pstaender/silverstripe-restful-api
Composer 安装命令:
composer require pstaender/silverstripe-restful-api
包简介
Restul API helpers for SilverStripe
关键字:
README 文档
README
This module provides an basic API controller with helpers to manage (underscore based) JSON data for i/o. Additionally there are some helpful methods on DataObjects, forApi() for instance. To authenticate the API controller is using the SilverStripe build security system but provides an Auth controller to authenticate in a restful way.
Motivation
Build fast and easy API's without writing the same helper methods over and over again. Currently it's in a development state, so some (design) decision might change to provide the convenient tools with at least surprising behaviour.
Configuration
The following attributes can be configured:
--- Name: RestfulApiConfig --- ApiController: underscoreFields: true useAccesstokenAuth: true accessTokenPropertyName: 'X-Accesstoken' useDataProperty: false AuthSession: validInMinutesFromNow: 10080 adminAccessToken: null requiredGroup: null requiredPermission: null urlSegment: 'auth' ApiSchemaController: allowedModels: - Member DataObject: jsonDateFormat: 'D M d Y H:i:s O' underscoreFields: true castDataObjectFields: true resolveHasOneRelations: true resolveHasManyRelations: true
To avoid unnecessary authentication during development you can use the adminAccessToken (default is 84c44b7ee63a9919aa272673eecfc7f9b7424e47 in dev mode).
How to use
Authentication
Login
POST:http://localhost/auth/session with (json) body:
{
"email":"your@email.com",
"password":"yourpassword"
}
Returns (with StatusCode 200):
{
"session":{
"accesstoken":"8d69f3f127a9ddc4f73d75c5803c846696bb10ff",
"valid_until":"Mon Sep 28 2015 03:01:06 +0200",
"valid_until_timestamp":1443402066,
"user":{
"id":2,
…
},
"uri":"http://localhost/auth/session/"
}
}
Now you can use the accesstoken to perform actions.
Session info
GET:http://localhost/auth/session with header X-Accesstoken: 8d69f3f127a9ddc4f73d75c5803c846696bb10ff (you always have to attach the Accesstoken this way to get authenticated!) returns (with StatusCode 200):
{
"session":{
"accesstoken":"8d69f3f127a9ddc4f73d75c5803c846696bb10ff",
"valid_until":"Mon Sep 28 2015 03:28:06 +0200",
"valid_until_timestamp":1443403686,
"user":{
"id":2,
…
},
"uri":"http://localhost/auth/session/"
}
}
Logout (delete Session)
DELETE:http://localhost/auth/session/8d69f3f127a9ddc4f73d75c5803c846696bb10ff with header X-Accesstoken: 8d69f3f127a9ddc4f73d75c5803c846696bb10ff returns (with StatusCode 202):
{
"message":"resource deleted successfully"
}
Use in your project
You can also (check out this more detailed example)[https://github.com/pstaender/silverstripe-restful-api/blob/master/code/examples/Country.php].
Data model(s)
You may apply some extra definitions on your models to prepare them for API use:
class Client extends DataObject { private static $db = [ "Email" => "Varchar", "FirstName" => "Varchar", "Surname" => "Varchar", "Note" => "Text", ]; // these fields be made available by default through `forApi` private static $api_fields = [ "Email", "Name", ]; // example method function Name() { return trim($this->FirstName. " " .$this->Surname); } // can be defined optional function forApi() { $data = parent::forApi(); // will contain s.th. like [ "Email" => "…", "Name" => "…" ] // do s.th. with the data if you want to … return $data; } }
Controller for Schema Definition
To provide a suitable schema definition of your models you can explicit allow them in your config.yml via:
ApiSchemaController: allowedModels: - Country - Member
So that schema/Member will display s.th. like:
{
"schema": {
"first_name": "Varchar",
"surname": "Varchar",
"email": "Varchar(256)",
"password": "Varchar(160)",
"remember_login_token": "Varchar(160)",
"num_visit": "Int",
"last_visited": "SS_Datetime",
"auto_login_hash": "Varchar(160)",
"auto_login_expired": "SS_Datetime",
"password_encryption": "Varchar(50)",
"salt": "Varchar(50)",
"password_expiry": "Date",
"locked_out_until": "SS_Datetime",
"locale": "Varchar(6)",
"failed_login_count": "Int",
"date_format": "Varchar(30)",
"time_format": "Varchar(30)",
}
}
API Controller(s)
How to define your own API Controller including some methods (we assume that you've added s.th. like "client//$Action/$ID": "ClientController" to your routes.yml):
class ClientController extends APIController { private static $api_parameters = [ "GET:client" => [ '$ID' => "int", ], "POST:client" => [ 'email' => "/^[^@]+@[^@]+$/", ], ]; private static $api_allowed_actions = [ "GET:client" => true, // everyone can read here "DELETE:client" => 'ADMIN', // only admins can delete "POST:client" => '->isBasicApiUser', // method `isBasicApiUser` checks permission ]; private static $api_model = "Client"; // this is to connect this controller to a specific model (important for field matching) /** * Will respond with a JSON object and 200 if found * with a 404 and a JSON msg object otherwise */ function clientGET() { return $this->sendData( Client::get()->byID($this->request->param("ID")) ); } function clientPOST() { $client = Client::create(); $data = $this->requestDataAsArray('Client'); $populateOnlyTheseseFields = [ "Email", "FirstName", "Surname" ]; $country->populateWithData($data, $populateOnlyTheseseFields); $country->write(); return $this->sendSuccesfulPost($country->URL()); } function clientDELETE() { $client = Client::get()->byID($this->request->param("ID"); if (!$client) return $this->sendNotFound(); $client->delete(); return $this->sendSuccessfulDelete(); } protected function isBasicApiUser() { return Permission::check('BASIC_API') || Permission::check('EXTERNAL_API'); } }
Interesting Controller helpers:
- getAccessTokenFromRequest
- Returns the accesstoken from the header
- getSessionFromRequest
- The session DataObject (if existing)
- sendData($data = null, $code = null)
- Send a DataList, DataObject or an Array; will be rendered as JSON by default
- sendJSON($data = null, $code = null)
- Same as sendData, except to force JSON
- sendError($errMsg, $code = 500)
- Use to send comprehensible error messages for the API user
- sendNotFound($msg = 'resource not found', $code = 404)
- Helper to send a default "Resource not found" error message
- sendSuccessfulDelete($msg = 'resource deleted successfully', $code = 202)
- Helper to send a default "Resource deleted successfully" message after a
DELETE
- Helper to send a default "Resource deleted successfully" message after a
- sendSuccessfulPut($msg = 'resource updated successfully', $code = 202)
- Helper to send a default "Resource updated successfully" message after a
PUT
- Helper to send a default "Resource updated successfully" message after a
- sendSuccessfulPost($uriOrData = null, $msg = 'resource created succesfully', $code = 201)
- Helper to redirect to new resource (if $uriOrData is a string) or send a default "Resource created successfully" message after a
POST
- Helper to redirect to new resource (if $uriOrData is a string) or send a default "Resource created successfully" message after a
To keep it simple: the arguments order of $msg and $code is arbitrary.
Tests
$ sake dev/tests/module/silverstripe-restful-api flush=1
or
$ sake /dev/tests/AuthControllerTest
to run specific tests.
Ensure that you have defined $_FILE_TO_URL_MAPPING in _ss_environment.php to run controller tests correctly (otherwise redirects will throw an user error for instance).
Better performance
By deactivating blocking sessions, you can decrease the response time.
Beware that none across request session will work anymore on your SilverStripe project because persistent session storage is deactivated in that scenario (not needed in pure restful services anyway).
To activate this feature, add to your _config.php or _ss_environment.php:
define('RESTFUL_API_MODULE_NON_BLOCKING_SESSION', true);
Licence
MIT License
pstaender/silverstripe-restful-api 适用场景与选型建议
pstaender/silverstripe-restful-api 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 1.35k 次下载、GitHub Stars 达 7, 最近一次更新时间为 2014 年 08 月 20 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「json」 「api」 「restful」 「silverstripe」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 pstaender/silverstripe-restful-api 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 pstaender/silverstripe-restful-api 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 pstaender/silverstripe-restful-api 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Kinikit - PHP Application development framework MVC component
ext-json wrapper with sane defaults
A package to cast json fields, each sub-keys is castable
A PSR-7 compatible library for making CRUD API endpoints
This is a restful api to onesignal.
A RESTful API package for the Laravel and Lumen frameworks.
统计信息
- 总下载量: 1.35k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 7
- 点击次数: 1
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2014-08-20