Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Leçon numéro 139, API Platform ce n'est bon qu'a faire un POC, FAUX !

Leçon numéro 139, API Platform ce n'est bon qu'a faire un POC, FAUX !

La première chose qui est mise en avant avec API Platform c'est la capacité de faire du développement rapide d'application. C'est vrai. Ça ne signifie pas pour autant qu'il est impossible de réaliser une application complexe avec une séparation de la couche métier et de l'API publique. Voyons ensemble les mécanismes avancés d'API Platform et les outils qui en feront votre framework API en PHP.

Grégoire Hébert

March 01, 2019
Tweet

More Decks by Grégoire Hébert

Other Decks in Programming

Transcript

  1. Leçon n°139, API-Platform
    Ce n’est bon qu’à faire un POC !
    Faux !

    View Slide

  2. Grégoire Hébert
    ‣Senior Developper & Trainer @ Les-Tilleuls.coop
    ‣CEO of MasterClass by Les-Tilleuls.coop
    @gheb_dev
    @gregoirehebert

    View Slide

  3. Self Managed since 2011
    35 people, + 1000% in 6 years
    [email protected]
    13 full courses & custom courses
    [email protected]

    View Slide

  4. R.A.D.

    View Slide

  5. View Slide

  6. View Slide

  7. View Slide

  8. View Slide

  9. View Slide

  10. R.A.D.

    View Slide

  11. Let’s see why it’s worth it!

    View Slide

  12. Richardson’s Maturity Chart
    Graphql I see you…

    View Slide

  13. LvL 0: Always the same URL in POST with a
    200 return status code.
    POST: /api

    View Slide

  14. Richardson’s Maturity Chart

    View Slide

  15. LvL 1: Each type of data has its own URL.
    POST: /books
    POST: /customers

    View Slide

  16. Richardson’s Maturity Chart

    View Slide

  17. LvL 2: We use specific verbs for specific
    actions with status codes according to the
    result.
    GET: /books
    POST: /books
    PUT: /books/12

    View Slide

  18. Richardson’s Maturity Chart

    View Slide

  19. LvL 3: Hateoas - Hypermedia As The Engine
    Of Application State. We add links to describe
    how to get to the information in the answer.
    {
    "@context": {
    "comments": "http://api.example.com/vocab#comments"
    },
    "@id": "http://api.example.com/an-issue",
    "title": "An exemplary issue linking to its comments",
    "comments": { "@id": "http://api.example.com/an-issue/comments" }
    }

    View Slide

  20. View Slide

  21. V1 - DunglasJsonLdApiBundle
    Mars 2015

    View Slide

  22. V1 - DunglasJsonLdApiBundle
    Mars 2015
    Juin 2015 Dedicated Website

    View Slide

  23. V1 - DunglasJsonLdApiBundle
    Mars 2015
    Juin 2015 Dedicated Website

    View Slide

  24. V1 - DunglasJsonLdApiBundle
    Mars 2015
    Juin 2015 Dedicated Website

    View Slide

  25. V1 - DunglasJsonLdApiBundle
    Mars 2015
    Juin 2015 Dedicated Website
    Septembre 2015 V2 Annonced

    View Slide

  26. V1 - DunglasJsonLdApiBundle
    Mars 2015
    Juin 2015 Dedicated Website
    Septembre 2015 V2 Announced
    Mai 2016 V2 Alpha Available

    View Slide

  27. Septembre 2015 V2 Announced
    Mai 2016 V2 Alpha Available

    View Slide

  28. Septembre 2015 V2 Announced
    Mai 2016 V2 Alpha Available
    January 2017 V2 Stable Available

    View Slide

  29. Septembre 2015 V2 Announced
    Mai 2016 V2 Alpha Available
    January 2017 V2 Stable Available

    View Slide

  30. Septembre 2015 V2 Announced
    Mai 2016 V2 Alpha Available
    January 2017 V2 Stable Available

    View Slide

  31. Septembre 2015 V2 Announced
    Mai 2016 V2 Alpha Available
    January 2017 V2 Stable Available
    V2.2
    February 2018

    View Slide

  32. Septembre 2015 V2 Announced
    Mai 2016 V2 Alpha Available
    January 2017 V2 Stable Available
    V2.2
    February 2018

    View Slide

  33. Septembre 2015 V2 Announced
    Mai 2016 V2 Alpha Available
    January 2017 V2 Stable Available
    V2.2
    February 2018

    View Slide

  34. Septembre 2015 V2 Announced
    Mai 2016 V2 Alpha Available
    January 2017 V2 Stable Available
    V2.2
    February 2018

    View Slide

  35. Septembre 2015 V2 Announced
    Mai 2016 V2 Alpha Available
    January 2017 V2 Stable Available
    February 2018 V2.2
    February 2019 V2.4 (beta2)

    View Slide

  36. Septembre 2015 V2 Announced
    Mai 2016 V2 Alpha Available
    January 2017 V2 Stable Available
    February 2018 V2.2
    February 2019 V2.4

    View Slide

  37. Septembre 2015 V2 Announced
    Mai 2016 V2 Alpha Available
    January 2017 V2 Stable Available
    February 2018 V2.2
    February 2019 V2.4

    View Slide

  38. Septembre 2015 V2 Announced
    Mai 2016 V2 Alpha Available
    January 2017 V2 Stable Available
    February 2018 V2.2
    February 2019 V2.4

    View Slide

  39. First ApiResource

    View Slide

  40. You’ve got the power

    View Slide

  41. Some attributes

    View Slide

  42. Any Public, Protected, Private property will be accessible through your API 

    As long as you define the means to access it !
    THANKS TO… ?

    View Slide

  43. Restricting the operations

    View Slide

  44. Restricting the operations

    View Slide

  45. Restricting the operations

    View Slide

  46. Differentiating the expected income and the outcome

    View Slide

  47. Source: https://symfony.com/doc/current/components/serializer.html

    View Slide

  48. Differentiating the expected income and the outcome

    View Slide

  49. ORM mapping

    View Slide

  50. View Slide

  51. R.A.D.

    View Slide

  52. Ok, but not everything is about
    CRUD or REST !

    View Slide

  53. View Slide

  54. Activate Mercure for a resource

    View Slide

  55. View Slide

  56. View Slide

  57. source: Samuel Roze « Symfony Messenger: Messages, Queues, Workers and More »

    View Slide

  58. Activate messenger for a resource

    View Slide

  59. Defining a Handler

    View Slide

  60. View Slide

  61. Configuring Messenger component

    View Slide

  62. View Slide

  63. View Slide

  64. View Slide

  65. View Slide

  66. View Slide

  67. Going Further

    View Slide

  68. View Slide

  69. View Slide

  70. Defining states constants

    View Slide

  71. Configuration using constants

    View Slide

  72. Configuration using constants

    View Slide

  73. How to get for any resource a
    way to update the state ?

    View Slide

  74. Leverage the extensibility of 

    API Platform

    View Slide

  75. Decorating the ResourceMetadataFactory

    View Slide

  76. Inject the supported resources

    View Slide

  77. Decorating the OperationPathResolver

    View Slide

  78. Change the state on post deserialize

    View Slide

  79. Change the state on post deserialize

    View Slide

  80. I get a new operation to update the state

    View Slide

  81. Going Further (again)

    View Slide

  82. Let’s consider we have Holder resource

    which is used as a User, with a JWT
    Authentication

    View Slide

  83. Reverse side
    Linking a WaitingLine to a Holder

    View Slide

  84. What if I want to set/remove ownership
    right after the change of state 

    with API Platform?

    View Slide

  85. YOU DON’T.

    View Slide

  86. Setting the ownership

    View Slide

  87. Don’t forget to leverage the power of
    the Symfony components you use.
    They are highly tested !

    View Slide

  88. A little demo maybe?

    View Slide

  89. Going Further (again, again)

    promised, this is the last time

    View Slide

  90. Sometimes, you need to split up your code.
    Let’s imagine a password request scenario

    View Slide

  91. View Slide

  92. View Slide

  93. Get a resource

    View Slide

  94. Get a resource

    View Slide

  95. Create a resource

    View Slide

  96. Create a resource

    View Slide

  97. Source: https://symfony.com/doc/current/components/serializer.html

    View Slide

  98. View Slide

  99. View Slide

  100. Setting RabbitMQ as transporter

    View Slide

  101. Setting reset routes accessible anonymously

    View Slide

  102. Creating the resource

    View Slide

  103. Set messenger

    View Slide

  104. Define the reset request operation, input and output

    View Slide

  105. Define the reset operation

    View Slide

  106. Define the input class

    View Slide

  107. I can now reset my password

    View Slide

  108. Create a resource
    Output is set to false, nothing to do
    We need to create the transformers

    View Slide

  109. Transform the post input into a ressource

    View Slide

  110. Maybe using the incoming AutoMapper there?

    View Slide

  111. Encode the new password on PUT request

    View Slide

  112. View Slide

  113. Create the Handler

    View Slide

  114. Handle the token creation

    View Slide

  115. Handle the password update and remove the token

    View Slide

  116. Add a custom constraint to check the expiration

    View Slide

  117. You’ve got a fully decoupled
    reset password procedure !

    View Slide

  118. Spice all this with your favorites
    Testing frameworks

    View Slide

  119. Plug-in your favorite CI / CD
    system

    View Slide

  120. And you’ve got a robust API
    For middle to large applications

    View Slide

  121. THANK YOU !
    I am so thirsty right now…
    But if you’ve got any question I can make an effort :)

    View Slide