Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Leçon numéro 139, API Platform ce n'est bon qu'a faire un POC, FAUX !

Leçon numéro 139, API Platform ce n'est bon qu'a faire un POC, FAUX !

La première chose qui est mise en avant avec API Platform c'est la capacité de faire du développement rapide d'application. C'est vrai. Ça ne signifie pas pour autant qu'il est impossible de réaliser une application complexe avec une séparation de la couche métier et de l'API publique. Voyons ensemble les mécanismes avancés d'API Platform et les outils qui en feront votre framework API en PHP.

B473bd9d058c922e08d57f39a4a861db?s=128

Grégoire Hébert

March 01, 2019
Tweet

Transcript

  1. Leçon n°139, API-Platform Ce n’est bon qu’à faire un POC

    ! Faux !
  2. Grégoire Hébert ‣Senior Developper & Trainer @ Les-Tilleuls.coop ‣CEO of

    MasterClass by Les-Tilleuls.coop @gheb_dev @gregoirehebert
  3. Self Managed since 2011 35 people, + 1000% in 6

    years jobs@les-tilleuls.coop 13 full courses & custom courses masterclass@les-tilleuls.coop
  4. R.A.D.

  5. None
  6. None
  7. None
  8. None
  9. None
  10. R.A.D.

  11. Let’s see why it’s worth it!

  12. Richardson’s Maturity Chart Graphql I see you…

  13. LvL 0: Always the same URL in POST with a

    200 return status code. POST: /api
  14. Richardson’s Maturity Chart

  15. LvL 1: Each type of data has its own URL.

    POST: /books POST: /customers
  16. Richardson’s Maturity Chart

  17. LvL 2: We use specific verbs for specific actions with

    status codes according to the result. GET: /books POST: /books PUT: /books/12
  18. Richardson’s Maturity Chart

  19. LvL 3: Hateoas - Hypermedia As The Engine Of Application

    State. We add links to describe how to get to the information in the answer. { "@context": { "comments": "http://api.example.com/vocab#comments" }, "@id": "http://api.example.com/an-issue", "title": "An exemplary issue linking to its comments", "comments": { "@id": "http://api.example.com/an-issue/comments" } }
  20. None
  21. V1 - DunglasJsonLdApiBundle Mars 2015

  22. V1 - DunglasJsonLdApiBundle Mars 2015 Juin 2015 Dedicated Website

  23. V1 - DunglasJsonLdApiBundle Mars 2015 Juin 2015 Dedicated Website

  24. V1 - DunglasJsonLdApiBundle Mars 2015 Juin 2015 Dedicated Website

  25. V1 - DunglasJsonLdApiBundle Mars 2015 Juin 2015 Dedicated Website Septembre

    2015 V2 Annonced
  26. V1 - DunglasJsonLdApiBundle Mars 2015 Juin 2015 Dedicated Website Septembre

    2015 V2 Announced Mai 2016 V2 Alpha Available
  27. Septembre 2015 V2 Announced Mai 2016 V2 Alpha Available

  28. Septembre 2015 V2 Announced Mai 2016 V2 Alpha Available January

    2017 V2 Stable Available
  29. Septembre 2015 V2 Announced Mai 2016 V2 Alpha Available January

    2017 V2 Stable Available
  30. Septembre 2015 V2 Announced Mai 2016 V2 Alpha Available January

    2017 V2 Stable Available
  31. Septembre 2015 V2 Announced Mai 2016 V2 Alpha Available January

    2017 V2 Stable Available V2.2 February 2018
  32. Septembre 2015 V2 Announced Mai 2016 V2 Alpha Available January

    2017 V2 Stable Available V2.2 February 2018
  33. Septembre 2015 V2 Announced Mai 2016 V2 Alpha Available January

    2017 V2 Stable Available V2.2 February 2018
  34. Septembre 2015 V2 Announced Mai 2016 V2 Alpha Available January

    2017 V2 Stable Available V2.2 February 2018
  35. Septembre 2015 V2 Announced Mai 2016 V2 Alpha Available January

    2017 V2 Stable Available February 2018 V2.2 February 2019 V2.4 (beta2)
  36. Septembre 2015 V2 Announced Mai 2016 V2 Alpha Available January

    2017 V2 Stable Available February 2018 V2.2 February 2019 V2.4
  37. Septembre 2015 V2 Announced Mai 2016 V2 Alpha Available January

    2017 V2 Stable Available February 2018 V2.2 February 2019 V2.4
  38. Septembre 2015 V2 Announced Mai 2016 V2 Alpha Available January

    2017 V2 Stable Available February 2018 V2.2 February 2019 V2.4
  39. First ApiResource

  40. You’ve got the power

  41. Some attributes

  42. Any Public, Protected, Private property will be accessible through your

    API 
 As long as you define the means to access it ! THANKS TO… ?
  43. Restricting the operations

  44. Restricting the operations

  45. Restricting the operations

  46. Differentiating the expected income and the outcome

  47. Source: https://symfony.com/doc/current/components/serializer.html

  48. Differentiating the expected income and the outcome

  49. ORM mapping

  50. None
  51. R.A.D.

  52. Ok, but not everything is about CRUD or REST !

  53. None
  54. Activate Mercure for a resource

  55. None
  56. None
  57. source: Samuel Roze « Symfony Messenger: Messages, Queues, Workers and

    More »
  58. Activate messenger for a resource

  59. Defining a Handler

  60. None
  61. Configuring Messenger component

  62. None
  63. None
  64. None
  65. None
  66. None
  67. Going Further

  68. None
  69. None
  70. Defining states constants

  71. Configuration using constants

  72. Configuration using constants

  73. How to get for any resource a way to update

    the state ?
  74. Leverage the extensibility of 
 API Platform

  75. Decorating the ResourceMetadataFactory

  76. Inject the supported resources

  77. Decorating the OperationPathResolver

  78. Change the state on post deserialize

  79. Change the state on post deserialize

  80. I get a new operation to update the state

  81. Going Further (again)

  82. Let’s consider we have Holder resource
 which is used as

    a User, with a JWT Authentication
  83. Reverse side Linking a WaitingLine to a Holder

  84. What if I want to set/remove ownership right after the

    change of state 
 with API Platform?
  85. YOU DON’T.

  86. Setting the ownership

  87. Don’t forget to leverage the power of the Symfony components

    you use. They are highly tested !
  88. A little demo maybe?

  89. Going Further (again, again)
 promised, this is the last time

  90. Sometimes, you need to split up your code. Let’s imagine

    a password request scenario
  91. None
  92. None
  93. Get a resource

  94. Get a resource

  95. Create a resource

  96. Create a resource

  97. Source: https://symfony.com/doc/current/components/serializer.html

  98. None
  99. None
  100. Setting RabbitMQ as transporter

  101. Setting reset routes accessible anonymously

  102. Creating the resource

  103. Set messenger

  104. Define the reset request operation, input and output

  105. Define the reset operation

  106. Define the input class

  107. I can now reset my password

  108. Create a resource Output is set to false, nothing to

    do We need to create the transformers
  109. Transform the post input into a ressource

  110. Maybe using the incoming AutoMapper there?

  111. Encode the new password on PUT request

  112. None
  113. Create the Handler

  114. Handle the token creation

  115. Handle the password update and remove the token

  116. Add a custom constraint to check the expiration

  117. You’ve got a fully decoupled reset password procedure !

  118. Spice all this with your favorites Testing frameworks

  119. Plug-in your favorite CI / CD system

  120. And you’ve got a robust API For middle to large

    applications
  121. THANK YOU ! I am so thirsty right now… But

    if you’ve got any question I can make an effort :)