🎯 Goal Make Google login work using only .env: 🚀 1. Create OAuth Credentials Go to Google Cloud Console Steps: ⚙️ Configure Consent Screen Add scopes: ➕ Add Test Users (IMPORTANT) Scroll down → Test Users Click: Add: 👉 Only these users can log in while testing 🔑 2. Create OAuth Client ID Go to:👉 APIs & Services → Credentials Click: Select: Add Redirect URI: ⚠️ Must match Laravel exactly 📦 3. Put Credentials in .env 🔄 4. Apply Changes 🧪 Testing vs Production 🧪 Testing Mode (Default) 👉 Use for: 🌍 Publish App (Production) 👉 Use when: 🧠 Decision Rule ⚠️ Common Errors ❌ redirect_uri_mismatch → .env and Google Console don’t match exactly ❌ invalid_client → wrong client ID / secret ❌ This app isn’t verified → user not in Test Users OR app not published ⚡ Local vs Production Local: Production: 👉 Add BOTH in Google Console 🧠 Final Mental Model ✅ TL;DR

🛡️ Laravel Security Scan Guide (Using Ward) This guide walks you through: Tool used: Ward 📦 1. Install Go (Golang) 👉 Download Go Go to:https://go.dev/dl/ Download the Windows installer and install normally. ✅ Verify installation Open CMD: Expected output: ⚙️ 2. Install Ward Run: 🔍 3. Verify Ward installation Expected:

🐬 MySQL Commands 🔓 (Temporary) Allow ALL IPs 🔐 Remove “allow all” (%) ✅ Allow Specific IP ✅ Allow Subnet (per building) 🔍 Check Allowed IPs 🔍 Check Permissions 🐧 Linux / Server Commands 🔥 Allow MySQL Port (ALL — testing only) 🔐 Allow Specific Subnet (recommended) 🔍 Check Firewall Rules ⚙️ Enable Remote MySQL Access Set: 🔄 Restart MySQL (only if config changed) 🧪 Test Connection

🚀 1. Create New Laravel Project Make sure you have: ⚙️ 2. Configure Environment Update .env Create database manually: CREATE DATABASE myapp_db; Then: 🎨 3. Install Tailwind + Alpine + Auth (Breeze) Laravel doesn’t ship with login UI by default anymore. Use Breeze (lightweight, clean). Choose: Blade Now install frontend: 🧠 What You Just Installed Clean and simple. No Jetstream spaceship complexity. 🗃️ 4. Run Migrations This creates: ▶️ 5. Run App Visit: http://127.0.0.1:8000 Boom. You now have: 📁 Clean Folder Structure (What Matters) app/ Models/ Http/Controllers/resources/ views/ css/ js/routes/ web.php 🔐 Protect Routes Example: ⚡ 6. Production Build When ready: 🧠 Recommended Additions (Professional Setup) Add Role Column Migration: Then: Add Global Layout Edit: resources/views/layouts/app.blade.php Add navbar, sidebar, etc.

Used built-in Laravel security patterns for private file access: Result: profile images cannot be directly viewed by unauthenticated users, and cannot be accessed by other users even if URL is guessed.

https://services.ph.net