blacknell/restapi-service

Simple class to expose a REST api

Maintainers

Details

github.com/blacknell/restapi-service

Source

Issues

Installs: 239

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 1

0.7 2021-02-02 13:38 UTC

Requires

Requires (Dev)

MIT 2b7b4965371ae67e7176eade6d5368ef2a8f55fa

This package is auto-updated.

Last update: 2024-04-29 04:12:54 UTC

README

Build Status Latest Stable Version Latest Unstable Version License

restapi-service maps REST API calls to endpoints in protected methods in your derived class. In your class methods process according to the verbs and arguments of the http request.

Installation

Install the latest version with

$ composer require blacknell/restapi-service

Basic Usage

  • Copy example/api.php and derive a class such as in examples/MyAPI.class.php into your web server directory
  • Configure a .htaccess file to rewrite your RESTful call to your class

Web Server configuration

For example, https://yourserver/myapi/v1/daylight/littlehampton/yesterday maps to https://yourserver/myapi/v1/api.php?request=daylight/littlehampton/yesterday

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule myapi/v1/(.*)$ myapi/v1/api.php?request=$1 [QSA,NC,L]
</IfModule>

Sample code

See example/MyAPI.class.php to see how https://yourserver/myapi/v1/daylight/littlehampton/yesterday generates the following JSON output

{
    "description": "Between sunrise and sunset yesterday",
    "sunrise": {
        "date": "2019-01-07 08:00:56.000000",
        "timezone_type": 3,
        "timezone": "Europe\/London"
    },
    "sunset": {
        "date": "2019-01-07 16:15:44.000000",
        "timezone_type": 3,
        "timezone": "Europe\/London"
    }
}

Additional Concepts

Cross-Origin Resource Sharing (CORS)

Additional headers can be added to the constructor of your derived class before calling the parent constructor. For example, to allow a client on a website http://myclient.com to access your API add this header call.

	public function __construct($request, \Monolog\Logger $logger = null)
	{
		header('Access-Control-Allow-Origin: http://myclient.com');
		parent::__construct($request, $logger);
	}

Authentication

Overide RestAPI::isAuthenticated() to handle authentication and only return true if the request is authorised. As a basic example, you could enforce a request to include a header such as Authentication-Token: xxx and test this in your derived class.

	protected function isAuthenticated()
	{
		$headers=getallheaders();
		if($headers['Authentication-Token'] !== 'xxx') {
			return false;
		} else {
			return parent::isAuthenticated();
		}
	}

Error Handling

Any endpoint not mapping to a protected function in your derived class results in the following JSON response.

{
    "error": "No endpoint",
    "code": 404
}

Your derived class should do the same for invalid verbs or arguments. Methods other than GET, POST, PUT or DELETE also result in an error.

Logging

PSR-3 logging is supported via monolog/monolog by passing an optional Logger object to the API constructor.