The API and client portal have been developed using [Laravel](https://laravel.com) if you wish to contribute to this project familiarity with Laravel is essential.
When inspecting functionality of the API, the best place to start would be in the routes/api.php file which describes all of the availabe API endpoints. The controller methods then describe all the entry points into each domain of the application, ie InvoiceController / QuoteController
The average API request follows this path into the application.
* Middleware processes the request initially inspecting the domain being requested + provides the authentication layer.
* The request then passes into a Form Request (Type hinted in the controller methods) which is used to provide authorization and also validation of the request. If successful, the request is then passed into the controller method where it is digested, here is an example:
```php
public function store(StoreInvoiceRequest $request)
Here for example we are storing a new invoice, we pass the validated request along with a factory into the invoice repository where it is processed and saved.
The returned invoice then passes through its service class (app/Services/Invoice) where various actions are performed.
A event is then fired which notifies listeners in the application (app/Providers/EventServiceProvider) which perform non blocking sub tasks
Finally the invoice is transformed (app/Transformers/) and returned as a response via Fractal.
### Developer environment
Using the Quick Hosting Setup describe above you can quickly get started building out your development environment. Instead of using
```
composer i -o --no-dev
```
use
```
composer i -o
```
This provides the developer tools including phpunit which allows the test suite to be run.
If you are considering contributing back to the main repository, please add in any tests for new functionality / modifications. This will greatly increase the chances of your PR being accepted
Also, if you plan any additions for the main repository, you may want to discuss this with us first on Slack where we can assist with any technical information and provide advice.
If you find a security issue with this application, please send an email to contact@invoiceninja.com.
Please follow responsible disclosure procedures if you detect an issue.
For further information on responsible disclosure please read [here](https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html).
## License
Invoice Ninja is released under the Elastic License.