Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
API platform and how to use it
Search
Evgeny Smirnov
May 30, 2022
Programming
110
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
API platform and how to use it
A brief introduction to API platform (Symfony) for 4xxi developers.
Evgeny Smirnov
May 30, 2022
More Decks by Evgeny Smirnov
See All by Evgeny Smirnov
An overview of the self-determination theory in psychology
smirik
0
64
Secure your application data using Symfony
smirik
0
3.6k
A machine learning approach in the dynamics of asteroids
smirik
0
45
Mean motion resonances in the main belt
smirik
0
58
Other Decks in Programming
See All in Programming
才能?センス?知らん、 続けたもん勝ちだ。-- 結婚・出産・癌を越えてなお、私がプロダクトを創り続ける理由
16bitidol
2
670
Vite+ Unified Toolchain for the Web
naokihaba
0
420
Javaの型とAI時代に型が大事な理由 / java types and type in AI era
kishida
2
170
過去最大のMCPアップデート! 2026-07-28 RC版の謎に迫る
licux
6
440
OS アップデート対応の取り組み方がもっと共有されてほしい
andpad
0
110
エンジニアと一緒にテストコードの設計と実装を改善した話
mototakatsu
0
250
IBM Bobを活用したレガシーアプリの最新化
oniak3ibm
PRO
1
240
Even G2とAWSで推しのエージェントを召喚しよう!
har1101
1
140
Observability in Practice:Grafana 與 Edge Device SRE 的那些事
blueswen
0
190
AIで効率化できた業務・日常
ochtum
0
160
どこまでゆるくて許されるのか
tk3fftk
0
300
ADKを使って簡単にAIエージェントを作ってみよう
k1mu21
0
290
Featured
See All Featured
Exploring anti-patterns in Rails
aemeredith
3
430
Joys of Absence: A Defence of Solitary Play
codingconduct
1
410
Into the Great Unknown - MozCon
thekraken
41
2.6k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.8k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
128
56k
How to Ace a Technical Interview
jacobian
281
24k
Balancing Empowerment & Direction
lara
6
1.2k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
2k
Building Flexible Design Systems
yeseniaperezcruz
330
40k
Context Engineering - Making Every Token Count
addyosmani
9
1k
We Are The Robots
honzajavorek
0
270
From Legacy to Launchpad: Building Startup-Ready Communities
dugsong
0
240
Transcript
Evgeny Smirnov and how to use ( fi rst look)
+ Why?
+
+
+ What’s inside?
+ Out of the box “CRUD, data validation, pagination, fi
ltering, sorting, json/hydra, GraphQL, swagger, CORS, OWASP inside…”
+ Follow best practice because you can’t do otherwise
+ Getting started 1. Official “Getting started” guide 2. SymfonyCast:
RESTful APIs and API Platform guides 3. StackOverflow
+ Installation Dockerised distribution (check symfony version) or through
symfony
+ Why?
+
+ Custom business logic for any writing action — DataPersisters*
* use decorator pattern
+ final class UserQuizDataPersister implements ContextAwareDataPersisterInterface { private $decorated; private
$security; … public function persist($data, array $context = []) { if (is_null($data->getUser())) { $user = $this->security->getUser(); $data->setUser($user); } $result = $this->decorated->persist($data, $context); return $result; } public function remove($data, array $context = []) { return $this->decorated->remove($data, $context); } } Data Persisters
+ Data Providers Here should be an example but I
have not used providers…
+ Custom action for an action of a resource —
Action Controller
+ #[AsController] class SkipUserQuestion extends AbstractController { public function __invoke(UserQuestion
$data): UserQuestion { $data->setStatus(UserQuestion::STATUS_SKIPPED); return $data; } } Pseudo Controllers
+ Various input and output data for the same model
— DataTransformer and DTO
+ public function transform($data, string $to, array $context = [])
{ $resetPasswordRequest = new ResetPasswordRequest(); $user = $this->userRepository->findOneByEmail($data->getEmail()); $resetPasswordRequest->setUser($user); $now = new \DateTimeImmutable(); $expiredAt = new \DateTimeImmutable('+1 hour'); $resetPasswordRequest->setRequestedAt($now); $resetPasswordRequest->setExpiresAt($expiredAt); return $resetPasswordRequest; } Data Transformers
+ final class ResetPasswordRequestInput { #[Groups(['resetPasswordRequest:create', 'resetPasswordRequest:read'])] #[Assert\NotBlank(groups: ['validation:create'])] #[Assert\Email()]
private $email; public function getEmail(): ?string { return $this->email; } public function setEmail(string $email): self { $this->email = $email; return $this; } } DTOs
+ … and much more: EventListeners, Subscribers, Filters, async …
+ Useful add ons ✅ JWT through LexikJWTAuthenticationBundle ✅ JWT
refresh tokens GesdinetJWTRefreshTokenBundle ❌ Complete sign up / sign in ❌ Role based API versions
+ Disambiguous?
+ PATCH /entity/{id} or PUT /entity/{id}/{custom-action}
+ GET /entity/{id}/?{subentity}=% or GET /entity/{id}/{subentity}
+ Action-Controller or DataPersister for custom writing logic?
+ 4-5 extra classes (DTOs, Transformers, etc.) or Custom controller
outside of API Platform* * and extra classes for OpenAPI docs…
+ Too many ways how to perform a regular action
+ Good for RESTful APIs with regular customisations Bad for
custom APIs
+
+
+