Battle tested API design - Laracon EU Online

Transcript

1. Ba#le tested API design Laracon EU Online 2020

2. Johannes Pichler • Web Developer since 2006 • PHP, .NET,

   Java • working @ karriere.at

3. Agenda • API design • Implemen/ng an API in Laravel

4. None

5. API Design

6. Steps for building your API Design • Requirements & Planning

   • Implementa4on • Verifica4on & Maintenance

7. Requirements & Planning

8. Consider the client(s)

9. Rou$ng • based on resources • use standard HTTP methods

   • be as explicit as possible

10. Rou$ng GET: /todos GET: /todos/{id} POST: /todos PUT: /todos/{id} DELETE:

    /todos/{id}

11. Rou$ng - API Versioning • frequency of endpoint changes •

    handling of breaking changes • use seman8c versioning • use only major version in URLs

12. Response format • no custom response format • use a

    defined standard • JSON:API • HAL

13. Authoriza*on • use specific client tokens • add access tokens

    for sensi3ve endpoints

14. API Specifica,on • use an API client like Stoplight Studio

    or Postman • define your endpoints with edge cases • make your specifica;on testable

15. Implemen'ng an API in Laravel

16. Verifica(on & Maintenance

17. Verifica(on • it's all about metrics • have useful error

    logging in place • verify your assump7ons during development

18. Maintenance • be careful with breaking changes • s3ck to

    seman3c versioning • keep your API specifica3on up to date

19. Summary

20. Resources • h#ps:/ /github.com/fetzi/laracon-api-design • h#ps:/ /jsonapi.org/

21. THANKS @fetzi_io