Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
API platform and how to use it
Search
Evgeny Smirnov
May 30, 2022
Programming
0
92
API platform and how to use it
A brief introduction to API platform (Symfony) for 4xxi developers.
Evgeny Smirnov
May 30, 2022
Tweet
Share
More Decks by Evgeny Smirnov
See All by Evgeny Smirnov
An overview of the self-determination theory in psychology
smirik
0
23
Secure your application data using Symfony
smirik
0
3.4k
A machine learning approach in the dynamics of asteroids
smirik
0
18
Mean motion resonances in the main belt
smirik
0
22
Other Decks in Programming
See All in Programming
Chrome Extension Techniques from Hell
moznion
1
160
状態と共に暮らす:ステートフルへの挑戦
ypresto
1
680
Optimizing JRuby 10
headius
0
350
Amazon CloudWatchの地味だけど強力な機能紹介!
itotsum
0
170
PHPバージョンアップから始めるOSSコントリビュート / how2oss-contribute
dmnlk
1
1.1k
The Implementations of Advanced LR Parser Algorithm
junk0612
1
330
AI Agents with JavaScript
slobodan
0
250
AI Coding Agent Enablement - エージェントを自走させよう
yukukotani
14
6.1k
地域ITコミュニティの活性化とAWSに移行してみた話
yuukis
0
240
メモリウォールを超えて:キャッシュメモリ技術の進歩
kawayu
0
1.9k
サービスクラスのありがたみを発見したときの思い出 #phpcon_odawara
77web
4
680
Fiber Scheduler vs. General-Purpose Parallel Client
hayaokimura
1
110
Featured
See All Featured
Building Adaptive Systems
keathley
41
2.5k
BBQ
matthewcrist
88
9.6k
The World Runs on Bad Software
bkeepers
PRO
67
11k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
How to Ace a Technical Interview
jacobian
276
23k
The Art of Programming - Codeland 2020
erikaheidi
53
13k
Bash Introduction
62gerente
611
210k
How STYLIGHT went responsive
nonsquared
99
5.5k
Being A Developer After 40
akosma
91
590k
Product Roadmaps are Hard
iamctodd
PRO
52
11k
The Cult of Friendly URLs
andyhume
78
6.3k
Mobile First: as difficult as doing things right
swwweet
223
9.6k
Transcript
Evgeny Smirnov and how to use ( fi rst look)
+ Why?
+
+
+ What’s inside?
+ Out of the box “CRUD, data validation, pagination, fi
ltering, sorting, json/hydra, GraphQL, swagger, CORS, OWASP inside…”
+ Follow best practice because you can’t do otherwise
+ Getting started 1. Official “Getting started” guide 2. SymfonyCast:
RESTful APIs and API Platform guides 3. StackOverflow
+ Installation Dockerised distribution (check symfony version) or through
symfony
+ Why?
+
+ Custom business logic for any writing action — DataPersisters*
* use decorator pattern
+ final class UserQuizDataPersister implements ContextAwareDataPersisterInterface { private $decorated; private
$security; … public function persist($data, array $context = []) { if (is_null($data->getUser())) { $user = $this->security->getUser(); $data->setUser($user); } $result = $this->decorated->persist($data, $context); return $result; } public function remove($data, array $context = []) { return $this->decorated->remove($data, $context); } } Data Persisters
+ Data Providers Here should be an example but I
have not used providers…
+ Custom action for an action of a resource —
Action Controller
+ #[AsController] class SkipUserQuestion extends AbstractController { public function __invoke(UserQuestion
$data): UserQuestion { $data->setStatus(UserQuestion::STATUS_SKIPPED); return $data; } } Pseudo Controllers
+ Various input and output data for the same model
— DataTransformer and DTO
+ public function transform($data, string $to, array $context = [])
{ $resetPasswordRequest = new ResetPasswordRequest(); $user = $this->userRepository->findOneByEmail($data->getEmail()); $resetPasswordRequest->setUser($user); $now = new \DateTimeImmutable(); $expiredAt = new \DateTimeImmutable('+1 hour'); $resetPasswordRequest->setRequestedAt($now); $resetPasswordRequest->setExpiresAt($expiredAt); return $resetPasswordRequest; } Data Transformers
+ final class ResetPasswordRequestInput { #[Groups(['resetPasswordRequest:create', 'resetPasswordRequest:read'])] #[Assert\NotBlank(groups: ['validation:create'])] #[Assert\Email()]
private $email; public function getEmail(): ?string { return $this->email; } public function setEmail(string $email): self { $this->email = $email; return $this; } } DTOs
+ … and much more: EventListeners, Subscribers, Filters, async …
+ Useful add ons ✅ JWT through LexikJWTAuthenticationBundle ✅ JWT
refresh tokens GesdinetJWTRefreshTokenBundle ❌ Complete sign up / sign in ❌ Role based API versions
+ Disambiguous?
+ PATCH /entity/{id} or PUT /entity/{id}/{custom-action}
+ GET /entity/{id}/?{subentity}=% or GET /entity/{id}/{subentity}
+ Action-Controller or DataPersister for custom writing logic?
+ 4-5 extra classes (DTOs, Transformers, etc.) or Custom controller
outside of API Platform* * and extra classes for OpenAPI docs…
+ Too many ways how to perform a regular action
+ Good for RESTful APIs with regular customisations Bad for
custom APIs
+
+
+