Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SitePoint PHP Blog:
RESTful Remote Object Proxies with ProxyManager
Sep 13, 2016 @ 11:03:15

The SitePoint PHP blog has posted a tutorial introducing the use of ProxyManager in RESTful APIs to help interface your API endpoints directly with backend objects for the typical CRUD (create, read, update, delete) handling a REST API provides. ProxyManager is a tool created by Marco Pivetta to creating various kinds of proxies through a set of factory classes.

The proxy pattern is another cool design pattern in software development. A proxy is a class working as an interface to another class or web service. For the sake of simplicity, we’ll refer to proxied classes as subjects throughout the rest of the article. A proxy usually implements the same interface as the subject, so it looks like we’re calling the methods directly on the subject.

They start with a brief overview of proxies and the proxy design pattern for those not familiar then "cut to the chase" and show how to hook in ProxyManager via a custom adapter for the REST endpoints. They help you get all dependencies needed installed (via Composer) and the creation of a simple API using Silex and it's provider handling. They then create the application, set up the front controller and configure the relation between endpoint and proxy. Code is then included to create the required factories, interfaces and mappings. The tutorial wraps up with an example of using the API you've just created.

tagged: rest api tutorial proxymanager example factory classes

Link: https://www.sitepoint.com/restful-remote-object-proxies-with-proxymanager/

Cloudways Blog:
How To Create Simple Rest API In Symfony 3.1
Aug 30, 2016 @ 12:59:10

The Cloudways blog has posted a new tutorial helping you get up and running quickly with a simple REST API written using the Symfony framework. In the article they not only explain how to create the API but also include a bit of REST theory for those not completely familiar with the terms and functionality involved.

Symfony is fast becoming the favourite framework among developers for rapid application development. And despite releasing Symfony 3.1 and 3.2 in the previous quarter, they are still introducing many changes and upgrades. If you’re still using the previous versions, you must upgrade Symfony Framework to the latest and stable version 3.1.

Yes! We know that Symfony is one of the best frameworks to develop rest API, so in this article we will make simple rest API in Symfony 3.1. I am assuming that you’ve already setup PHPstack application on Cloudways with Symfony installed, but if you haven’t, follow this installation guide.

They briefly talk about the REST HTTP verb types and what kind of actions they relate to. With that defined the tutorial then gets into the requirements including the installation of two bundles: JMSSerializerBundle and NelmioCorsBundle. From there examples of configuration changes, commands to make users and execute migrations on the local database are included. With this system set up they include sample code for each HTTP verb type letting you perform the actions on the User entity (create, read, update and delete).

tagged: symfony rest api simple tutorial introduction phpstack

Link: https://www.cloudways.com/blog/rest-api-in-symfony-3-1/

JoliCode.com Blog:
The journey of writing an API Client with PHP and some wise advices
Aug 25, 2016 @ 10:49:01

On the JoliCode.com blog there's a post sharing the experience of writing an API client with PHP including some advice to those out there considering doing the same.

My (love-)story with Docker started in December 2013, after having lost a 2 years long battle against Chef. I had been attracted to Docker for a couple of months, and I finally made the switch the day when I learned that it was built on a REST API. This meant that I could control all my infrastructure from PHP, which is the language I’m most partial to.

After some research, I found the library docker-php built by ubermuda, but, like all the things around Docker at that time, there was only a very limited support of the API. Like any decent developer (yes, it’s a troll), I started to write pull requests to fulfill my needs, and it was both the greatest and the worst thing that happened to me.

The post starts off with a brief history of PHP libraries working with HTTP requests (and the difficulties he had with Guzzle). This includes the fast pace that the library was changing at the time, making it difficult to keep the code maintained. He took a "step back" and decided to look more into HTTPlug and some changes to help bring it up to date. With that choice made, he got into the automation portion and using it work with the Docker API. He talks about some of the other technologies and tools he investigated along the way including Jane for working with JSON message schemas.

Maintaining an open source library is hard and takes time. However, these last years made me realize that we can control it, by moving features into other projects, trust people behind it, and by reducing the feature sets.
tagged: api client library advice http httplug jane json schema

Link: https://jolicode.com/blog/the-journey-of-writing-an-api-client-with-php-and-some-wise-advices

Laravel News:
How to use WordPress as a backend for a Laravel Application
Aug 17, 2016 @ 12:51:08

The Laravel News site has posted an interesting tutorial where they describe the use of WordPress as a backend for a Laravel application. This setup is based on the Laravel News' own experience with it in the recent refactoring of the site.

Last week I relaunched Laravel News, and the new site is running on Laravel with WordPress as the backend. I’ve been using WordPress for the past two years, and I’ve grown to enjoy the features that it provides. The publishing experience, the media manager, the mobile app, and Jetpack for tracking stats.

I wasn’t ready to give these features up, and I didn’t have the time to build my own system, so I decided to keep WordPress and just use an API plugin to pull all the content I needed out, then store it in my Laravel application. In this tutorial, I wanted to outline how I set it all up.

While he did find other methods for linking the two, they didn't quite fit with what he wanted so he worked up his own. The content is then synced via a recurring task pulling over posts, categories and tags. He gets into the WordPress REST API first, showing the extraction of the posts from the API and pushing them into a Laravel collection. There's also an example of how to sync a post with the database (API) and how to create a new post in a similar way. Also included is the code to get the featured image, get the category for a post and sync the tag values. The tutorial finishes with the code for the sync command and pushing it into the scheduler.

tagged: wordpress backend laravel application tutorial rest api

Link: https://laravel-news.com/2016/08/wordpress-api-with-laravel/

Building a WordPress-Powered Front End With the WP REST API and AngularJS: Intro & Set
Aug 05, 2016 @ 11:17:36

The TutsPlus.com site has kicked off a new tutorial series today with part one of a look at using the WordPress REST API and AngularJS to create an API-powered frontend application.

In this series about building a WordPress-powered front end with the WP REST API and AngularJS, we will put the knowledge acquired in the introductory series to use. We will learn how we can leverage this knowledge to decouple the conventional theme-admin model supported by WordPress until now. We will plan and build a single-page application (that I've named Quiescent) with a WordPress back end which will feature posts, users, and categories listing pages. We will configure AngularJS routing and build a custom directive and controllers for the resources mentioned above.

In this first part of the series they walk you through some of the planning steps before the application even gets written (including wireframes). From there they get a bare-bones HTML structure setup for the Angular app to live in and make a matching WordPress plugin. This plugin will return a featured image, author name, associated categories and image resize data related to a post. The code for the plugin is included.

tagged: wordpress api frontend angularjs tutorial plugin wireframe planning series part1

Link: http://code.tutsplus.com/tutorials/building-a-wordpress-powered-front-end-with-the-wp-rest-api-and-angularjs-introduction-and-setup--cms-26115

Matt Stauffer:
Introducing Laravel Passport
Aug 01, 2016 @ 09:35:05

In his continuing series of posts looking at the upcoming features in the next version of the Laravel framework (v5.3) Matt Stauffer has posted about a new security-related offering that was recently announced at the Laracon US conference: Laravel Passport.

API authentication can be tricky. OAuth 2 is the reigning ruler of the various standards that you might consider, but it's complex and difficult to implement—even with the great packages available (League and Luca).

[...] Laravel Passport is native OAuth 2 server for Laravel apps. Like Cashier and Scout, you'll bring it into your app with Composer. It uses the League OAuth2 Server package as a dependency but provides a simple, easy-to-learn and easy-to-implement syntax.

He briefly mentions the "groundwork" that was laid for Passport in v5.2 and the application of different authentication mechanisms at different times. He then moves into the installation and configuration of the Passport system (it's not bundled so it's a separate install). He then talks about the management API that's automatically set up, the Vue.js frontend for managing clients and tokens and what it looks like when one is requested. He also provides a bit of sample code you can use to test it out for yourself once you've created a client and token on your system. He ends the post talking about the command line token generation of "personal" tokens and using middleware "scopes" to allow for easier cross-authorizations between routes.

tagged: laravel passport oauth api package release vuejs client token tutorial

Link: https://mattstauffer.co/blog/introducing-laravel-passport

SitePoint PHP Blog:
Can We Use Laravel to Build a Custom Google Drive UI?
Jul 25, 2016 @ 13:57:52

The SitePoint PHP blog has posted a new tutorial that asks the question "Can We Use Laravel to Build a Custom Google Drive UI??" In this case it's a simplified version of the current Google Drive functionality, but it's more of a proof-of-concept than anything.

In this tutorial, we’re going to build an app that talks to the Google Drive API. It will have file search, upload, download and delete features. If you want to follow along, you can clone the repo from Github.

They walk you through the full process of getting the application set up, including creating the project on the Google side and grabbing the API credentials for use in your code. They then switch back over to the code side and create a basic Laravel project and configure it with the Google API credentials you just created. Next up is the creation of all of the routes for the list, upload and delete handling in the Laravel app as well as the controllers/views to make them all work. They also include search functionality, letting you easily query the API for files with names matching a certain string.

tagged: laravel google drive ui tutorial api example

Link: https://www.sitepoint.com/is-laravel-good-enough-to-power-a-custom-google-drive-ui/

Securing client-side public API access with OAuth 2 and Symfony
Jul 18, 2016 @ 12:30:26

On the Codevate.com blog there's a tutorial posted by Chris Lush showing you how to secure your client-side public API with OAuth 2 (based on the Symfony platform).

Say you’ll be developing a web application for a customer to create and manage restaurant bookings, exposing restaurant information (name, opening times, menu contents etc.) and booking creation as RESTful API endpoints, which are consumed by secure admin backend. You’ll need to authorise access to the API, but there is no end-user involved since the web app is its own resource owner, so the previous flow doesn’t apply.

[...] However, you also need to develop a booking widget that will be embedded in a company or restaurant’s website for visitors to use. In this case, the client-side is no longer trusted enough to share the OAuth client secret that’s required to authenticate with your API. [...] We encountered a similar use-case for a client project recently, and this blog post details the steps taken to address it.

He then shows how to integrate the FOSOAuthServerBundle bundle into your current Symfony-based application and the updates you'll need to make to your security.yml file. He includes the code needed to create a "client" and associating it with a company already in the customer list. Next is the creation of access tokens and linking them to the restaurants in their system (a unique identifier to use externally for the restaurant rather than an ID). He shows an example of handling the token requests and the code/config changes needed to set it up. Finally he talks about scoping API requests down to certain functionality and an example cURL call to the API to show the results of it all combined.

tagged: clientside api access security oauth2 symfony tutorial bundle

Link: https://www.codevate.com/blog/12-securing-client-side-public-api-access-with-oauth-2-and-symfony

Test Driven API Development using Laravel, Dingo and JWT with Documentation
Jun 20, 2016 @ 10:15:04

On the DotDev.co site a tutorial has been posted showing the full set up of an API using Laravel, Dingo and JWT tokens while following test-driven development principles along the way.

As the complexity of API’s increase, improving the ways we create them becomes a necessity. Let’s take a journey exploring an efficient way of building well-tested API’s that are easy to develop and maintain by wiring up several different open-source packages.

In this tutorial, we will build a very simple API for fruits that lists all the fruits, shows one fruit, creates a fruit, and finally deletes a fruit. The API will allow anyone to list and show fruits but we will use JWT Authentication to protect creating and deleting operations so only the registered users can use them.

The tutorial starts by helping you get the TDD environment set up for the application and the required libraries installed. From there they install and configure Dingo and look at the role that transformers play in the API output. With a basic API in place the JWT tokens are integrated and another package is used to generate simple, clean API documentation. Full links to other packages, screenshots of the expected output and all the code you'll need is included.

tagged: testdriven development tdd laravel api dingo jwt token tutorial

Link: https://dotdev.co/test-driven-api-development-using-laravel-dingo-and-jwt-with-documentation-ae4014260148#.tccatytip

SitePoint PHP Blog:
Hacking the Fitbit – Emulating a Pager for Twitter DMs!
Jun 17, 2016 @ 10:27:57

The SitePoint PHP blog has a tutorial they've posted from Christopher Pitt showing you how to hack your Fitbit into a pager for Twitter DMs. This essentially turns your Fitbit into a notification system for when someone on Twitter sends you a direct message. It's not overly useful (as you can't send a message) but it is an interesting integration.

I’ve been trying to wake up earlier in the morning. The trouble is that alarms wake everybody up, not just me. To get around this problem, I recently bought the cheapest Fitbit I could find, having learned that they have a neat silent alarm.

The truth is, if I had the cash I would rather have bought an Apple watch. When I got the Fitbit, my programmer brain immediately jumped to the question; “How can I hack this thing?” I ended up learning a bit about Fitbit, OAuth and the Twitter API. I also learned that sometimes it’s better just to get an Apple watch…

His application uses Lumen as the framework and makes connections to both the Twitter and Fitbit JSON APIs. He defines a few routes for the OAuth handling (with callbacks) and a simple view with the "Connect To" links. He shows the creation of applications on both the Twitter and Fitbit side and how to define their keys in your configuration. He sets up the Socialite providers for both connections and a bit of caching to prevent the need for a full pull. He then uses the Fitbit API to set "silent alarms" on your device that are timed to go off immediately when the app detects a new DM on the Twitter stream.

tagged: tutorial fitbit twitter api connect application alarm directmessage

Link: https://www.sitepoint.com/hacking-the-fitbit-emulating-a-pager-for-twitter-dms/