Battle tested API design - Laracon EU Online

Transcript

1. 1.

   Ba#le tested API design Laracon EU Online 2020

2. 2.

   Johannes Pichler • Web Developer since 2006 • PHP, .NET,

   Java • working @ karriere.at
3. 3.

   Agenda • API design • Implemen/ng an API in Laravel

4. 4.

   None
5. 5.

   API Design

6. 6.

   Steps for building your API Design • Requirements & Planning

   • Implementa4on • Verifica4on & Maintenance
7. 7.

   Requirements & Planning

8. 8.

   Consider the client(s)

9. 9.

   Rou$ng • based on resources • use standard HTTP methods

   • be as explicit as possible
10. 10.

    Rou$ng GET: /todos GET: /todos/{id} POST: /todos PUT: /todos/{id} DELETE:

    /todos/{id}
11. 11.

    Rou$ng - API Versioning • frequency of endpoint changes •

    handling of breaking changes • use seman8c versioning • use only major version in URLs
12. 12.

    Response format • no custom response format • use a

    defined standard • JSON:API • HAL
13. 13.

    Authoriza*on • use specific client tokens • add access tokens

    for sensi3ve endpoints
14. 14.

    API Specifica,on • use an API client like Stoplight Studio

    or Postman • define your endpoints with edge cases • make your specifica;on testable
15. 15.

    Implemen'ng an API in Laravel

16. 16.

    Verifica(on & Maintenance

17. 17.

    Verifica(on • it's all about metrics • have useful error

    logging in place • verify your assump7ons during development
18. 18.

    Maintenance • be careful with breaking changes • s3ck to

    seman3c versioning • keep your API specifica3on up to date
19. 19.

    Summary

20. 20.

    Resources • h#ps:/ /github.com/fetzi/laracon-api-design • h#ps:/ /jsonapi.org/

21. 21.

    THANKS @fetzi_io