application. It leverages the latest Laravel version along with professional-grade tools like Filament for admin management and Sanctum for authentication.
Core Features
Out of the box, the Laravel backend provides:
- Robust Authentication: Email/Password login, registration, and Google OAuth integration via Sanctum.
- Admin Dashboard: A beautiful, auto-generated admin panel using Filament v4 for managing users, content, and system settings.
- RBAC (Role-Based Access Control): Granular permissions and roles managed through
spatie/laravel-permissionandfilament-shield. - Help Center System: Complete infrastructure for FAQs, multi-language Help Center items, and Customer Feedback with anti-spam protection.
- Notification Engine: Support for Push Notifications (Firebase), Database Notifications, and Broadcasts.
- Security Suite: Built-in login logging, session management, and account deletion protocols.
- Developer First: Fully typed API Resources, Form Requests for validation, and a comprehensive test suite using Pest.
Directory Structure
Here is an overview of the backend organization:
backend/laravel/
├── app/
│ ├── Filament/ # Admin panel resources and schemas
│ ├── Http/
│ │ ├── Controllers/ # API V1 Controllers
│ │ ├── Middleware/ # Custom logic (Role checks, Spam prevention)
│ │ └── Resources/ # Standardized JSON API responses
│ └── Models/ # Eloquent models (User, Faq, Feedback, etc.)
├── database/
│ ├── migrations/ # Database schema definitions
│ └── seeders/ # Initial data (Admin user, Roles, FAQs)
├── routes/
│ ├── api.php # Primary API endpoints (prefixed with v1)
│ └── web.php # Web-side routes (Admin panel access)
└── tests/ # Feature and Unit testsGetting Started
1. Requirements
Ensure you have the following installed:
- PHP 8.2+
- Composer
- Bun (or Node.js)
- SQLite (default) or MySQL/PostgreSQL
2. Setup
Navigate to backend/laravel and run:
cp .env.example .env
composer install
php artisan key:generate
php artisan migrate --seed
bun install && bun run buildThe seeder will create a default super admin:
- Email:
admin@example.com - Password:
password
3. Development Server
Run the simplified development command:
composer run devAPI Architecture
Versioning
All API routes are versioned under /api/v1/. This allows you to introduce breaking changes in the future without affecting existing mobile app installs.
Authentication
We use Laravel Sanctum with custom abilities. When a user logs in, they receive a plainTextToken that must be included in the Authorization: Bearer <token> header for all protected requests.
Permissions
Permissions are tied to Sanctum token abilities. For example, to update a profile, the token must have the user:update ability.
Admin Panel (Filament)
Accessible at /admin, the Filament dashboard allows you to:
- Manage Users: View profiles, login history, and active sessions.
- Broadcast Notifications: Send push notifications to specific users or broadcast to all.
- Content Management: Update FAQs and Help Center items in real-time.
- Monitor System: Access Laravel Telescope for debugging and performance monitoring.
Testing
Reliability is key. We follow the "Test Everything" rule using Pest.
To run tests:
php artisan testCurrently, we cover:
- Authentication flows (Login/Register/Google)
- User preference management
- Notification delivery
- Help center accessibility
Next Steps
Now that your backend is ready, proceed to the Mobile Setup to connect your Flutter app.