Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
API platform and how to use it
Search
Evgeny Smirnov
May 30, 2022
Programming
0
97
API platform and how to use it
A brief introduction to API platform (Symfony) for 4xxi developers.
Evgeny Smirnov
May 30, 2022
Tweet
Share
More Decks by Evgeny Smirnov
See All by Evgeny Smirnov
An overview of the self-determination theory in psychology
smirik
0
35
Secure your application data using Symfony
smirik
0
3.5k
A machine learning approach in the dynamics of asteroids
smirik
0
24
Mean motion resonances in the main belt
smirik
0
30
Other Decks in Programming
See All in Programming
CJK and Unicode From a PHP Committer
youkidearitai
PRO
0
110
Android端末で実現するオンデバイスLLM 2025
masayukisuda
1
170
「手軽で便利」に潜む罠。 Popover API を WCAG 2.2の視点で安全に使うには
taitotnk
0
870
Introducing ReActionView: A new ActionView-compatible ERB Engine @ Rails World 2025, Amsterdam
marcoroth
0
710
AI時代のUIはどこへ行く?
yusukebe
18
9.1k
ユーザーも開発者も悩ませない TV アプリ開発 ~Compose の内部実装から学ぶフォーカス制御~
taked137
0
190
機能追加とリーダー業務の類似性
rinchoku
2
1.3k
アルテニア コンサル/ITエンジニア向け 採用ピッチ資料
altenir
0
110
testingを眺める
matumoto
1
140
意外と簡単!?フロントエンドでパスキー認証を実現する WebAuthn
teamlab
PRO
2
770
Namespace and Its Future
tagomoris
6
710
楽して成果を出すためのセルフリソース管理
clipnote
0
190
Featured
See All Featured
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
15k
Designing for Performance
lara
610
69k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
285
14k
Keith and Marios Guide to Fast Websites
keithpitt
411
22k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.4k
Making the Leap to Tech Lead
cromwellryan
135
9.5k
Typedesign – Prime Four
hannesfritz
42
2.8k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
PRO
23
1.4k
Intergalactic Javascript Robots from Outer Space
tanoku
272
27k
Scaling GitHub
holman
463
140k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
1.6k
Navigating Team Friction
lara
189
15k
Transcript
Evgeny Smirnov and how to use ( fi rst look)
+ Why?
+
+
+ What’s inside?
+ Out of the box “CRUD, data validation, pagination, fi
ltering, sorting, json/hydra, GraphQL, swagger, CORS, OWASP inside…”
+ Follow best practice because you can’t do otherwise
+ Getting started 1. Official “Getting started” guide 2. SymfonyCast:
RESTful APIs and API Platform guides 3. StackOverflow
+ Installation Dockerised distribution (check symfony version) or through
symfony
+ Why?
+
+ Custom business logic for any writing action — DataPersisters*
* use decorator pattern
+ final class UserQuizDataPersister implements ContextAwareDataPersisterInterface { private $decorated; private
$security; … public function persist($data, array $context = []) { if (is_null($data->getUser())) { $user = $this->security->getUser(); $data->setUser($user); } $result = $this->decorated->persist($data, $context); return $result; } public function remove($data, array $context = []) { return $this->decorated->remove($data, $context); } } Data Persisters
+ Data Providers Here should be an example but I
have not used providers…
+ Custom action for an action of a resource —
Action Controller
+ #[AsController] class SkipUserQuestion extends AbstractController { public function __invoke(UserQuestion
$data): UserQuestion { $data->setStatus(UserQuestion::STATUS_SKIPPED); return $data; } } Pseudo Controllers
+ Various input and output data for the same model
— DataTransformer and DTO
+ public function transform($data, string $to, array $context = [])
{ $resetPasswordRequest = new ResetPasswordRequest(); $user = $this->userRepository->findOneByEmail($data->getEmail()); $resetPasswordRequest->setUser($user); $now = new \DateTimeImmutable(); $expiredAt = new \DateTimeImmutable('+1 hour'); $resetPasswordRequest->setRequestedAt($now); $resetPasswordRequest->setExpiresAt($expiredAt); return $resetPasswordRequest; } Data Transformers
+ final class ResetPasswordRequestInput { #[Groups(['resetPasswordRequest:create', 'resetPasswordRequest:read'])] #[Assert\NotBlank(groups: ['validation:create'])] #[Assert\Email()]
private $email; public function getEmail(): ?string { return $this->email; } public function setEmail(string $email): self { $this->email = $email; return $this; } } DTOs
+ … and much more: EventListeners, Subscribers, Filters, async …
+ Useful add ons ✅ JWT through LexikJWTAuthenticationBundle ✅ JWT
refresh tokens GesdinetJWTRefreshTokenBundle ❌ Complete sign up / sign in ❌ Role based API versions
+ Disambiguous?
+ PATCH /entity/{id} or PUT /entity/{id}/{custom-action}
+ GET /entity/{id}/?{subentity}=% or GET /entity/{id}/{subentity}
+ Action-Controller or DataPersister for custom writing logic?
+ 4-5 extra classes (DTOs, Transformers, etc.) or Custom controller
outside of API Platform* * and extra classes for OpenAPI docs…
+ Too many ways how to perform a regular action
+ Good for RESTful APIs with regular customisations Bad for
custom APIs
+
+
+