Form Method Spoofing

If you make use of the default routes suggested by this package, you will need to implement Form Method Spoofing in order to use the inputs that remove groups or users. Most broswers only allow users to make "GET" or "POST" requests. This is problematic if you are trying to build a restful API that uses additional HTTP verbs like "PUT" or "DELETE". To get around this, Laravel (and many other frameworks) use form method spoofing to allow developers to use those other HTTP verbs without the Browser being any the wiser.

Using form method spoofing is very easy when you are posting form data, but it can be a bit tricker if you want to have a button click submit a request with a spoofed method. It can also be somewhat tedious adding all the extra parameters to each and every button that needs it.

To address this, Centaur includes a file called restfulizer.js that makes this much easier.

To use it, you must first make sure that it is included in your compiled javascript assets. Then, you can convert any href into a spoofed method request by adding some additional data parameters:

<a href="{{ route('users.delete', $user->id) }}" data-method="DELETE">Delete this User</a>

You can also optionally request that a confirmation message be displayed:

<a href="{{ route('users.delete', $user->id) }}" class="action_confirm" data-method="DELETE" data-message="Please confirm">Delete this User</a>

As well as specifying the CSRF token if needed

<a href="{{ route('users.delete', $user->id) }}" data-method="DELETE" data-token="{{ csrf_token() }}">Delete this User</a>