Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
API platform and how to use it
Search
Evgeny Smirnov
May 30, 2022
Programming
0
89
API platform and how to use it
A brief introduction to API platform (Symfony) for 4xxi developers.
Evgeny Smirnov
May 30, 2022
Tweet
Share
More Decks by Evgeny Smirnov
See All by Evgeny Smirnov
An overview of the self-determination theory in psychology
smirik
0
19
Secure your application data using Symfony
smirik
0
3.3k
A machine learning approach in the dynamics of asteroids
smirik
0
14
Mean motion resonances in the main belt
smirik
0
19
Other Decks in Programming
See All in Programming
Rubyのobject_id
qnighy
6
1.3k
メモリ最適化を究める!iOSアプリ開発における5つの重要なポイント
yhirakawa333
0
410
2024 컴포즈 정원사
jisungbin
0
150
僕が思い描くTypeScriptの未来を勝手に先取りする
yukukotani
9
2.3k
マイグレーションコード自作して File-Based Routing に自動移行!! ~250 ページの歴史的経緯を添えて~
cut0
1
260
オートマトン学習しろ / Do automata learning
makenowjust
3
120
労務ドメインを快適に開発する方法 / How to Comfortably Develop in the Labor Domain
yuki21
1
250
Jakarta EE meets AI
ivargrimstad
0
360
『ドメイン駆動設計をはじめよう』中核の業務領域
masuda220
PRO
5
970
実践!難読化ガイド
mitchan
0
120
仮想ファイルシステムを導入して開発環境のストレージ課題を解消する
segadevtech
2
500
Method Swizzlingを行うライブラリにおけるマルチモジュール設計
yoshikma
0
110
Featured
See All Featured
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
36
1.7k
Faster Mobile Websites
deanohume
304
30k
Bootstrapping a Software Product
garrettdimon
PRO
304
110k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
29
2.6k
A Philosophy of Restraint
colly
202
16k
How to Ace a Technical Interview
jacobian
275
23k
Debugging Ruby Performance
tmm1
72
12k
Automating Front-end Workflow
addyosmani
1365
200k
The World Runs on Bad Software
bkeepers
PRO
64
11k
Web development in the modern age
philhawksworth
204
10k
VelocityConf: Rendering Performance Case Studies
addyosmani
322
23k
GitHub's CSS Performance
jonrohan
1029
450k
Transcript
Evgeny Smirnov and how to use ( fi rst look)
+ Why?
+
+
+ What’s inside?
+ Out of the box “CRUD, data validation, pagination, fi
ltering, sorting, json/hydra, GraphQL, swagger, CORS, OWASP inside…”
+ Follow best practice because you can’t do otherwise
+ Getting started 1. Official “Getting started” guide 2. SymfonyCast:
RESTful APIs and API Platform guides 3. StackOverflow
+ Installation Dockerised distribution (check symfony version) or through
symfony
+ Why?
+
+ Custom business logic for any writing action — DataPersisters*
* use decorator pattern
+ final class UserQuizDataPersister implements ContextAwareDataPersisterInterface { private $decorated; private
$security; … public function persist($data, array $context = []) { if (is_null($data->getUser())) { $user = $this->security->getUser(); $data->setUser($user); } $result = $this->decorated->persist($data, $context); return $result; } public function remove($data, array $context = []) { return $this->decorated->remove($data, $context); } } Data Persisters
+ Data Providers Here should be an example but I
have not used providers…
+ Custom action for an action of a resource —
Action Controller
+ #[AsController] class SkipUserQuestion extends AbstractController { public function __invoke(UserQuestion
$data): UserQuestion { $data->setStatus(UserQuestion::STATUS_SKIPPED); return $data; } } Pseudo Controllers
+ Various input and output data for the same model
— DataTransformer and DTO
+ public function transform($data, string $to, array $context = [])
{ $resetPasswordRequest = new ResetPasswordRequest(); $user = $this->userRepository->findOneByEmail($data->getEmail()); $resetPasswordRequest->setUser($user); $now = new \DateTimeImmutable(); $expiredAt = new \DateTimeImmutable('+1 hour'); $resetPasswordRequest->setRequestedAt($now); $resetPasswordRequest->setExpiresAt($expiredAt); return $resetPasswordRequest; } Data Transformers
+ final class ResetPasswordRequestInput { #[Groups(['resetPasswordRequest:create', 'resetPasswordRequest:read'])] #[Assert\NotBlank(groups: ['validation:create'])] #[Assert\Email()]
private $email; public function getEmail(): ?string { return $this->email; } public function setEmail(string $email): self { $this->email = $email; return $this; } } DTOs
+ … and much more: EventListeners, Subscribers, Filters, async …
+ Useful add ons ✅ JWT through LexikJWTAuthenticationBundle ✅ JWT
refresh tokens GesdinetJWTRefreshTokenBundle ❌ Complete sign up / sign in ❌ Role based API versions
+ Disambiguous?
+ PATCH /entity/{id} or PUT /entity/{id}/{custom-action}
+ GET /entity/{id}/?{subentity}=% or GET /entity/{id}/{subentity}
+ Action-Controller or DataPersister for custom writing logic?
+ 4-5 extra classes (DTOs, Transformers, etc.) or Custom controller
outside of API Platform* * and extra classes for OpenAPI docs…
+ Too many ways how to perform a regular action
+ Good for RESTful APIs with regular customisations Bad for
custom APIs
+
+
+