Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
API platform and how to use it
Search
Evgeny Smirnov
May 30, 2022
Programming
0
89
API platform and how to use it
A brief introduction to API platform (Symfony) for 4xxi developers.
Evgeny Smirnov
May 30, 2022
Tweet
Share
More Decks by Evgeny Smirnov
See All by Evgeny Smirnov
An overview of the self-determination theory in psychology
smirik
0
19
Secure your application data using Symfony
smirik
0
3.4k
A machine learning approach in the dynamics of asteroids
smirik
0
17
Mean motion resonances in the main belt
smirik
0
21
Other Decks in Programming
See All in Programming
macOS でできる リアルタイム動画像処理
biacco42
3
1.4k
Webの技術スタックで マルチプラットフォームアプリ開発を可能にするElixirDesktopの紹介
thehaigo
2
880
Snowflake x dbtで作るセキュアでアジャイルなデータ基盤
tsoshiro
2
420
アジャイルを支えるテストアーキテクチャ設計/Test Architecting for Agile
goyoki
7
2.7k
生成 AI を活用した toitta 切片分類機能の裏側 / Inside toitta's AI-Based Factoid Clustering
pokutuna
0
560
Vaporモードを大規模サービスに最速導入して学びを共有する
kazukishimamoto
4
4.3k
Kotlin2でdataクラスの copyメソッドを禁止する/Data class copy function to have the same visibility as constructor
eichisanden
1
110
Why Spring Matters to Jakarta EE - and Vice Versa
ivargrimstad
0
930
PHP でアセンブリ言語のように書く技術
memory1994
PRO
1
150
Content Security Policy入門 セキュリティ設定と 違反レポートのはじめ方 / Introduction to Content Security Policy Getting Started with Security Configuration and Violation Reporting
uskey512
1
420
シールドクラスをはじめよう / Getting Started with Sealed Classes
mackey0225
3
390
CPython 인터프리터 구조 파헤치기 - PyCon Korea 24
kennethanceyer
0
240
Featured
See All Featured
RailsConf 2023
tenderlove
29
880
Raft: Consensus for Rubyists
vanstee
136
6.6k
Music & Morning Musume
bryan
46
6.1k
We Have a Design System, Now What?
morganepeng
50
7.2k
Designing for Performance
lara
604
68k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.1k
Imperfection Machines: The Place of Print at Facebook
scottboms
264
13k
BBQ
matthewcrist
85
9.3k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
126
18k
GraphQLの誤解/rethinking-graphql
sonatard
66
9.9k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
328
21k
Keith and Marios Guide to Fast Websites
keithpitt
408
22k
Transcript
Evgeny Smirnov and how to use ( fi rst look)
+ Why?
+
+
+ What’s inside?
+ Out of the box “CRUD, data validation, pagination, fi
ltering, sorting, json/hydra, GraphQL, swagger, CORS, OWASP inside…”
+ Follow best practice because you can’t do otherwise
+ Getting started 1. Official “Getting started” guide 2. SymfonyCast:
RESTful APIs and API Platform guides 3. StackOverflow
+ Installation Dockerised distribution (check symfony version) or through
symfony
+ Why?
+
+ Custom business logic for any writing action — DataPersisters*
* use decorator pattern
+ final class UserQuizDataPersister implements ContextAwareDataPersisterInterface { private $decorated; private
$security; … public function persist($data, array $context = []) { if (is_null($data->getUser())) { $user = $this->security->getUser(); $data->setUser($user); } $result = $this->decorated->persist($data, $context); return $result; } public function remove($data, array $context = []) { return $this->decorated->remove($data, $context); } } Data Persisters
+ Data Providers Here should be an example but I
have not used providers…
+ Custom action for an action of a resource —
Action Controller
+ #[AsController] class SkipUserQuestion extends AbstractController { public function __invoke(UserQuestion
$data): UserQuestion { $data->setStatus(UserQuestion::STATUS_SKIPPED); return $data; } } Pseudo Controllers
+ Various input and output data for the same model
— DataTransformer and DTO
+ public function transform($data, string $to, array $context = [])
{ $resetPasswordRequest = new ResetPasswordRequest(); $user = $this->userRepository->findOneByEmail($data->getEmail()); $resetPasswordRequest->setUser($user); $now = new \DateTimeImmutable(); $expiredAt = new \DateTimeImmutable('+1 hour'); $resetPasswordRequest->setRequestedAt($now); $resetPasswordRequest->setExpiresAt($expiredAt); return $resetPasswordRequest; } Data Transformers
+ final class ResetPasswordRequestInput { #[Groups(['resetPasswordRequest:create', 'resetPasswordRequest:read'])] #[Assert\NotBlank(groups: ['validation:create'])] #[Assert\Email()]
private $email; public function getEmail(): ?string { return $this->email; } public function setEmail(string $email): self { $this->email = $email; return $this; } } DTOs
+ … and much more: EventListeners, Subscribers, Filters, async …
+ Useful add ons ✅ JWT through LexikJWTAuthenticationBundle ✅ JWT
refresh tokens GesdinetJWTRefreshTokenBundle ❌ Complete sign up / sign in ❌ Role based API versions
+ Disambiguous?
+ PATCH /entity/{id} or PUT /entity/{id}/{custom-action}
+ GET /entity/{id}/?{subentity}=% or GET /entity/{id}/{subentity}
+ Action-Controller or DataPersister for custom writing logic?
+ 4-5 extra classes (DTOs, Transformers, etc.) or Custom controller
outside of API Platform* * and extra classes for OpenAPI docs…
+ Too many ways how to perform a regular action
+ Good for RESTful APIs with regular customisations Bad for
custom APIs
+
+
+