Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP Town Hall Podcast:
Episode 56: GraphQL is better than REST
Jan 16, 2018 @ 10:54:20

The PHP Town Hall podcast, hosted by PHP community members Amanda Folson and Ben Edmunds, has posted their latest episode - Episode #56: GraphQL is better than REST.

Amanda Folson and Ben Edmunds are joined by Phil Sturgeon to discuss what’s new in the world of API development.

Make sure to check out his new book Talking To Other People’s APIs.

You can check out the show in a few different ways: either through the in-page audio or video player or you can check out the video directly on YouTube. If you enjoy the episode, be sure to subscribe to their feed and follow them on Twitter for updates on when new shows are released.

tagged: phptownhall ep56 benedmunds amandafolson graphql rest philsturgeon

Link: https://phptownhall.com/episode-56-graphql-is-better-than-rest/

Phil Sturgeon:
A Response to REST is the new SOAP
Dec 19, 2017 @ 11:49:05

For those dealing with APIs on a daily basis (or even the casual API-er) you'll find this post from Phil Sturgeon interesting. In it he takes on the opinion that's shared in this article from Pakal De Bonchamp that "REST is the new SOAP".

Enough people have asked me about the article REST is the new SOAP that I felt it justifies a write up. [...] The entire article is full of common misunderstandings about REST and HTTP. Despite dedicating my career to trying to educate people through these confusions, they continue to be rife. Clearly I am not being loud enough, writing effectively enough, or doing a good enough job. That is the frustration you might hear in my writing, but nothing is aimed at the author.

In his post Phil goes through the original article, pulling out quotes and responding to them one at a time. He shares opinions on HTTP verb operations, REST architecture, HTTP response code usage and the use of caching and statelessness in the API functionality.

tagged: rest opinion response soap http response architecture verb

Link: https://philsturgeon.uk/api/2017/12/18/rest-confusion-explained/

Delicious Brains Blog:
How to Develop a WordPress Plugin Using Webpack 3, React and the REST API (pa
Nov 06, 2017 @ 09:46:31

On the Delicious Brains site they've posted the latest part in their "Develop[ing] a WordPress Plugin Using Webpack 3, React and the REST API" series. This is part two of the series, building on the foundation set up in part one of the series. In this second part more work is put into the Webpack setup, the creation of the REST API and the React frontend.

Have you ever wondered how to get React working with the WordPress REST API? If so you’re in the right place – that’s what we’re going to cover in this follow-up to part one of how to develop a WordPress plugin! In our previous post, we explained what Webpack is and got it integrated into our WordPress sample plugin. We also got BrowserSync set up and reloading our app. In this part we’re going to look at how to get the React side of our plugin working with the WordPress REST API so that the plugin actually does something cool.

The tutorial starts with the Webpack changes, mostly configuration updates adding in additional plugins. Next comes the changes for the REST API and working with it to get information from the WordPress backend. After showing you how to test that the API is working as expected they move along to the React changes on the frontend and using components to split up the logic and make it easier to maintain.

tagged: wordpress rest api tutorial webpack react plugin

Link: https://deliciousbrains.com/develop-wordpress-plugin-webpack-react-rest-api-part-2/

Zend Framework Blog:
REST Representations for Expressive
Aug 09, 2017 @ 10:12:18

On the Zend Framework blog there's a new post from project lead Matthew Weier O'Phinney covering REST representations in Expressive and the release of two new components to help with their implementation.

We've been working towards our various Apigility on Expressive goals, and have recently published two new components: zend-problem-details and zend-expressive-hal.

These components provide response representations for APIs built with PSR-7 middleware. Specifically, they provide: Problem Details for HTTP APIs (RFC 7807) and Hypertext Application Language (HAL).

These two formats provide both JSON and XML representation options (the latter through a secondary proposal).

The post then goes on to talk about the idea of "representations" and how it relates back to the structure of the data returned and how the user knows what operations they can take on it. He also talks about the differences between normal responses and errors and gives example output helping to illustrate his points. The remainder of the post gets into the details of the two new components, their use and how to implement them in Expressive.

tagged: zendexpressive rest representation data structure response api component tutorial

Link: https://framework.zend.com/blog/2017-08-08-expressive-rest-representations.html

Toptal.com:
Laravel API Tutorial: How to Build and Test a RESTful API
Jul 11, 2017 @ 11:58:15

On the TopTal site they've posted a tutorial from author André Castelo showing you how to create a Laravel-based RESTful API with functionality that already exists in the framework.

With the rise of mobile development and JavaScript frameworks, using a RESTful API is the best option to build a single interface between your data and your client.

Laravel is a PHP framework developed with developer productivity in mind. [...] In this article, we’ll explore the ways you can build—and test—a robust API using Laravel with authentication. We’ll be using Laravel 5.4, and all of the code is available for reference on GitHub.

He starts off by talking about RESTful APIs, what actions the HTTP verbs represent and a note about consistency in URLs. He then starts in on the project setup, creating a new Laravel application and configuring the database for a Homestead environment. Next he creates the models and data seeders for articles and users for the API. Routes and controllers come next showing how to work with route model binding and response codes to correctly relay the status of the request back to the user. Following this he covers authentication on the API (using a token) and building out the endpoints for login, registration and logging out.

Finally he shows how to test the endpoints using some simple Laravel-enabled testing and PHPUnit. His tests check things like login error handling, missing data on registration and the correct flow on the logout process.

tagged: laravel tutorial build test rest api framework

Link: https://www.toptal.com/laravel/restful-laravel-api-tutorial

Building Your Startup:
Securing an API
May 22, 2017 @ 13:16:19

The TutsPlus.com site has continued their "Building Your Startup" tutorial series with a new post about APIs and security. In this series, they've been using the Yii2 framework to create a calendaring "startup" site. Now they're to the point of adding a "RESTful" API to the system and want to be sure it's secure.

Recently, I introduced you to Yii's simple REST API generation and Meeting Planner's new "RESTful" service API. At that time, I mentioned that these APIs were only loosely secured. Sure, there was a shared secret between the client and the server, but there were a couple of problems.

First, the secret key and user tokens were repeatedly transmitted in query parameters of SSL calls. And there was no other authenticity check for the data, allowing a middle-person attack. In today's episode, I'll guide you through how I secured the API against these weaknesses for a more robust API.

They start off looking at the API security that was previously put in place using an "app ID" and "app secret" values to identify the user. To improve on this, the system is updated to use the "app secret" value to sign the outgoing data via a HMAC hash that is sent along with the request.

tagged: api security tutorial yii2 build startup series hmac rest

Link: https://code.tutsplus.com/tutorials/building-your-startup-securing-an-api--cms-27867

Toptal.com:
PhalconPHP: A Solution for High-load RESTful APIs
Apr 11, 2017 @ 10:26:37

The Toptal.com blog has a tutorial posted from Andrew Belousoff today sharing what he sees as a solution for high-load RESTful APIs in your application: PhalconPHP.

Suppose you need to create a high-load project based on a PHP MVC framework. You would probably use caching wherever possible. Maybe you would build the project in a single file, or maybe even write your own MVC framework with minimal functionality, or rewrite some parts of another framework. While, yes, this works, it’s a little bit tricky, isn’t it? Fortunately, there is one more solution that makes most of these manipulations unnecessary (save for the cache, perhaps), and this solution is called the PhalconPHP framework.

He starts off the article with a brief introduction to the PhalconPHP framework and some of the recent (2016) benchmarks of its performance against both raw PHP and other smaller, lighter MVC frameworks. With that out of the way he starts in on the creation of a sample project, first pointing out the difference between the "micro" and "full-stack" versions. He chooses the "micro" option for his API and walks you through installation of the framework extension, the directory structure it requires and what the code for the front controller looks like. From there he works up the rest of the code:

  • configuration handling
  • working with the DI container
  • creating the RESTful routes/controllers
  • building models
  • developing some business logic to work with user data

The post ends with a look at performing some testing on the result and mentions the addition of logging and caching functionality. He also points out one of the main disadvantages around using PhalconPHP - that it's an extension and is harder to customize than a PHP-land framework could be.

tagged: phalconphp rest api tutorial introduction framework benchmark

Link: https://www.toptal.com/phalcon/phalcon-php-restful-apis

TutsPlus.com:
Programming With Yii2: Building a RESTful API
Apr 06, 2017 @ 10:30:05

The TutsPlus.com site has posted the latest article in their "Programming with Yii2" series today, this time focusing on the creation of a RESTful API with the built-in framework support.

In this Programming With Yii2 series, I'm guiding readers in use of the Yii2 Framework for PHP. You may also be interested in my Introduction to the Yii Framework, which reviews the benefits of Yii and includes an overview of what's new in Yii 2.x.

In today's tutorial, I will review how to build a REST API in Yii to connect your application to the cloud, mobile apps, and other services. I'll guide you through Yii's REST API quick start guide and provide context and examples of common requests.

He starts off with some of the benefits of having a REST API for your Yii2 application and some of the functionality that comes included with the framework. He then starts in on building the base functionality of the API with a controller, a "tree" for the endpoints and configuration of the URL routing. The rest of the post is a set of example requests made to the API with the help of both cURL and the Postman app for Chrome.

tagged: yii2 framework series tutorial build rest api example

Link: https://code.tutsplus.com/tutorials/programming-with-yii2-building-a-restful-api--cms-27513

Esben Petersen:
A modern REST API in Laravel 5 Part 4: Authentication using Laravel Passport
Mar 20, 2017 @ 10:56:15

Esben Petersen has posted the fourth part of his tutorial series covering the creation of a "modern REST API" with Laravel. In this latest article he focuses on authenticating users with the help of an OAuth2 flow.

OAuth is all around us. Most of us have tried to login to a 3rd party service using our Facebook or Google account as a login. This login mechanism is one of many OAuth authentication types. However, you can also use OAuth to generate simple API keys. One of the OAuth authentication types generates API keys based on username and password and is therefore a solid authentication choice for SaaS-style apps. This article will explore how to setup the password grant authentication type in Laravel using Laravel Passport.

The article is broken up into a few different sections, each with explanations and code where appropriate to help illustrate the point:

  • a basic introduction to OAuth2 and grants
  • authentication in single-page applications
  • dependencies to use (and install/configuration)
  • creating the login proxy
  • building a consumer

The final step is an example (using a curl command) to test the API and ensure things are working as expected. The post ends with a more "real world" example of a Slack-style application and linking channels and user but only showing the channels users have access to based on scope.

tagged: tutorial rest api laravel series part4 oauth2 passport

Link: http://esbenp.github.io/2017/03/19/modern-rest-api-laravel-part-4/

Esben Petersen:
A modern REST API in Laravel 5 Part 1: Structure
Mar 09, 2017 @ 10:44:56

Esben Petersen has kicked off his series on creating a modern REST framework in Laravel 5 with part one in the series. This first tutorial focuses on the setup of the application using a "folders by component" approach.

Over time when your API grows in size it also grows in complexity. Many moving parts work together in order for it to function. If you do not employ a scaleable structure you will have a hard time maintaining your API. New additions will cause side effects and breakage in other places etc.

It is important to realize in software development no singular structure is the mother of all structures. It is important to build a toolbox of patterns which you can employ given different situations. This article will serve as an opinionated piece on how such a structure could look.

The tutorial covers structure on three different levels (patterns): application flow, project folder structure and resource folder structure. For each level they cover some of the basic concepts involved and share code showing how it could be implemented including controllers, repositories, middleware and fitting it all into a a resource folder structure.

tagged: laravel rest api laravel5 tutorial series part1 structure

Link: http://esbenp.github.io/2016/04/11/modern-rest-api-laravel-part-1/