This document discusses API Platform, an open-source framework for building web APIs in PHP and Symfony. It provides out-of-the-box features like CRUD operations, validation, pagination and filtering. The document outlines how to customize API Platform through additional classes like data persisters, transformers and DTOs. It also discusses design choices around routing conventions and whether to extend core classes or create separate controllers. While API Platform is good for REST APIs with some custom logic, it may not be ideal for highly customized APIs due to multiple approaches for the same tasks.
16. +
#[AsController]
class SkipUserQuestion extends AbstractController
{
public function __invoke(UserQuestion $data): UserQuestion
{
$data->setStatus(UserQuestion::STATUS_SKIPPED);
return $data;
}
}
Pseudo Controllers
17. +
Various input and output data
for the same model —
DataTransformer and DTO
18. +
public function transform($data, string $to, array $context = [])
{
$resetPasswordRequest = new ResetPasswordRequest();
$user = $this->userRepository->findOneByEmail($data->getEmail());
$resetPasswordRequest->setUser($user);
$now = new DateTimeImmutable();
$expiredAt = new DateTimeImmutable('+1 hour');
$resetPasswordRequest->setRequestedAt($now);
$resetPasswordRequest->setExpiresAt($expiredAt);
return $resetPasswordRequest;
}
Data Transformers
19. +
final class ResetPasswordRequestInput
{
#[Groups(['resetPasswordRequest:create', 'resetPasswordRequest:read'])]
#[AssertNotBlank(groups: ['validation:create'])]
#[AssertEmail()]
private $email;
public function getEmail(): ?string
{
return $this->email;
}
public function setEmail(string $email): self
{
$this->email = $email;
return $this;
}
}
DTOs
20. +
… and much more:
EventListeners, Subscribers,
Filters, async …
21. +
Useful add ons
✅ JWT through LexikJWTAuthenticationBundle
✅ JWT refresh tokens GesdinetJWTRefreshTokenBundle
❌ Complete sign up / sign in
❌ Role based API versions