Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
API platform and how to use it
Search
Evgeny Smirnov
May 30, 2022
Programming
0
89
API platform and how to use it
A brief introduction to API platform (Symfony) for 4xxi developers.
Evgeny Smirnov
May 30, 2022
Tweet
Share
More Decks by Evgeny Smirnov
See All by Evgeny Smirnov
An overview of the self-determination theory in psychology
smirik
0
19
Secure your application data using Symfony
smirik
0
3.4k
A machine learning approach in the dynamics of asteroids
smirik
0
17
Mean motion resonances in the main belt
smirik
0
21
Other Decks in Programming
See All in Programming
as(型アサーション)を書く前にできること
marokanatani
10
2.7k
Streams APIとTCPフロー制御 / Web Streams API and TCP flow control
tasshi
2
350
聞き手から登壇者へ: RubyKaigi2024 LTでの初挑戦が 教えてくれた、可能性の星
mikik0
1
130
TypeScript Graph でコードレビューの心理的障壁を乗り越える
ysk8hori
2
1.1k
Contemporary Test Cases
maaretp
0
140
Ethereum_.pdf
nekomatu
0
460
エンジニアとして関わる要件と仕様(公開用)
murabayashi
0
290
Nurturing OpenJDK distribution: Eclipse Temurin Success History and plan
ivargrimstad
0
920
cmp.Or に感動した
otakakot
3
170
どうして僕の作ったクラスが手続き型と言われなきゃいけないんですか
akikogoto
1
120
Figma Dev Modeで変わる!Flutterの開発体験
watanave
0
120
Amazon Qを使ってIaCを触ろう!
maruto
0
410
Featured
See All Featured
How to Think Like a Performance Engineer
csswizardry
20
1.1k
Fireside Chat
paigeccino
34
3k
How to train your dragon (web standard)
notwaldorf
88
5.7k
KATA
mclloyd
29
14k
Adopting Sorbet at Scale
ufuk
73
9.1k
Bootstrapping a Software Product
garrettdimon
PRO
305
110k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
0
96
Gamification - CAS2011
davidbonilla
80
5k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
329
21k
Building Applications with DynamoDB
mza
90
6.1k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
229
52k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
159
15k
Transcript
Evgeny Smirnov and how to use ( fi rst look)
+ Why?
+
+
+ What’s inside?
+ Out of the box “CRUD, data validation, pagination, fi
ltering, sorting, json/hydra, GraphQL, swagger, CORS, OWASP inside…”
+ Follow best practice because you can’t do otherwise
+ Getting started 1. Official “Getting started” guide 2. SymfonyCast:
RESTful APIs and API Platform guides 3. StackOverflow
+ Installation Dockerised distribution (check symfony version) or through
symfony
+ Why?
+
+ Custom business logic for any writing action — DataPersisters*
* use decorator pattern
+ final class UserQuizDataPersister implements ContextAwareDataPersisterInterface { private $decorated; private
$security; … public function persist($data, array $context = []) { if (is_null($data->getUser())) { $user = $this->security->getUser(); $data->setUser($user); } $result = $this->decorated->persist($data, $context); return $result; } public function remove($data, array $context = []) { return $this->decorated->remove($data, $context); } } Data Persisters
+ Data Providers Here should be an example but I
have not used providers…
+ Custom action for an action of a resource —
Action Controller
+ #[AsController] class SkipUserQuestion extends AbstractController { public function __invoke(UserQuestion
$data): UserQuestion { $data->setStatus(UserQuestion::STATUS_SKIPPED); return $data; } } Pseudo Controllers
+ Various input and output data for the same model
— DataTransformer and DTO
+ public function transform($data, string $to, array $context = [])
{ $resetPasswordRequest = new ResetPasswordRequest(); $user = $this->userRepository->findOneByEmail($data->getEmail()); $resetPasswordRequest->setUser($user); $now = new \DateTimeImmutable(); $expiredAt = new \DateTimeImmutable('+1 hour'); $resetPasswordRequest->setRequestedAt($now); $resetPasswordRequest->setExpiresAt($expiredAt); return $resetPasswordRequest; } Data Transformers
+ final class ResetPasswordRequestInput { #[Groups(['resetPasswordRequest:create', 'resetPasswordRequest:read'])] #[Assert\NotBlank(groups: ['validation:create'])] #[Assert\Email()]
private $email; public function getEmail(): ?string { return $this->email; } public function setEmail(string $email): self { $this->email = $email; return $this; } } DTOs
+ … and much more: EventListeners, Subscribers, Filters, async …
+ Useful add ons ✅ JWT through LexikJWTAuthenticationBundle ✅ JWT
refresh tokens GesdinetJWTRefreshTokenBundle ❌ Complete sign up / sign in ❌ Role based API versions
+ Disambiguous?
+ PATCH /entity/{id} or PUT /entity/{id}/{custom-action}
+ GET /entity/{id}/?{subentity}=% or GET /entity/{id}/{subentity}
+ Action-Controller or DataPersister for custom writing logic?
+ 4-5 extra classes (DTOs, Transformers, etc.) or Custom controller
outside of API Platform* * and extra classes for OpenAPI docs…
+ Too many ways how to perform a regular action
+ Good for RESTful APIs with regular customisations Bad for
custom APIs
+
+
+