REAL TIME REST APIS by: Rachel Baker

REST API ENDPOINTS Baked into WordPress 4.7+

GET https://demo.wp-api.org/wp-json/wp/v2/posts REVOLUTIONARY

REST APIs REQUIRE CLIENTS TO MAKE REQUESTS How can your client know if the response data changed?

SOMETIMES YOU NEED A LITTLE PUSH • Updating headless front-end application views for content changes (breaking news, new comment added, etc.) • Notifying a client or micro service application of a content event (comment awaiting moderation, post updated, new order received, etc.) • Attempting to keep anything in “sync” between WordPress and another application (users, newsletter subscribers, etc.) • Breaking cache or reseting cache headers

WEBHOOKS + WORDPRESS ACTIONS =

WEBHOOKS A WebHook is an HTTP callback: an HTTP POST that occurs when something happens; a simple event-notification via HTTP POST. A web application implementing WebHooks will POST a message to a URL when certain things happen. via https://webhooks.pbworks.com/w/page/13385124/FrontPage

WORDPRESS ACTIONS In WordPress; an Action is a PHP function that is executed at specific points throughout the WordPress Core. Developers can create a custom Action using the Action API to add or remove code from an existing Action by specifying any existing Hook. This process is called "hooking". via https://codex.wordpress.org/Glossary#Action

function notify_user_registered( $user_id ) { // authentication handling not shown. $request = new WP_REST_Request( 'GET', '/wp/v2/users/' . $user_id ); $response = rest_do_request( $request ); $status = $response->get_status(); // $status should equal 200. $data = $response->get_data(); $callback_uri = 'https://example.com/myclient/callback/ user.registered'; wp_safe_remote_post( $callback_uri, array( 'body' => $data ) ); // check for errors. } add_action( 'user_register', 'notify_user_registered' ); Notify a callback uri when a new user is created

+ REST HOOKS =

REST HOOKS REST Hooks itself is not a specification, it is a collection of patterns that treat webhooks like subscriptions. These subscriptions are manipulated via a REST API just like any other resource. via http://resthooks.org/docs/

WHAT YOU NEED 1. Mechanism to store subscriptions
 2. Mechanism to list, create, modify, delete subscriptions via API endpoints
 3. List event hooks via API endpoint
 4. Mechanism to send hooks <—— Database table <—— Subscriptions endpoints and authentication <—— Hooks endpoints <—— Implement needed WordPress actions to send template response data to subscription uris

SAMPLE HOOKS MODEL

GET /wp-json/api/v1/hooks LIST HOOKS

SAMPLE SUBSCRIPTION MODEL

GET /wp-json/api/v1/subscriptions STORE & MODIFY SUBSCRIPTIONS POST /wp-json/api/v1/subscriptions GET /wp-json/api/v1/subscriptions/ PUT /wp-json/api/v1/subscriptions/ DELETE /wp-json/api/v1/subscriptions/

GET /wp-json/api/v1/subscriptions LIST YOUR SUBSCRIPTIONS

function notify_user_registered( $user_id ) { // authentication handling not shown. $request = new WP_REST_Request( 'GET', '/wp/v2/users/' . $user_id ); $response = rest_do_request( $request ); $status = $response->get_status(); if ( 200 === $status ) { $data = $response->get_data(); $subscriptions = get_available_subscriptions(); foreach( $subscriptions as $subscription ) { if ( empty( $subscription['hook'] ) || 'user.created' !== $subscription['hook'] ) { continue; } wp_safe_remote_post( $subscription['uri'], array( 'body' => $data ) ); // check for errors. } return; } } add_action( 'user_register', 'notify_user_registered' ); Send response data to subscribers when a new user is created

GOTCHAS • Error handling and optionally retrying connections for 4xx/5xx errors.
 • Performance of inline hook delivery. Consider a delayed queue system.
 • Impact of payload size. Consider reducing hook templates where possible.
 • Security and authentication.
 • You now have your own RPC API to maintain alongside your REST API.

ICON CREDITS Pull by Venkatesh A.G.E Prodding by Luis Prado Hook by Alex Fuller Cake by Edward Boatman Valentine cake by Dinosoft Labs Newspaper by Noe Araujo Facepalm by Edward Boatman

THANK YOU Rachel Baker @rachelbaker Slides are available at: https://speakerdeck.com/rachelbaker/real-time-rest-api-with-wordpress