Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
API platform and how to use it
Search
Evgeny Smirnov
May 30, 2022
Programming
0
91
API platform and how to use it
A brief introduction to API platform (Symfony) for 4xxi developers.
Evgeny Smirnov
May 30, 2022
Tweet
Share
More Decks by Evgeny Smirnov
See All by Evgeny Smirnov
An overview of the self-determination theory in psychology
smirik
0
21
Secure your application data using Symfony
smirik
0
3.4k
A machine learning approach in the dynamics of asteroids
smirik
0
17
Mean motion resonances in the main belt
smirik
0
22
Other Decks in Programming
See All in Programming
Honoとフロントエンドの 型安全性について
yodaka
7
1.5k
SwiftUI Viewの責務分離
elmetal
PRO
2
280
JAWS Days 2025のインフラ
komakichi
1
120
kintone開発を効率化するためにチームで試した施策とその結果を大放出!
oguemon
0
170
バッチを作らなきゃとなったときに考えること
irof
2
540
もう少しテストを書きたいんじゃ〜 #phpstudy
o0h
PRO
19
4.1k
Rubyで始める関数型ドメインモデリング
shogo_tksk
0
140
Ça bouge du côté des animations CSS !
goetter
2
160
iOSでQRコード生成奮闘記
ktcryomm
2
110
ソフトウェアエンジニアの成長
masuda220
PRO
12
2.1k
データベースのオペレーターであるCloudNativePGがStatefulSetを使わない理由に迫る
nnaka2992
0
240
Rubyと自由とAIと
yotii23
6
1.8k
Featured
See All Featured
A Modern Web Designer's Workflow
chriscoyier
693
190k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
46
2.4k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
10
520
Optimising Largest Contentful Paint
csswizardry
34
3.1k
Facilitating Awesome Meetings
lara
53
6.2k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
Become a Pro
speakerdeck
PRO
26
5.2k
[RailsConf 2023] Rails as a piece of cake
palkan
53
5.3k
Fantastic passwords and where to find them - at NoRuKo
philnash
51
3k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
4
380
What's in a price? How to price your products and services
michaelherold
244
12k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
7
650
Transcript
Evgeny Smirnov and how to use ( fi rst look)
+ Why?
+
+
+ What’s inside?
+ Out of the box “CRUD, data validation, pagination, fi
ltering, sorting, json/hydra, GraphQL, swagger, CORS, OWASP inside…”
+ Follow best practice because you can’t do otherwise
+ Getting started 1. Official “Getting started” guide 2. SymfonyCast:
RESTful APIs and API Platform guides 3. StackOverflow
+ Installation Dockerised distribution (check symfony version) or through
symfony
+ Why?
+
+ Custom business logic for any writing action — DataPersisters*
* use decorator pattern
+ final class UserQuizDataPersister implements ContextAwareDataPersisterInterface { private $decorated; private
$security; … public function persist($data, array $context = []) { if (is_null($data->getUser())) { $user = $this->security->getUser(); $data->setUser($user); } $result = $this->decorated->persist($data, $context); return $result; } public function remove($data, array $context = []) { return $this->decorated->remove($data, $context); } } Data Persisters
+ Data Providers Here should be an example but I
have not used providers…
+ Custom action for an action of a resource —
Action Controller
+ #[AsController] class SkipUserQuestion extends AbstractController { public function __invoke(UserQuestion
$data): UserQuestion { $data->setStatus(UserQuestion::STATUS_SKIPPED); return $data; } } Pseudo Controllers
+ Various input and output data for the same model
— DataTransformer and DTO
+ public function transform($data, string $to, array $context = [])
{ $resetPasswordRequest = new ResetPasswordRequest(); $user = $this->userRepository->findOneByEmail($data->getEmail()); $resetPasswordRequest->setUser($user); $now = new \DateTimeImmutable(); $expiredAt = new \DateTimeImmutable('+1 hour'); $resetPasswordRequest->setRequestedAt($now); $resetPasswordRequest->setExpiresAt($expiredAt); return $resetPasswordRequest; } Data Transformers
+ final class ResetPasswordRequestInput { #[Groups(['resetPasswordRequest:create', 'resetPasswordRequest:read'])] #[Assert\NotBlank(groups: ['validation:create'])] #[Assert\Email()]
private $email; public function getEmail(): ?string { return $this->email; } public function setEmail(string $email): self { $this->email = $email; return $this; } } DTOs
+ … and much more: EventListeners, Subscribers, Filters, async …
+ Useful add ons ✅ JWT through LexikJWTAuthenticationBundle ✅ JWT
refresh tokens GesdinetJWTRefreshTokenBundle ❌ Complete sign up / sign in ❌ Role based API versions
+ Disambiguous?
+ PATCH /entity/{id} or PUT /entity/{id}/{custom-action}
+ GET /entity/{id}/?{subentity}=% or GET /entity/{id}/{subentity}
+ Action-Controller or DataPersister for custom writing logic?
+ 4-5 extra classes (DTOs, Transformers, etc.) or Custom controller
outside of API Platform* * and extra classes for OpenAPI docs…
+ Too many ways how to perform a regular action
+ Good for RESTful APIs with regular customisations Bad for
custom APIs
+
+
+