Skip to content

ArchTaqi/symfony-api-platform-reactjs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
bin
bin
 
 
config
config
 
 
public
public
 
 
src
src
 
 
templates
templates
 
 
translations
translations
 
 
.env
.env
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 
composer.lock
composer.lock
 
 
composer.phar
composer.phar
 
 
symfony.lock
symfony.lock
 
 

Repository files navigation

Symfony API Platform

composer require maker
php bin/console make:user
composer require api
composer require jwt-auth
openssl genrsa -out config/jwt/private.pem -aes256 4096
openssl rsa -pubout -in config/jwt/private.pem -out config/jwt/public.pem

API Plateform

Features

Besides the REST and GraphQL APIs, other features include:

Native support for JSON-LD, GraphQL, JSONAPI, HAL, raw JSON, XML, YAML and CSV
Granular control over filters and sorting
Symfony-based access control for an entire resource, or a particular method
Pagination
Serialization groups: The ability to define property groups so subsets of properties can be requested instead of all properties
Advanced error handling
Doctrine extension integration for dynamically extending queries
FOSUserBundle integration
JWT Authentication (Including the ability to view Swagger UI based on a specific token)
Data Transfer Objects (DTO) for custom operations

API Resource

  • itemOperations Item operations act on an individual resource. Three default routes are defined: GET, PUT and DELETE
  • collectionOperations Collection operations act on a collection of resources. By default two routes are implemented: POST and GET.

When the ApiResource annotation is applied to an entity class, all default CRUD operations are automatically registered. Both collectionOperations and itemOperations behave independently. i.e if you don't explicitly configure operations for collectionOperations, GET and POST operations will be automatically registered, even if you explicitly configure itemOperations. The reverse is also true.

More : https://api-platform.com/docs/core/operations/

To limit what properties are accessible to either GET or POST/PUT operations, we used below;

  • normalizationContext Refers to reading properties (GET requests)
  • denormalizationContext Refers to writing data (POST/PUT requests)

In below, a user can view and update their name. They can view but not update their active status, and they have no access to what roles are assigned to them.

use ApiPlatform\Core\Annotation\ApiResource;
use Symfony\Component\Serializer\Annotation\Groups;

* @ApiResource(
*   normalizationContext={"groups"={"read"}},
*   denormalizationContext={"groups"={"write"}}
* )

    /**  @Groups({"read"})  */
    private $active;
    /**  @Groups({"read", "write"}) */
    private $name;
    private $roles;

The result of a GET request will not include the roles property. and a PUT request to will only update the name property, even if active and roles are passed along with it.

More on: https://www.thinkbean.com/drupal-development-blog/restrict-properties-api-platform-serialization-groups

About

Symfony 4 API Platform + React.js Full Stack Masterclass Cource Code

udemy.com/symfony-api-platform-reactjs-full-stack-masterclass/

Topics

symfony apiplatform

Resources

Readme
Activity

Stars

5 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

 
 
 

Languages