Symfony RESTful API

In this series, we get to work: by building the same API in the REST series, but leveraging all the amazing tools and libraries of the Symfony framework. If terminology like representations, resources, and hypermedia are new to you, start with the REST series and then come back. And get ready to get your (API) mind blown.

In Course 1, we’ll start quick with:

Build your first functional POST endpoint
Decoding the Request body
Using forms to handle incoming data
Writing tests for your API
Handling data “seeding” for your tests
GET, PUT, DELETE and PATCH endpoints
Using the JMS Serializer

Now, we turn to a huge part of APIs: handling and returning consistent errors. Seriously, this is more important than you might think – which is why we’re covering this in episode 2.

So, let’s handle errors, and let’s do it gracefully:

Handling Form Validation errors and response
Disabling csrf_protection
Introducing the api-problem JSON format
Exception Listener!
Consistent errors everywhere: 404’s, 500’s, oh my!
Handling “extra fields” in your form

The basics, check! Errors, double check! Now let’s get back to some core API concepts and take things up a level.
REST Pagination
Including next/prev pagination links
Filtering collections
Advanced serialization customization (serializer subscriber)
Including links via custom annotations
Evaluating expressions
Making embedded resources configurable/conditional

After 3 tutorials, we’ve got a nice API, But we’ve been completely ignoring authentication.
Thanks to some modern tools, this will be such a treat:

Understanding JSON web tokens (JWT)
Creating, signing & returning JWT’s
Using Guard for a custom JWT authentication system
Sending tokens on the Authorization header
Proper API errors for invalid credentials and missing credentials
Choosing to split into 2 firewalls

After 4 courses, we’ve somehow avoided the hottest buzzwords in REST: Hypermedia and HATEOAS.
These can make your API awesome, or could bring you to your knees with fuzzy details, missing best practices and complexity. Let’s make our API awesome:

Linking to Resources (and Hypermedia) without hating it
Controlling your JSON fields with VirtualProperty and SerializedName
Customizing your input field names with property_path
The wonderful HATEOAS php library
HAL+JSON… and whether you want to use it or not
Subordinate resources!
Handle ugly, non-RESTful, weird endpoints with some swagger