Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
API platform and how to use it
Search
Evgeny Smirnov
May 30, 2022
Programming
0
95
API platform and how to use it
A brief introduction to API platform (Symfony) for 4xxi developers.
Evgeny Smirnov
May 30, 2022
Tweet
Share
More Decks by Evgeny Smirnov
See All by Evgeny Smirnov
An overview of the self-determination theory in psychology
smirik
0
28
Secure your application data using Symfony
smirik
0
3.5k
A machine learning approach in the dynamics of asteroids
smirik
0
23
Mean motion resonances in the main belt
smirik
0
24
Other Decks in Programming
See All in Programming
Kotlin エンジニアへ送る:Swift 案件に参加させられる日に備えて~似てるけど色々違う Swift の仕様 / from Kotlin to Swift
lovee
1
260
0626 Findy Product Manager LT Night_高田スライド_speaker deck用
mana_takada
0
130
Create a website using Spatial Web
akkeylab
0
310
ふつうの技術スタックでアート作品を作ってみる
akira888
0
190
Go1.25からのGOMAXPROCS
kuro_kurorrr
1
820
AWS CDKの推しポイント 〜CloudFormationと比較してみた〜
akihisaikeda
3
320
ニーリーにおけるプロダクトエンジニア
nealle
0
620
システム成長を止めない!本番無停止テーブル移行の全貌
sakawe_ee
1
150
なぜ「共通化」を考え、失敗を繰り返すのか
rinchoku
1
590
既存デザインを変更せずにタップ領域を広げる方法
tahia910
1
240
Cline指示通りに動かない? AI小説エージェントで学ぶ指示書の書き方と自動アップデートの仕組み
kamomeashizawa
1
580
XP, Testing and ninja testing
m_seki
3
210
Featured
See All Featured
Speed Design
sergeychernyshev
32
1k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
1.8k
Done Done
chrislema
184
16k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
15
1.5k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
229
22k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
130
19k
The Power of CSS Pseudo Elements
geoffreycrofte
77
5.8k
The Cult of Friendly URLs
andyhume
79
6.5k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
[RailsConf 2023] Rails as a piece of cake
palkan
55
5.6k
The Cost Of JavaScript in 2023
addyosmani
51
8.5k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
53k
Transcript
Evgeny Smirnov and how to use ( fi rst look)
+ Why?
+
+
+ What’s inside?
+ Out of the box “CRUD, data validation, pagination, fi
ltering, sorting, json/hydra, GraphQL, swagger, CORS, OWASP inside…”
+ Follow best practice because you can’t do otherwise
+ Getting started 1. Official “Getting started” guide 2. SymfonyCast:
RESTful APIs and API Platform guides 3. StackOverflow
+ Installation Dockerised distribution (check symfony version) or through
symfony
+ Why?
+
+ Custom business logic for any writing action — DataPersisters*
* use decorator pattern
+ final class UserQuizDataPersister implements ContextAwareDataPersisterInterface { private $decorated; private
$security; … public function persist($data, array $context = []) { if (is_null($data->getUser())) { $user = $this->security->getUser(); $data->setUser($user); } $result = $this->decorated->persist($data, $context); return $result; } public function remove($data, array $context = []) { return $this->decorated->remove($data, $context); } } Data Persisters
+ Data Providers Here should be an example but I
have not used providers…
+ Custom action for an action of a resource —
Action Controller
+ #[AsController] class SkipUserQuestion extends AbstractController { public function __invoke(UserQuestion
$data): UserQuestion { $data->setStatus(UserQuestion::STATUS_SKIPPED); return $data; } } Pseudo Controllers
+ Various input and output data for the same model
— DataTransformer and DTO
+ public function transform($data, string $to, array $context = [])
{ $resetPasswordRequest = new ResetPasswordRequest(); $user = $this->userRepository->findOneByEmail($data->getEmail()); $resetPasswordRequest->setUser($user); $now = new \DateTimeImmutable(); $expiredAt = new \DateTimeImmutable('+1 hour'); $resetPasswordRequest->setRequestedAt($now); $resetPasswordRequest->setExpiresAt($expiredAt); return $resetPasswordRequest; } Data Transformers
+ final class ResetPasswordRequestInput { #[Groups(['resetPasswordRequest:create', 'resetPasswordRequest:read'])] #[Assert\NotBlank(groups: ['validation:create'])] #[Assert\Email()]
private $email; public function getEmail(): ?string { return $this->email; } public function setEmail(string $email): self { $this->email = $email; return $this; } } DTOs
+ … and much more: EventListeners, Subscribers, Filters, async …
+ Useful add ons ✅ JWT through LexikJWTAuthenticationBundle ✅ JWT
refresh tokens GesdinetJWTRefreshTokenBundle ❌ Complete sign up / sign in ❌ Role based API versions
+ Disambiguous?
+ PATCH /entity/{id} or PUT /entity/{id}/{custom-action}
+ GET /entity/{id}/?{subentity}=% or GET /entity/{id}/{subentity}
+ Action-Controller or DataPersister for custom writing logic?
+ 4-5 extra classes (DTOs, Transformers, etc.) or Custom controller
outside of API Platform* * and extra classes for OpenAPI docs…
+ Too many ways how to perform a regular action
+ Good for RESTful APIs with regular customisations Bad for
custom APIs
+
+
+