-
Archives
- June 2026
- May 2026
- April 2026
- November 2025
- December 2024
- November 2024
- June 2024
- September 2023
- March 2023
- August 2022
- April 2022
- September 2021
- September 2020
- March 2019
- March 2018
- June 2017
- May 2017
- November 2016
- September 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- February 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- April 2015
- December 2014
- October 2014
- September 2014
- May 2014
- April 2014
- March 2014
- January 2014
- November 2013
- October 2013
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
-
Meta
Category Archives: Laravel
Multi tenancy in Laravel using stancl/tenancy
I spent a day inside stancl/tenancy (the database-per-tenant Laravel package) shipping a real change to a multi-tenant Software-as-a-Service (SaaS) application, and a few things finally clicked for me — none of which were obvious from the documentation alone. 💡 Here … Continue reading
Scribe for Laravel: API Docs That Stay Fresh, and a Calm Way to Upgrade Them
Most Laravel teams reach a point where their API documentation is either out of date, written somewhere it shouldn’t be (Confluence, anyone?), or just doesn’t exist. Scribe is the package that quietly fixes this — it reads your routes, controllers, … Continue reading
Reading Laravel Config From a Queued Job — and the env() Trap That Bites You in Production
Today’s lesson came from a perfectly innocent-looking change in a Laravel app. We had a magic number — a chunk size — sprinkled across three call sites: 123foreach (array_chunk($userIds, 100) as $chunk) { SendOnboardingEmailJob::dispatch($chunk); } One reviewer flagged … Continue reading
BOLA in a Laravel Livewire app: when client-side state is the only thing standing between users and admin actions
A penetration test landed an interesting finding on a Livewire-powered admin panel I work on. The summary on the report read: Broken Object-Level Authorization (BOLA). A standard user can change a tenant-wide “who can access these assets” setting by replaying … Continue reading
Azure AD, Google Directory, and SCIM: picking a user-sync story for a multi-tenant Laravel app
Late 2024 I spent a few weeks digging into how a multi-tenant Laravel platform I was working on should let tenant administrators pull users in from external identity providers. The customer asks were predictable — “we use Azure,” “we use … Continue reading
Free Azure AD SCIM provisioning to a Laravel app on your laptop, via home router + dynamic DNS
In the last post I sketched why SCIM (System for Cross-domain Identity Management) won out over direct Azure Active Directory (Azure AD) and Google Directory integrations for a multi-tenant Laravel app I was working on. This one is the hands-on … Continue reading
Laravel Jobs, Queues, Batches, and Redis: A Field Guide
Laravel’s queue system is one of those features you can use for years without really understanding what’s happening underneath. You call SomeJob::dispatch(), a worker somewhere picks it up, and life goes on. But the moment a job mysteriously runs twice, … Continue reading