Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Esben Petersen:
A modern REST API in Laravel 5 Part 4: Authentication using Laravel Passport
Mar 20, 2017 @ 10:56:15

Esben Petersen has posted the fourth part of his tutorial series covering the creation of a "modern REST API" with Laravel. In this latest article he focuses on authenticating users with the help of an OAuth2 flow.

OAuth is all around us. Most of us have tried to login to a 3rd party service using our Facebook or Google account as a login. This login mechanism is one of many OAuth authentication types. However, you can also use OAuth to generate simple API keys. One of the OAuth authentication types generates API keys based on username and password and is therefore a solid authentication choice for SaaS-style apps. This article will explore how to setup the password grant authentication type in Laravel using Laravel Passport.

The article is broken up into a few different sections, each with explanations and code where appropriate to help illustrate the point:

  • a basic introduction to OAuth2 and grants
  • authentication in single-page applications
  • dependencies to use (and install/configuration)
  • creating the login proxy
  • building a consumer

The final step is an example (using a curl command) to test the API and ensure things are working as expected. The post ends with a more "real world" example of a Slack-style application and linking channels and user but only showing the channels users have access to based on scope.

tagged: tutorial rest api laravel series part4 oauth2 passport

Link: http://esbenp.github.io/2017/03/19/modern-rest-api-laravel-part-4/

Esben Petersen:
A modern REST API in Laravel 5 Part 1: Structure
Mar 09, 2017 @ 10:44:56

Esben Petersen has kicked off his series on creating a modern REST framework in Laravel 5 with part one in the series. This first tutorial focuses on the setup of the application using a "folders by component" approach.

Over time when your API grows in size it also grows in complexity. Many moving parts work together in order for it to function. If you do not employ a scaleable structure you will have a hard time maintaining your API. New additions will cause side effects and breakage in other places etc.

It is important to realize in software development no singular structure is the mother of all structures. It is important to build a toolbox of patterns which you can employ given different situations. This article will serve as an opinionated piece on how such a structure could look.

The tutorial covers structure on three different levels (patterns): application flow, project folder structure and resource folder structure. For each level they cover some of the basic concepts involved and share code showing how it could be implemented including controllers, repositories, middleware and fitting it all into a a resource folder structure.

tagged: laravel rest api laravel5 tutorial series part1 structure

Link: http://esbenp.github.io/2016/04/11/modern-rest-api-laravel-part-1/

Dac Chartrand:
Building a Simple API using Opulence PHP
Jan 30, 2017 @ 11:27:35

Dac Chartrand has written up a post to his site showing you how to create a simple REST API with Opulence, a PHP framework that bills itself as a "modern framework for modern PHP".

This tutorial will show you how to code a simple JSON API using Opulence PHP. We will install Opulence’s skeleton project using composer, then create a ‘user’ database entity, and finally we will match CRUD (Create, Read, Update, Delete) to POST, GET, PUT, and DELETE.

The start of the tutorial helps you get a new Opulence project set up and running including updating the configuration for content type handling and the database connection details. With that set up he moves into the code creating the "User" entity and its matching classes. He builds out the controller, selecting a REST controller from the options and builds out all methods needed for the CRUD user operations. The tutorial finishes with a bit of testing information so you can see the framework in action.

tagged: opulence api rest tutorial simple user framework

Link: http://kizu514.com/blog/building-a-simple-api-using-opulence-php/

Scotch.io:
Laravel Random Keys with Keygen
Jan 27, 2017 @ 12:44:13

On the Scotch.io site they've posted a new Laravel-related tutorial covering the use of the keygen package to generate random keys via four generator types. These keys can be used for just about anything in your application and can be customized to fit your length and complexity requirements. One thing to note, however, is that the strings it generates are random but should not be considered strong enough to use for actual encryption purposes.

When developing applications, it is usually common to see randomness come into play - and as a result, many programming languages have built-in random generation mechanisms.

[...] When your application is required to generate very simple random character sequences like those enumerated above, then the Keygen package is a good option to go for. Keygen is a PHP package for generating simple random character sequences of any desired length and it ships with four generators, namely: numeric, alphanumeric, token and bytes.

For their example they chose to create a simple REST API service that allows for user creation, viewing users and generating a random (temporary) password using the Keygen package. They start by helping you get the package installed (via Composer) and adding an alias to your Laravel config for "Keygen" to make it easier to access. They then create the user model and add in a "setEmailAttribute" method to verify the email value submitted (for format and uniqueness). Next up is the route definition for the "user" endpoints, creation of the API controller and implementing the Keygen tool to create a random eight digit code for the user. They also include a few strategies to ensure the code generated (and the resulting hash) is unique across all users. The reminder of the post shows the full user creation, and implementing the remaining methods required to view the user's details.

tagged: laravel random key keygen tutorial package rest api

Link: https://scotch.io/tutorials/laravel-random-keys-with-keygen

Cloudflare Blog:
Using Guzzle and PHPUnit for REST API Testing
Dec 30, 2016 @ 10:19:48

On the Cloudflare blog there's a new post with an example of how to test APIs with Guzzle, a popular HTTP client for PHP. In their example they're focusing on the testing of REST APIs.

APIs are increasingly becoming the backbone of the modern internet - whether you're ordering food from an app on your phone or browsing a blog using a modern JavaScript framework, chances are those requests are flowing through an API. Given the need for APIs to evolve through refactoring and extension, having great automated tests allows you to develop fast without needing to slow down to run manual tests to work out what’s broken.

[...] In this post I'll be demonstrating how you can test RESTful APIs in an automated fashion using PHP, by building a testing framework through creative use of two packages - Guzzle and PHPUnit. The resulting tests will be something you can run outside of your API as part of your deployment or CI (Continuous Integration) process.

They start by setting up their testing environment, using Composer to install both the Guzzle HTTP client and the PHPUnit testing tool. They then create the example phpunit.xml configuration file and writing a first test. Their example runs a test against the "/user-agent" endpoint on httpbin.org, verifying that the response code is 200, content type of the return is correct and that the body contains the string "Guzzle". They build on this adding another test for a failure (a 405 response code) from a PUT request on the same endpoint.

tagged: guzzle testing http api rest phpunit tutorial introduction

Link: https://blog.cloudflare.com/using-guzzle-and-phpunit-for-rest-api-testing/

TutsPlus.com:
How to Secure a REST API With Lumen
Oct 26, 2016 @ 10:56:58

Over on the TutsPlus.com site there's a new tutorial posted for the Lumen users out there building REST APIs. The post walks you through an authentication method for the API making use of Laravel's included "guard" handling and an API token.

Lumen is Laravel's little brother: a fast, lightweight micro-framework for writing RESTful APIs. With just a little bit of code, you can use Lumen to build a secure and extremely fast RESTful API.

In this video tutorial from my course, Create a REST API With Lumen, you'll learn how to use Lumen's built-in authentication middleware to secure a REST API with Lumen.

The post includes the screencast of the tutorial but it also includes all of the content below that in more developer-friendly text form. Screenshots of the code in various states are also included as well as descriptions of what's happening in the auth process along the way.

tagged: lumen security rest api screencast tutorial

Link: https://code.tutsplus.com/tutorials/how-to-secure-a-rest-api-with-lumen--cms-27442

SitePoint PHP Blog:
RESTful Remote Object Proxies with ProxyManager
Sep 13, 2016 @ 11:03:15

The SitePoint PHP blog has posted a tutorial introducing the use of ProxyManager in RESTful APIs to help interface your API endpoints directly with backend objects for the typical CRUD (create, read, update, delete) handling a REST API provides. ProxyManager is a tool created by Marco Pivetta to creating various kinds of proxies through a set of factory classes.

The proxy pattern is another cool design pattern in software development. A proxy is a class working as an interface to another class or web service. For the sake of simplicity, we’ll refer to proxied classes as subjects throughout the rest of the article. A proxy usually implements the same interface as the subject, so it looks like we’re calling the methods directly on the subject.

They start with a brief overview of proxies and the proxy design pattern for those not familiar then "cut to the chase" and show how to hook in ProxyManager via a custom adapter for the REST endpoints. They help you get all dependencies needed installed (via Composer) and the creation of a simple API using Silex and it's provider handling. They then create the application, set up the front controller and configure the relation between endpoint and proxy. Code is then included to create the required factories, interfaces and mappings. The tutorial wraps up with an example of using the API you've just created.

tagged: rest api tutorial proxymanager example factory classes

Link: https://www.sitepoint.com/restful-remote-object-proxies-with-proxymanager/

Cloudways Blog:
How To Create Simple Rest API In Symfony 3.1
Aug 30, 2016 @ 12:59:10

The Cloudways blog has posted a new tutorial helping you get up and running quickly with a simple REST API written using the Symfony framework. In the article they not only explain how to create the API but also include a bit of REST theory for those not completely familiar with the terms and functionality involved.

Symfony is fast becoming the favourite framework among developers for rapid application development. And despite releasing Symfony 3.1 and 3.2 in the previous quarter, they are still introducing many changes and upgrades. If you’re still using the previous versions, you must upgrade Symfony Framework to the latest and stable version 3.1.

Yes! We know that Symfony is one of the best frameworks to develop rest API, so in this article we will make simple rest API in Symfony 3.1. I am assuming that you’ve already setup PHPstack application on Cloudways with Symfony installed, but if you haven’t, follow this installation guide.

They briefly talk about the REST HTTP verb types and what kind of actions they relate to. With that defined the tutorial then gets into the requirements including the installation of two bundles: JMSSerializerBundle and NelmioCorsBundle. From there examples of configuration changes, commands to make users and execute migrations on the local database are included. With this system set up they include sample code for each HTTP verb type letting you perform the actions on the User entity (create, read, update and delete).

tagged: symfony rest api simple tutorial introduction phpstack

Link: https://www.cloudways.com/blog/rest-api-in-symfony-3-1/

Laravel News:
How to use WordPress as a backend for a Laravel Application
Aug 17, 2016 @ 12:51:08

The Laravel News site has posted an interesting tutorial where they describe the use of WordPress as a backend for a Laravel application. This setup is based on the Laravel News' own experience with it in the recent refactoring of the site.

Last week I relaunched Laravel News, and the new site is running on Laravel with WordPress as the backend. I’ve been using WordPress for the past two years, and I’ve grown to enjoy the features that it provides. The publishing experience, the media manager, the mobile app, and Jetpack for tracking stats.

I wasn’t ready to give these features up, and I didn’t have the time to build my own system, so I decided to keep WordPress and just use an API plugin to pull all the content I needed out, then store it in my Laravel application. In this tutorial, I wanted to outline how I set it all up.

While he did find other methods for linking the two, they didn't quite fit with what he wanted so he worked up his own. The content is then synced via a recurring task pulling over posts, categories and tags. He gets into the WordPress REST API first, showing the extraction of the posts from the API and pushing them into a Laravel collection. There's also an example of how to sync a post with the database (API) and how to create a new post in a similar way. Also included is the code to get the featured image, get the category for a post and sync the tag values. The tutorial finishes with the code for the sync command and pushing it into the scheduler.

tagged: wordpress backend laravel application tutorial rest api

Link: https://laravel-news.com/2016/08/wordpress-api-with-laravel/

Alejandro Celaya:
Dispatch REST-like requests with a single controller class in Zend Expressive
Jun 27, 2016 @ 10:21:25

In a new post to his site Alejandro Celaya shows you how to dispatch REST-like requests in Zend Expressive using a single-controller method.

I was digging into Zend Expressive and how to use controllers that allow me to share dependencies between different routes, instead of having to use different middlewares every time. Abdul wrote a great article on this subject that you can find here, which also became part of Expressive's cookbook some time later.

This is a perfect approach that easily allows to reuse some code, but then I thought how to do something similar in a rest environment, having a single class with different dispatchable methods that will be called depending on the request's HTTP method. This is a possible solution based on ZF2's AbstractRestfulController.

He starts by creating an AbstractRestController class to handle the basics of the REST handling, essentially matching verbs to their actions. He then extends this with a RestUserController class that overrides the necessary methods for only the HTTP verbs you want to change. He then shows how to register the route so it can be used by any request verb type (GET, POST, PUT, etc).

tagged: zendexpressive tutorial rest request verb http zendframework2 abstractcontroller

Link: http://blog.alejandrocelaya.com/2016/06/24/dispatch-rest-like-requests-with-a-single-controller-class-in-zend-expressive/