YorYor Laravel Dating App Assistant

Expert assistant for working with the YorYor Muslim dating and matchmaking platform codebase.

Project Overview

YorYor is a comprehensive Muslim dating and matchmaking platform built with Laravel 12, emphasizing cultural values, family involvement, and serious relationships leading to marriage. The platform modernizes traditional matchmaking while respecting Islamic cultural and religious values.

**Tech Stack:** Laravel 12, PHP 8.2+, Tailwind CSS 4.0, Laravel Reverb (WebSocket), Laravel Sanctum (API), PostgreSQL

Architecture Pattern

The codebase follows a strict **layered architecture**:

1. **Presentation Layer**: Blade views + API Resources (JSON:API format)

2. **Application Layer**: Controllers (API + Web) orchestrate requests

3. **Service Layer**: Business logic in dedicated service classes (25+ services)

4. **Domain Layer**: Eloquent models (55+ models) with relationships

5. **Data Access Layer**: Database, Cache, Queue

Critical Architectural Rules

1. **Never put business logic in controllers** - always use services

2. **Never query models directly in views** - pass data from controllers

3. **Always use transactions for multi-model operations** - wrap in `DB::beginTransaction()`

4. **Services must be injected via dependency injection**

5. **Controllers validate input, call services, return responses**

Essential Development Commands

Starting the Development Environment

```bash

Start all services (Laravel server + queue worker + logs + Vite)

composer dev

Individual services

php artisan serve # Laravel server (port 8000)

php artisan reverb:start # WebSocket server (port 8080)

php artisan queue:listen --tries=1 # Queue worker

php artisan pail --timeout=0 # Real-time logs

npm run dev # Vite dev server

```

Database Management

```bash

Run migrations

php artisan migrate

Fresh database with seeders

php artisan migrate:fresh --seed

Create new migration

php artisan make:migration create_table_name

Rollback last migration

php artisan migrate:rollback

```

Testing & Code Quality

```bash

Run all tests (Pest)

php artisan test

Run specific test file

php artisan test tests/Feature/AuthTest.php

Code formatting (Laravel Pint)

./vendor/bin/pint

```

Monitoring Tools

```bash

Laravel Telescope (development debugging): http://localhost:8000/telescope

Laravel Pulse (performance monitoring): http://localhost:8000/pulse

Laravel Horizon (queue monitoring): php artisan horizon → http://localhost:8000/horizon

API documentation (Swagger): http://localhost:8000/api/documentation

```

Database Architecture

**Database:** PostgreSQL (70+ tables)

Core Pattern: User → Profile → Extended Profiles

Communication: Chat → Messages → Reads

Matching: Likes → Matches

Key Model Names

Tables with Soft Deletes

Authentication & Authorization

Multi-Factor Authentication Flow

1. User enters email/phone + password

2. `AuthController::authenticate()` generates OTP via `OtpService`

3. OTP sent via email/SMS

4. User verifies OTP

5. If 2FA enabled: verify Google Authenticator code (`TwoFactorAuthService`)

6. Generate Sanctum token

7. Return user + token

Authorization Layers

1. **Middleware**: `AdminMiddleware`, custom `Authenticate` (redirects to `/start` not `/login`)

2. **Policies**: Gate checks in controllers (`$this->authorize('update', $profile)`)

3. **RBAC**: `role_user`, `permission_role` pivot tables

4. **Scopes**: Model scopes filter queries (`User::active()`, `User::online()`)

Custom Middleware

Service Layer Details

Core Service Categories

**Authentication Services:**

**Media Services:**

**Communication Services:**

**Video Services:**

**Advanced Services:**

Service Transaction Pattern

Services must use transactions for multi-model operations:

```php

public function createMatch($userId, $likedUserId) {

DB::beginTransaction();

try {

$match = Match::create([...]);

$chat = Chat::create([...]);

$chat->users()->attach([$userId, $likedUserId]);

event(new NewMatchEvent($match));

DB::commit();

return $match;

} catch (\Exception $e) {

DB::rollBack();

throw $e;

}

}

```

Real-Time Features (Laravel Reverb)

WebSocket Architecture

```

Laravel App (port 8000) → Broadcasts Event → Reverb (port 8080) → Pushes to Clients

```

Broadcasting Pattern

```php

// 1. Create event

class NewMessageEvent implements ShouldBroadcast {

public function broadcastOn(): array {

return [new PrivateChannel("chat.{$this->chatId}")];

}

}

// 2. Dispatch event

event(new NewMessageEvent($message));

// 3. Listen in JavaScript (resources/js/messages.js)

Echo.private(`chat.${chatId}`)

.listen('NewMessageEvent', (e) => {

// Update UI

});

```

Channel Authentication

API Design

JSON:API Standard

API Versioning

Rate Limiting Strategy

Different limits per action type (enforced at middleware level):

Applied via middleware: `->middleware('api.rate.limit:action_type')`

Route Organization

1. `routes/api.php` - Mobile/API endpoints (Sanctum auth)

2. `routes/web.php` - Landing pages (public)

3. `routes/user.php` - Authenticated user routes (web middleware)

4. `routes/admin.php` - Admin dashboard routes (admin middleware)

Frontend Architecture

**JavaScript Modules (resources/js/):**

**Alpine.js Integration:**

Third-Party Integrations

VideoSDK.live (Primary Video Calling)

Agora RTC (Backup Video Calling)

Cloudflare R2 (Media Storage)

Expo Push Notifications

Critical Configuration

Must Configure for Basic Operation

```env

APP_KEY= # Generate: php artisan key:generate

APP_URL=http://localhost # Production: https://yourdomain.com

DB_CONNECTION=mysql # Use MySQL in production (SQLite for dev)

BROADCAST_CONNECTION=reverb # WebSocket broadcasting

QUEUE_CONNECTION=database # Use Redis in production

Laravel Reverb (WebSocket)

REVERB_APP_ID=yoryor-app

REVERB_APP_KEY=yoryor-key-123456

REVERB_APP_SECRET=yoryor-secret-123456

REVERB_HOST=localhost # Production: your domain

REVERB_PORT=8080

REVERB_SCHEME=http # Production: https

Vite (for WebSocket client)

VITE_REVERB_APP_KEY="${REVERB_APP_KEY}"

VITE_REVERB_HOST="${REVERB_HOST}"

VITE_REVERB_PORT="${REVERB_PORT}"

VITE_REVERB_SCHEME="${REVERB_SCHEME}"

```

Must Configure for Full Functionality

```env

Video Calling (Primary)

VIDEOSDK_API_KEY=

VIDEOSDK_SECRET_KEY=

VIDEOSDK_API_ENDPOINT=https://api.videosdk.live/v2

Media Storage (Cloudflare R2)

CLOUDFLARE_R2_ACCESS_KEY_ID=

CLOUDFLARE_R2_SECRET_ACCESS_KEY=

CLOUDFLARE_R2_DEFAULT_REGION=auto

CLOUDFLARE_R2_BUCKET=

CLOUDFLARE_R2_URL=https://your-account.r2.cloudflarestorage.com

CLOUDFLARE_R2_ENDPOINT=https://your-account.r2.cloudflarestorage.com

CLOUDFLARE_R2_USE_PATH_STYLE_ENDPOINT=true

```

Instructions for Claude Code

When working with this codebase:

1. **Always follow the layered architecture** - business logic goes in services, not controllers

2. **Use dependency injection** for all service dependencies

3. **Wrap multi-model operations in transactions** using `DB::beginTransaction()`

4. **Run migrations in order** - foreign keys are added last

5. **Use the `UserMatch` model** for the `matches` table (not `Match`)

6. **Apply appropriate rate limiting middleware** to new API routes

7. **Use JSON:API format** for all API responses via API Resources

8. **Implement broadcasting events** for real-time features using Reverb

9. **Store media files on Cloudflare R2** using `MediaUploadService`

10. **Follow the existing naming conventions** for models, services, and controllers

11. **Add soft deletes** to models where audit trails are needed

12. **Write Pest tests** for new features

13. **Format code** with Laravel Pint before committing

14. **Use proper indexes** on pivot tables for reverse lookups

15. **Reference the monitoring tools** (Telescope, Pulse, Horizon) when debugging

Common Tasks

Creating a New Feature

1. Create migration: `php artisan make:migration create_feature_table`

2. Create model with relationships and soft deletes if needed

3. Create service class in `app/Services/` with business logic

4. Create controller in `app/Http/Controllers/API/V1/` or `app/Http/Controllers/`

5. Create API Resource in `app/Http/Resources/` for JSON:API format

6. Add routes to appropriate route file with middleware

7. Create broadcasting event if real-time updates needed

8. Write Pest tests in `tests/Feature/`

9. Update API documentation

Adding Real-Time Functionality

1. Create event class implementing `ShouldBroadcast`

2. Define channel in `broadcastOn()` method

3. Register channel authentication in `routes/channels.php`

4. Dispatch event in service layer: `event(new YourEvent($data))`

5. Listen in JavaScript using Echo: `Echo.private('channel').listen('Event', callback)`

Adding a New Service

1. Create service class in `app/Services/`

2. Inject dependencies via constructor

3. Use transactions for multi-model operations

4. Throw exceptions for error cases

5. Inject service into controllers via constructor

6. Call service methods from controller actions