Service to route HTTP/REST requests to your own TYPO3 controllers.
Service to route HTTP/REST requests to your own controllers.
BEWARE: This extension is expected to be used by TYPO3 developers and acts as a central hub to route requests to your own business logic.
- Support for authenticated method calls
- Support for localized calls (taking the language into account)
- Support for cached calls and transparent access to the TYPO3 caching framework within your API handler
- Support for gzip payload if header
HTTP_ACCEPT_ENCODINGis present and contains
- Support for dynamically generating a documentation of your API
In addition, this supports dependency injection for your API handlers, you just need to use
@inject or methods
inject, as well-known when programming with Extbase.
Unlike EXT:routing, this extension does not force you to map Extbase
controller/actions to route segments but instead basically lets you register a "segment" (typically the first one) and
then will simply route the whole request to a
handle() method within your controller.
First of all you should add a dependency within your
ext_emconf.php configuration file, either as a real constraint,
or as a suggestion, depending on what you prefer:
$EM_CONF[$_EXTKEY] = [ // snip 'constraints' => [ 'depends' => [ 'php' => '5.5.0-7.1.99', 'typo3' => '7.6.0-8.99.99', ], 'conflicts' => , 'suggests' => [ 'simple_api' => '', ], ], ];
$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['simple_api']['apiHandlers'] = [ 'route' => '/some-route', 'class' => \VENDOR\YourExt\Api\YourClass::class, ];
you may register a pattern instead of a fixed route:
$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['simple_api']['apiPatternHandlers'] = [ 'route' => '/members/\d+/history', 'class' => \VENDOR\YourExt\Api\YourClass::class, ];
Your handler must extend
The registration array supports various keys:
route [mandatory]: The route to register.
class [mandatory]: The class handling requests to the corresponding route.
contentType [optional]: Content type of the payload accepted by a POST request, will decode it automatically before invoking your handler.
methods [optional]: The comma-separated list of HTTP methods accepted by the handler (e.g., "POST"). Defaults to no restrictions.
restricted [optional]: Whether the API call expects an authenticated call (using
HTTP_X_AUTHORIZATIONheader). If restricting access to part of your API, you must register a route with name
/authenticatewhich will get the
HTTP_X_AUTHORIZATIONheader, do something with it and return an array with following keys:
success => true(or
false). Will be passed as
_authenticatedboolean flag to the API handler
- Custom keys will be prefixed by
_and passed as-is to the API handler (e.g.,
- Custom boolean flag
demomay be used to specify that the authentication succeeded but with "demonstration" capabilities. This needs to be then handled in your API controller by checking, as expected, boolean flag parameter
HTTP_X_AUTHORIZATIONheader is present, the authentication will take place and your handler will be invoked regardless of the outcome of the call, if you did not explicitely marked your handler as "restricted".
deprecated [optional]: Boolean flag to mark the corresponding route as deprecated in the documentation.
Following rules apply with the payload you return from your API handler:
- Payload is expected to be an array and will be returned as content-type
application/json. If you want to return another content-type (such as an image), you should do it in your own API handler and
- If an exception is thrown, it is catched and encapsulated into a HTTP 500 error. The only exception is if exception
\Causal\SimpleApi\Exception\ForbiddenExceptionis thrown, it will throw a HTTP 403 error instead.
- If no handlers are found, a HTTP 404 error is returned.
Extbase repositories may be used within your API handlers but you need to manually invoke method
includeTCA()from the base class in order for the Extbase mapping to be available to returned objects. This call should typically be part of the
initialize()method you can override in your handler and which is called before invoking
BEWARE: If you don't properly include the TCA of your domain model, you may corrupt the Extbase datamap cache by storing incomplete mapping definition into the cache backend for
cf_extbase_datamapfactory_datamapwith out-of-the-box TYPO3 settings). In such case, you will need to flush that cache manually.
Clone this repository into
cd /path/to/typo3conf/ext/ git clone https://github.com/xperseguers/t3ext-simple_api.git simple_api
Alternatively, you may load it via composer:
composer require causal/simple_api
Go to Extension Manager and activate extension
Add a rewrite rule to your
RewriteRule ^api/(.*)$ /index.php?eID=simple_api&route=$1 [QSA,L]
or, if you are using Nginx:
rewrite ^/api/(.*)$ /index.php?eID=simple_api&route=$1 last;
This will have the effect of using this extension for handling requests starting with
Hint: If you need to support localization (
&L=<some-language-uid>), then you should change the suggesting routing
above to include the root page uid of your website (
&id=<some-uid>). This is needed because localization mode and
default language may differ in complex environments and thus cannot be inferred.