Writing APP interface (API) in laravel-PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

Writing APP interface (API) in laravel

*文

Dec 29, 2017 pm 07:05 PM

apilaravelwrite

This article mainly introduces the relevant information about making APP interface (API) based on laravel. Friends in need can refer to it. I hope to be helpful.

Preliminary preparation

Foreword, why and what to do
My surname is Bai, and I am a novice in programming. However, since I came into contact with the wonderful thing of programming in my freshman year, I have been completely immersed in the world of programming.

No, I have started to mess with APPs recently. It is said that it is really easy to develop an APP now. It can be completed with only JavaScript and a little HTML+css technology. But the backend of the APP is different. After developing an APP and want to read some data into it, we have to develop a backend.

The laravel framework is my favorite PHP framework, bar none. Last year I used laravel to write my personal website, but the roughness made me blush. Okay, let’s not go into details, let’s go directly to the topic - install laravel first!

Basic environment configuration

For specific steps, please refer to the document directly. Laravel5.2 installation

My own environment is win10 Wampsrver2.5 is installed above, but it is worth paying attention to. If you use wampsrver2.5, these places need to be changed. Regarding this, please read my notes and click to preview
Tools: sublime
Browser: chrome (plug-in postman to be used)

About API

API (Application Programming Interface, Application Programming Interface) are predefined functions that provide applications and developers with the ability to access a set of routines based on certain software or hardware without accessing the source code, or Understand the details of the inner workings.
It should be noted that API has its specific purpose, and we should know what it does. What should be entered when accessing the API. What should you get after accessing the API.

When we start designing the API, we should pay attention to these 8 points
The content here is excerpted from the master's blog
The subsequent development plan will revolve around this. (Really great summary)

1.Restful design principles
2.API naming
3.API security
4.API return data
5.Pictures Processing
6. Returned prompt information
7. Online API test document
8. When the app starts, call an initialization API to obtain the necessary information

Use laravel development API

Just when I was worried about whether to start learning from scratch, I found this plug-in dingo/api, so let’s install it now!
First of all, it must be downloaded correctly
Add the following content to the newly installed laravel composer.json

Then open cmd and execute

composer update

In config/app.php Add

App\Providers\OAuthServiceProvider::class,
Dingo\Api\Provider\LaravelServiceProvider::class,
LucaDegasperi\OAuth2Server\Storage\FluentStorageServiceProvider::class,
LucaDegasperi\OAuth2Server\OAuth2ServerServiceProvider::class,

to the providers and add

&#39;Authorizer&#39; => LucaDegasperi\OAuth2Server\Facades\Authorizer::class,

to the aliases. Modify the content in the app/Http/Kernel.php file

protected $middleware = [\LucaDegasperi\OAuth2Server\Middleware\OAuthExceptionHandlerMiddleware::class,
];
protected $routeMiddleware = [
  &#39;oauth&#39; => \LucaDegasperi\OAuth2Server\Middleware\OAuthMiddleware::class,
  &#39;oauth-user&#39; => \LucaDegasperi\OAuth2Server\Middleware\OAuthUserOwnerMiddleware::class,
  &#39;oauth-client&#39; => \LucaDegasperi\OAuth2Server\Middleware\OAuthClientOwnerMiddleware::class,
  &#39;check-authorization-params&#39; => \LucaDegasperi\OAuth2Server\Middleware\CheckAuthCodeRequestMiddleware::class,
  &#39;csrf&#39; => \App\Http\Middleware\VerifyCsrfToken::class,
];

Then execute

php artisan vendor:publish 
php artisan migrate

to add these configurations in the .env file

API_STANDARDS_TREE=x
API_SUBTYPE=rest
API_NAME=REST
API_PREFIX =api
API_VERSION=v1
API_CONDITIONAL_REQUEST=true
API_STRICT=false
API_DEBUG=true
API_DEFAULT_FORMAT=json

Modify the app\config\oauth2.php file

&#39;grant_types&#39; => [
  &#39;password&#39; => [
    &#39;class&#39; => &#39;League\OAuth2\Server\Grant\PasswordGrant&#39;,
    &#39;access_token_ttl&#39; => 604800,
    &#39;callback&#39; => &#39;\App\Http\Controllers\Auth\PasswordGrantVerifier@verify&#39;,
  ],
],

Create a new service provider, create a new OAuthServiceProvider.php file under app/Providers with the following contents

namespace App\Providers;

use Dingo\Api\Auth\Auth;
use Dingo\Api\Auth\Provider\OAuth2;
use Illuminate\Support\ServiceProvider;

class OAuthServiceProvider extends ServiceProvider
{
  public function boot()
  {
    $this->app[Auth::class]->extend(&#39;oauth&#39;, function ($app) {
      $provider = new OAuth2($app[&#39;oauth2-server.authorizer&#39;]->getChecker());

      $provider->setUserResolver(function ($id) {
        // Logic to return a user by their ID.
      });

      $provider->setClientResolver(function ($id) {
        // Logic to return a client by their ID.
      });

      return $provider;
    });
  }

  public function register()
  {
    //
  }
}

Then open routes.php and add relevant routes

//Get access_token
Route::post(&#39;oauth/access_token&#39;, function() {
   return Response::json(Authorizer::issueAccessToken());
});

//Create a test user, you don&#39;t need this if you already have.
Route::get(&#39;/register&#39;,function(){
  $user = new App\User();
   $user->name="tester";
   $user->email="test@test.com";
   $user->password = \Illuminate\Support\Facades\Hash::make("password");
   $user->save();
});
$api = app(&#39;Dingo\Api\Routing\Router&#39;);

//Show user info via restful service.
$api->version(&#39;v1&#39;, [&#39;namespace&#39; => &#39;App\Http\Controllers&#39;], function ($api) {
  $api->get(&#39;users&#39;, &#39;UsersController@index&#39;);
  $api->get(&#39;users/{id}&#39;, &#39;UsersController@show&#39;);
});

//Just a test with auth check.
$api->version(&#39;v1&#39;, [&#39;middleware&#39; => &#39;api.auth&#39;] , function ($api) {
  $api->get(&#39;time&#39;, function () {
    return [&#39;now&#39; => microtime(), &#39;date&#39; => date(&#39;Y-M-D&#39;,time())];
  });
});

Create BaseController respectively The contents of .php and UsersController.php are as follows

//BaseController
namespace App\Http\Controllers;

use Dingo\Api\Routing\Helpers;
use Illuminate\Routing\Controller;

class BaseController extends Controller
{
  use Helpers;
}

//UsersController
namespace App\Http\Controllers;

use App\User;
use App\Http\Controllers\Controller;

class UsersController extends BaseController
{

  public function index()
  {
    return User::all();
  }

  public function show($id)
  {
    $user = User::findOrFail($id);
    // 数组形式
    return $this->response->array($user->toArray());
  }
}

Then create PasswordGrantVerifier.php under app/Http/Controllers/Auth/ and the contents are as follows

namespace App\Http\Controllers\Auth;
use Illuminate\Support\Facades\Auth;

class PasswordGrantVerifier
{
  public function verify($username, $password)
  {
     $credentials = [
      &#39;email&#39;  => $username,
      &#39;password&#39; => $password,
     ];

     if (Auth::once($credentials)) {
       return Auth::user()->id;
     }

     return false;
  }
}

Open the oauth_client table of the database and add a new client data

INSERT INTO &#39;oauth_clients&#39; (&#39;id&#39;, &#39;secret&#39;, &#39;name&#39;, &#39;created_at&#39;, &#39;updated_at&#39;) VALUES (&#39;1&#39;, &#39;2&#39;, &#39;Main website&#39;, &#39;2016–03–13 23:00:00&#39;, &#39;0000–00–00 00:00:00&#39;);

The next step is to have fun testing. The APIs to be tested here are

Add a new user

http://localhost/register

Read all user information

http://localhost/api/users

Only return information with user id 4

http ://localhost/api/users/4

Get access_token

http://localhost/oauth/access_token

Use the token value to get the time , the correct value can be returned only if the token value is correct

http://localhost/api/time

Open PostMan

Related recommendations:

How to access paypal payment in larvel5

Learn Laravel5’s Eloquent relationship

Using Queue in Laravel

The above is the detailed content of Writing APP interface (API) in laravel. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

How can you check if a PHP session has already started?Apr 30, 2025 am 12:20 AM

In PHP, you can use session_status() or session_id() to check whether the session has started. 1) Use the session_status() function. If PHP_SESSION_ACTIVE is returned, the session has been started. 2) Use the session_id() function, if a non-empty string is returned, the session has been started. Both methods can effectively check the session state, and choosing which method to use depends on the PHP version and personal preferences.

Describe a scenario where using sessions is essential in a web application.Apr 30, 2025 am 12:16 AM

Sessionsarevitalinwebapplications,especiallyfore-commerceplatforms.Theymaintainuserdataacrossrequests,crucialforshoppingcarts,authentication,andpersonalization.InFlask,sessionscanbeimplementedusingsimplecodetomanageuserloginsanddatapersistence.

How can you manage concurrent session access in PHP?Apr 30, 2025 am 12:11 AM

Managing concurrent session access in PHP can be done by the following methods: 1. Use the database to store session data, 2. Use Redis or Memcached, 3. Implement a session locking strategy. These methods help ensure data consistency and improve concurrency performance.

What are the limitations of using PHP sessions?Apr 30, 2025 am 12:04 AM

PHPsessionshaveseverallimitations:1)Storageconstraintscanleadtoperformanceissues;2)Securityvulnerabilitieslikesessionfixationattacksexist;3)Scalabilityischallengingduetoserver-specificstorage;4)Sessionexpirationmanagementcanbeproblematic;5)Datapersis

Explain how load balancing affects session management and how to address it.Apr 29, 2025 am 12:42 AM

Load balancing affects session management, but can be resolved with session replication, session stickiness, and centralized session storage. 1. Session Replication Copy session data between servers. 2. Session stickiness directs user requests to the same server. 3. Centralized session storage uses independent servers such as Redis to store session data to ensure data sharing.

Explain the concept of session locking.Apr 29, 2025 am 12:39 AM

Sessionlockingisatechniqueusedtoensureauser'ssessionremainsexclusivetooneuseratatime.Itiscrucialforpreventingdatacorruptionandsecuritybreachesinmulti-userapplications.Sessionlockingisimplementedusingserver-sidelockingmechanisms,suchasReentrantLockinJ

Are there any alternatives to PHP sessions?Apr 29, 2025 am 12:36 AM

Alternatives to PHP sessions include Cookies, Token-based Authentication, Database-based Sessions, and Redis/Memcached. 1.Cookies manage sessions by storing data on the client, which is simple but low in security. 2.Token-based Authentication uses tokens to verify users, which is highly secure but requires additional logic. 3.Database-basedSessions stores data in the database, which has good scalability but may affect performance. 4. Redis/Memcached uses distributed cache to improve performance and scalability, but requires additional matching

Define the term 'session hijacking' in the context of PHP.Apr 29, 2025 am 12:33 AM

Sessionhijacking refers to an attacker impersonating a user by obtaining the user's sessionID. Prevention methods include: 1) encrypting communication using HTTPS; 2) verifying the source of the sessionID; 3) using a secure sessionID generation algorithm; 4) regularly updating the sessionID.

See all articles