Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experience to be truly fulfilling. Laravel takes the pain out of development by easing common tasks used in many web projects, such as:
Laravel is accessible, powerful, and provides tools required for large, robust applications.
Laravel already has built in security set up out of the box such as CSRF, CORS, etc. However, there are certain aspect that need to be manually coded depend on case by case feature.
Do go through the commits one by one per topics :
1. APP_KEY generation
2. APP_DEBUG setting
3. APP_ENV setting
4. Request Limiting or Throttling
5. HTTPS - force using https route
6. Token validity timeout
7. Create custom logging
8. Retrieving env KEY
9. Prevent Mass-assignment
10. Hidden variables from model instance, $hidden
11. Verify password using One Way Hash
12. Exception Handler
13. Request input validation
14. Model Policy
15. Role and Permission implementation
16. Raw Query