OpenID Connect (OIDC) is an authentication protocol built on top of OAuth 2.0. It allows clients (like web or mobile apps) to verify the identity of a user who logs in via an external identity provider (IdP) — such as Google, Microsoft, Apple, etc.

🔐 In Short:

OAuth 2.0 → handles authorization (access to resources)
OpenID Connect → handles authentication (who is the user?)

🧱 How Does OpenID Connect Work?

1. User clicks "Login with Google"

2. Your app redirects the user to Google’s login page

3. After successful login, Google redirects back with an ID token

4. Your app validates this JWT token

5. You now know who the user is — verified by Google

🔑 What’s Inside the ID Token?

The ID token is a JSON Web Token (JWT) containing user identity data, like:

{
  "iss": "https://accounts.google.com",
  "sub": "1234567890",
  "name": "John Doe",
  "email": "john@example.com",
  "iat": 1650000000,
  "exp": 1650003600
}

• iss = issuer (e.g. Google)

• sub = user ID

• email, name = user info

• iat, exp = issued at / expiration

🧩 Typical Use Cases

• “Login with Google/Microsoft/Apple”

• Single Sign-On (SSO) in organizations

• Centralized user identity (Keycloak, Auth0, Azure AD)

• OAuth APIs that require identity verification

🛠️ Core Components

OPcache is a built-in bytecode caching extension for PHP that significantly improves performance by precompiling PHP code and storing it in memory (RAM).

⚙️ How Does OPcache Work?

Normally, every PHP request goes through:

1. Reading the PHP source file

2. Parsing and compiling it into bytecode

3. Executing the bytecode

With OPcache, this process happens only once. After the first request, PHP uses the precompiled bytecode from memory, skipping the parsing and compiling steps.

🚀 Benefits of OPcache

php -i | grep opcache.enable

Or in code:

phpinfo();

📦 Typical Configuration (php.ini)

opcache.enable=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.validate_timestamps=1
opcache.revalidate_freq=2

💡 In production, it’s common to set opcache.validate_timestamps=0 — meaning PHP won’t check for file changes on every request. This gives even more performance, but you’ll need to manually reset the cache after code updates.

🧪 When Is OPcache Useful?

OPcache is especially helpful for:

• Laravel, Symfony, WordPress, Drupal, TYPO3

• High-traffic applications

• Large codebases

🧼 How to Clear the Cache (e.g., after a deployment)

Via PHP:

opcache_reset();

Or from the command line:

php -r "opcache_reset();"

🧠 Summary

OPcache is a simple but powerful performance booster for any PHP application. It should be enabled in every production environment — it’s free, built-in, and drastically reduces load times and server strain.

Deployer is an open-source deployment tool for PHP projects — specifically designed to automate, standardize, and securely deploy applications like Laravel, Symfony, Magento, WordPress, or any custom PHP apps.

🚀 What Makes Deployer Special?

• It’s a CLI tool, written in PHP.

• You define your deployment process in a deploy.php configuration file with clearly defined tasks.

• It supports zero-downtime deployment using symbolic links (symlinks).

• It supports multi-environment deployments (e.g., staging, production).

🛠️ Typical Deployer Workflow

Install Deployer via Composer:

composer require deployer/deployer --dev

Generate a config template:

vendor/bin/dep init

Configure deploy.php, e.g., for Laravel:

host('my-server.com')
    ->set('deploy_path', '/var/www/myproject')
    ->set('branch', 'main');

task('deploy', [
    'deploy:prepare',
    'deploy:vendors',
    'artisan:migrate',
    'deploy:publish',
]);

Deploy your app:

vendor/bin/dep deploy production

🔁 What Happens Under the Hood?

Deployer:

• Connects to the server via SSH

• Clones your Git repo into a new release directory

• Installs Composer dependencies

• Runs custom tasks (e.g., php artisan migrate)

• Updates the symlink to point to the new release (current)

• Removes old releases if configured

📦 Benefits of Deployer

Laravel Octane is an official package for the Laravel framework that dramatically boosts application performance by running Laravel on high-performance application servers like Swoole or RoadRunner.

⚡ What Makes Laravel Octane Special?

Instead of reloading the Laravel framework on every HTTP request (as with traditional PHP-FPM setups), Octane keeps the application in memory, avoiding repeated bootstrapping. This makes your Laravel app much faster.

🔧 How Does It Work?

Laravel Octane uses persistent worker servers (e.g., Swoole or RoadRunner), which:

1. Bootstrap the Laravel application once,

2. Then handle incoming requests repeatedly without restarting the framework.

🚀 Benefits of Laravel Octane

RoadRunner is a high-performance PHP application server developed by Spiral Scout. It serves as a replacement for traditional PHP-FPM (FastCGI Process Manager) and offers a major performance boost by keeping your PHP application running persistently — especially useful with frameworks like Laravel or Symfony.

🚀 What Makes RoadRunner Special?

✅ Worker-Based Performance

• PHP scripts are not reloaded on every request. Instead, they run continuously in persistent worker processes (similar to Node.js or Swoole).

• This eliminates the need to re-bootstrap the framework on every request — resulting in significantly faster response times than with PHP-FPM.

✅ Built with Go

• RoadRunner is written in the programming language Go, which provides high concurrency, easy deployment, and great stability.

✅ Features

• Native HTTP server (with HTTPS, Gzip, CORS, etc.)

• PSR-7 and PSR-15 middleware support

• Supports:

  • Queues (e.g., Redis, RabbitMQ)

  • gRPC

  • WebSockets

  • Static file serving

  • Prometheus metrics

  • RPC between Go and PHP

• Hot reload support with a watch plugin

⚙️ How Does It Work?

1. RoadRunner starts PHP worker processes.

2. These workers load your full framework bootstrap once.

3. Incoming HTTP or gRPC requests are forwarded to the PHP workers.

4. The response is returned through the Go layer — fast and concurrent.

📦 Common Use Cases:

• Laravel + RoadRunner (instead of Laravel + PHP-FPM)

• High-traffic applications and APIs

• Microservices

• Real-time apps (e.g., using WebSockets)

• Low-latency, serverless-like services

📉 RoadRunner vs PHP-FPM

The .htaccess file is a configuration file for Apache web servers that allows you to control the behavior of your website — without needing access to the main server configuration. It’s usually placed in the root directory of your website (e.g., /public_html or /www).

Important notes:

• .htaccess only works on Apache servers (not nginx).

• Changes take effect immediately — no need to restart the server.

• Many shared hosting providers allow .htaccess, but some commands might be restricted.

• Syntax errors can break your site — so be careful when editing.

🛠️ What is GitHub Actions?

GitHub Actions is a feature of GitHub that lets you create automated workflows for your software projects—right inside your GitHub repository.

📌 What can you do with GitHub Actions?

You can build CI/CD pipelines (Continuous Integration / Continuous Deployment), such as:

• ✅ Automatically test code (e.g. with PHPUnit, Jest, Pytest)

• 🛠️ Build your app on every push or pull request

• 🚀 Automatically deploy (e.g. to a server, cloud platform, or DockerHub)

• 📦 Create releases (e.g. zip packages or version tags)

• 🔄 Run scheduled tasks (cronjobs)

🧱 How does it work?

GitHub Actions uses workflows, defined in a YAML file inside your repository:

• Typically stored as .github/workflows/ci.yml

• You define events (like push, pull_request) and jobs (like build, test)

• Each job consists of steps, which are shell commands or prebuilt actions

Example: Simple CI Workflow for Node.js

name: CI

on: [push]

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: actions/setup-node@v3
        with:
          node-version: '20'
      - run: npm install
      - run: npm test

🧩 What are "Actions"?

An Action is a single reusable step in a workflow. You can use:

• Prebuilt actions (e.g. actions/checkout, setup-node, upload-artifact)

• Custom actions (e.g. shell scripts or Docker-based logic)

You can explore reusable actions in the GitHub Marketplace.

💡 Why use GitHub Actions?

• Saves time by automating repetitive tasks

• Improves code quality through automated testing

• Enables consistent, repeatable deployments

• Integrated directly in GitHub—no need for external CI tools like Jenkins or Travis CI

Docker Compose is a tool that lets you define and run multi-container Docker applications using a single configuration file. Instead of starting each container manually via the Docker CLI, you can describe all your services (like a web app, database, cache, etc.) in a docker-compose.yml file and run everything with a single command.

In short:

Docker Compose = Project config + Multiple containers + One command to run it all

Example: docker-compose.yml

version: '3.9'
services:
  web:
    build: .
    ports:
      - "5000:5000"
    volumes:
      - .:/code
  redis:
    image: "redis:alpine"

This file:

• Builds and runs a local web app container

• Starts a Redis container from the official image

• Automatically networks the two containers

Common Commands:

docker-compose up        # Start all services in the foreground
docker-compose up -d     # Start in detached (background) mode
docker-compose down      # Stop and remove containers, networks, etc.

Benefits of Docker Compose:

✅ Easy setup for multi-service applications
✅ Version-controlled config (great for Git)
✅ Reproducible development environments
✅ Simple startup/shutdown of entire stacks

Typical Use Cases:

• Local development with multiple services (e.g., web app + DB)

• Integration testing with full stack

• Simple deployment workflows (e.g., via CI/CD)

A Headless CMS (Content Management System) is a system where the backend (content management) is completely separated from the frontend (content presentation).

In detail:

Traditional CMS (e.g., WordPress):

• Backend and frontend are tightly coupled.

• You create content in the system and it's rendered directly using built-in themes and templates with HTML.

• Pros: All-in-one solution, quick to get started.

• Cons: Limited flexibility, harder to deliver content across multiple platforms (e.g., website + mobile app).

Headless CMS:

• Backend only.

• Content is accessed via an API (usually REST or GraphQL).

• The frontend (e.g., a React site, native app, or digital signage) fetches the content dynamically.

• Pros: Very flexible, ideal for multi-channel content delivery.

• Cons: Frontend must be built separately (requires more development effort).

Common use cases:

• Websites built with modern JavaScript frameworks (like React, Next.js, Vue)

• Mobile apps that use the same content as the website

• Omnichannel strategies: website, app, smart devices, etc.

Examples of Headless CMS platforms:

• Contentful

• Strapi

• Sanity

• Directus

• Prismic

• Storyblok (a hybrid with visual editing capabilities)

Storyblok is a user-friendly, headless Content Management System (CMS) that helps developers and marketing teams create, manage, and publish content quickly and efficiently. It offers a visual editing interface for real-time content design and is flexible with various frameworks and platforms. Its API-first architecture allows content to be delivered to any digital platform, making it ideal for modern web and app development.