A secure and optimized Laravel web application demonstrating multi-authentication, real-time updates using websockets, and efficient large-scale product import using Laravel queues and batch processing.
- Separate login, registration, and dashboards for Admin and Customer users
- Laravel's built-in multi-authentication system using
Auth::guard() - Route protection using middleware per guard (
auth:admin,auth:customer) - Independent session management for each guard
- Complete CRUD operations for products
- Product fields: name, description, price, image, category, stock
- Bulk import of up to 100,000 products via CSV/Excel
- Chunked processing using Laravel queues
- Default image handling when no image provided in CSV
- Sample CSV file included:
products_sample_import.csv
- Real-time user presence using Laravel Reverb
- Online/offline status tracking for Admins and Customers
- Presence channels implementation
- Database storage of user online status
- Live updates in Admin dashboard
- CSV/Excel file upload support (up to 100k products)
- Chunked reading and processing (1000 rows per chunk)
- Row-by-row validation
- Background queue processing to prevent timeouts
- Error handling and cleanup
- Feature tests for product creation and management
- Unit tests for bulk import logic and validation
- Multi-auth testing scenarios
- Laravel's built-in test suite integration
- PHP 8.2 or higher
- Composer
- Node.js and npm
- SQLite (default) or MySQL/PostgreSQL
-
Clone the repository
git clone <repository-url> cd laravel-assessment
-
Install PHP dependencies
composer install
-
Install Node.js dependencies
npm install
-
Environment setup
cp .env.example .env php artisan key:generate
-
Database setup
# Create SQLite database touch database/database.sqlite # Run migrations php artisan migrate
-
Build assets
npm run build # or for development npm run dev -
Start the application
# Terminal 1: Laravel server php artisan serve # Terminal 2: Queue worker php artisan queue:work # Terminal 3: WebSocket server php artisan reverb:start
-
Access the application
- Main app: http://localhost:8000
- Admin login: http://localhost:8000/admin/login
- Customer login: http://localhost:8000/customer/login
The application uses Laravel's multi-guard authentication system:
// config/auth.php
'guards' => [
'admin' => [
'driver' => 'session',
'provider' => 'admins',
],
'customer' => [
'driver' => 'session',
'provider' => 'customers',
],
],Routes are protected using custom middleware:
- AdminMiddleware: Protects admin routes, redirects to admin login
- CustomerMiddleware: Protects customer routes, redirects to customer login
// Admin routes
Route::middleware('admin')->group(function () {
Route::get('dashboard', [AdminAuthController::class, 'dashboard']);
Route::resource('products', ProductController::class);
});
// Customer routes
Route::middleware('customer')->group(function () {
Route::get('dashboard', [CustomerAuthController::class, 'dashboard']);
});Users are differentiated by a type field in the database:
admin: Full access to product management and admin featurescustomer: Limited access to customer dashboard
- Laravel Reverb: Laravel's official WebSocket server
- Laravel Echo: Client-side WebSocket library
- Pusher Protocol: Compatible WebSocket implementation
BROADCAST_CONNECTION=reverb
REVERB_APP_ID=123456
REVERB_APP_KEY=reverb-key
REVERB_APP_SECRET=reverb-secret
REVERB_HOST="localhost"
REVERB_PORT=8080Two presence channels are implemented:
presence.admin: For admin userspresence.customer: For customer users
- User join/leave notifications
- Online status tracking in database
- Live user list updates in admin dashboard
- Cross-guard presence visibility (admins can see all users)
- File Upload: CSV/Excel files up to 10MB
- Queue Processing: Background job processing
- Chunked Reading: 1000 rows per chunk
- Validation: Row-by-row validation with Laravel rules
- Error Handling: Failed job cleanup and retry logic
ProcessProductImport: Queue job for background processingProductsImport: Import class with chunking and validationProductController: Handles file upload and job dispatch
- Memory Management: Chunked processing prevents memory exhaustion
- Timeout Prevention: Background queue processing
- Validation: Early validation prevents invalid data insertion
- Default Values: Automatic default image assignment
- Cleanup: Automatic file cleanup after processing
// Chunked processing
public function chunkSize(): int
{
return 1000; // Process 1000 rows at a time
}
// Job timeout and retries
public $timeout = 3600; // 1 hour timeout
public $tries = 3; // 3 retry attempts# Run all tests
php artisan test
# Run specific test types
php artisan test --testsuite=Feature
php artisan test --testsuite=Unit
# Run with coverage (if xdebug enabled)
php artisan test --coverage- ✅ Admin can create products
- ✅ Customer cannot access product management
- ✅ Product creation validation
- ✅ Admin can update products
- ✅ Admin can delete products
- ✅ Product import creates correct model
- ✅ Default image handling
- ✅ Validation rules testing
- ✅ Chunk size configuration
- User factories for admin/customer creation
- Product factories for test data generation
- Database refresh for clean test environment
- SQLite: Default for simplicity and portability
- Indexes: Proper indexing on frequently queried fields
- Foreign Keys: Maintained data integrity
- Soft Deletes: Could be added for audit trails
- Database Driver: Simple setup, no external dependencies
- Job Batching: Available for tracking import progress
- Failed Jobs: Automatic retry and cleanup mechanisms
- CSRF Protection: All forms protected
- Input Validation: Comprehensive validation rules
- File Upload Security: Type and size restrictions
- Authentication: Secure password hashing
- Route Protection: Middleware-based access control
- Lazy Loading: Efficient database queries
- Chunked Processing: Memory-efficient bulk operations
- Asset Optimization: Vite for modern asset building
- Caching: Ready for Redis/Memcached integration
- Queue Workers: Horizontal scaling capability
- WebSocket Scaling: Reverb supports clustering
- Database: Easy migration to MySQL/PostgreSQL
- File Storage: Ready for S3/cloud storage integration
The products_sample_import.csv file contains 20 sample products with:
- Various categories (Electronics, Books, Clothing, Home, Sports)
- Different price ranges ($12.99 - $149.99)
- Stock quantities (25 - 300 units)
- Mix of products with and without custom images
- Realistic product names and descriptions
This file was used for testing the import functionality and demonstrates:
- Proper CSV formatting
- Required vs optional fields
- Default image handling
- Various data types and validation scenarios
-
GET /admin/login- Admin login form -
POST /admin/login- Admin login processing -
GET /admin/register- Admin registration form -
POST /admin/register- Admin registration processing -
POST /admin/logout- Admin logout -
GET /customer/login- Customer login form -
POST /customer/login- Customer login processing -
GET /customer/register- Customer registration form -
POST /customer/register- Customer registration processing -
POST /customer/logout- Customer logout
GET /admin/products- List productsGET /admin/products/create- Create product formPOST /admin/products- Store new productGET /admin/products/{id}- Show product detailsGET /admin/products/{id}/edit- Edit product formPUT /admin/products/{id}- Update productDELETE /admin/products/{id}- Delete productGET /admin/products-import- Import formPOST /admin/products-import- Process import