Battle tested API design - Laracon EU Online

Battle tested API design - Laracon EU Online

E44317a06f6ff5fec214d3f54f7ba432?s=128

Johannes Pichler

May 20, 2020
Tweet

Transcript

  1. Ba#le tested API design Laracon EU Online 2020

  2. Johannes Pichler • Web Developer since 2006 • PHP, .NET,

    Java • working @ karriere.at
  3. Agenda • API design • Implemen/ng an API in Laravel

  4. None
  5. API Design

  6. Steps for building your API Design • Requirements & Planning

    • Implementa4on • Verifica4on & Maintenance
  7. Requirements & Planning

  8. Consider the client(s)

  9. Rou$ng • based on resources • use standard HTTP methods

    • be as explicit as possible
  10. Rou$ng GET: /todos GET: /todos/{id} POST: /todos PUT: /todos/{id} DELETE:

    /todos/{id}
  11. Rou$ng - API Versioning • frequency of endpoint changes •

    handling of breaking changes • use seman8c versioning • use only major version in URLs
  12. Response format • no custom response format • use a

    defined standard • JSON:API • HAL
  13. Authoriza*on • use specific client tokens • add access tokens

    for sensi3ve endpoints
  14. API Specifica,on • use an API client like Stoplight Studio

    or Postman • define your endpoints with edge cases • make your specifica;on testable
  15. Implemen'ng an API in Laravel

  16. Verifica(on & Maintenance

  17. Verifica(on • it's all about metrics • have useful error

    logging in place • verify your assump7ons during development
  18. Maintenance • be careful with breaking changes • s3ck to

    seman3c versioning • keep your API specifica3on up to date
  19. Summary

  20. Resources • h#ps:/ /github.com/fetzi/laracon-api-design • h#ps:/ /jsonapi.org/

  21. THANKS @fetzi_io