Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
API platform and how to use it
Search
Evgeny Smirnov
May 30, 2022
Programming
0
89
API platform and how to use it
A brief introduction to API platform (Symfony) for 4xxi developers.
Evgeny Smirnov
May 30, 2022
Tweet
Share
More Decks by Evgeny Smirnov
See All by Evgeny Smirnov
An overview of the self-determination theory in psychology
smirik
0
19
Secure your application data using Symfony
smirik
0
3.4k
A machine learning approach in the dynamics of asteroids
smirik
0
17
Mean motion resonances in the main belt
smirik
0
21
Other Decks in Programming
See All in Programming
どうして僕の作ったクラスが手続き型と言われなきゃいけないんですか
akikogoto
1
120
Arm移行タイムアタック
qnighy
0
330
EMになってからチームの成果を最大化するために取り組んだこと/ Maximize team performance as EM
nashiusagi
0
100
Figma Dev Modeで変わる!Flutterの開発体験
watanave
0
140
見せてあげますよ、「本物のLaravel批判」ってやつを。
77web
7
7.8k
C++でシェーダを書く
fadis
6
4.1k
as(型アサーション)を書く前にできること
marokanatani
10
2.7k
3 Effective Rules for Using Signals in Angular
manfredsteyer
PRO
0
100
LLM生成文章の精度評価自動化とプロンプトチューニングの効率化について
layerx
PRO
2
190
2024/11/8 関西Kaggler会 2024 #3 / Kaggle Kernel で Gemma 2 × vLLM を動かす。
kohecchi
5
930
OnlineTestConf: Test Automation Friend or Foe
maaretp
0
110
ヤプリ新卒SREの オンボーディング
masaki12
0
130
Featured
See All Featured
Product Roadmaps are Hard
iamctodd
PRO
49
11k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
8
900
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
A better future with KSS
kneath
238
17k
A Modern Web Designer's Workflow
chriscoyier
693
190k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
28
2k
Unsuck your backbone
ammeep
668
57k
Mobile First: as difficult as doing things right
swwweet
222
8.9k
Into the Great Unknown - MozCon
thekraken
32
1.5k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
42
9.2k
What's new in Ruby 2.0
geeforr
343
31k
Imperfection Machines: The Place of Print at Facebook
scottboms
265
13k
Transcript
Evgeny Smirnov and how to use ( fi rst look)
+ Why?
+
+
+ What’s inside?
+ Out of the box “CRUD, data validation, pagination, fi
ltering, sorting, json/hydra, GraphQL, swagger, CORS, OWASP inside…”
+ Follow best practice because you can’t do otherwise
+ Getting started 1. Official “Getting started” guide 2. SymfonyCast:
RESTful APIs and API Platform guides 3. StackOverflow
+ Installation Dockerised distribution (check symfony version) or through
symfony
+ Why?
+
+ Custom business logic for any writing action — DataPersisters*
* use decorator pattern
+ final class UserQuizDataPersister implements ContextAwareDataPersisterInterface { private $decorated; private
$security; … public function persist($data, array $context = []) { if (is_null($data->getUser())) { $user = $this->security->getUser(); $data->setUser($user); } $result = $this->decorated->persist($data, $context); return $result; } public function remove($data, array $context = []) { return $this->decorated->remove($data, $context); } } Data Persisters
+ Data Providers Here should be an example but I
have not used providers…
+ Custom action for an action of a resource —
Action Controller
+ #[AsController] class SkipUserQuestion extends AbstractController { public function __invoke(UserQuestion
$data): UserQuestion { $data->setStatus(UserQuestion::STATUS_SKIPPED); return $data; } } Pseudo Controllers
+ Various input and output data for the same model
— DataTransformer and DTO
+ public function transform($data, string $to, array $context = [])
{ $resetPasswordRequest = new ResetPasswordRequest(); $user = $this->userRepository->findOneByEmail($data->getEmail()); $resetPasswordRequest->setUser($user); $now = new \DateTimeImmutable(); $expiredAt = new \DateTimeImmutable('+1 hour'); $resetPasswordRequest->setRequestedAt($now); $resetPasswordRequest->setExpiresAt($expiredAt); return $resetPasswordRequest; } Data Transformers
+ final class ResetPasswordRequestInput { #[Groups(['resetPasswordRequest:create', 'resetPasswordRequest:read'])] #[Assert\NotBlank(groups: ['validation:create'])] #[Assert\Email()]
private $email; public function getEmail(): ?string { return $this->email; } public function setEmail(string $email): self { $this->email = $email; return $this; } } DTOs
+ … and much more: EventListeners, Subscribers, Filters, async …
+ Useful add ons ✅ JWT through LexikJWTAuthenticationBundle ✅ JWT
refresh tokens GesdinetJWTRefreshTokenBundle ❌ Complete sign up / sign in ❌ Role based API versions
+ Disambiguous?
+ PATCH /entity/{id} or PUT /entity/{id}/{custom-action}
+ GET /entity/{id}/?{subentity}=% or GET /entity/{id}/{subentity}
+ Action-Controller or DataPersister for custom writing logic?
+ 4-5 extra classes (DTOs, Transformers, etc.) or Custom controller
outside of API Platform* * and extra classes for OpenAPI docs…
+ Too many ways how to perform a regular action
+ Good for RESTful APIs with regular customisations Bad for
custom APIs
+
+
+