Additionally, they can include the expected response format as an extension in the path name. This approach could be considered stateless, but we can leave it up to your preferences.ĪPI endpoint URLs can also be versioned. Effectively we are using cookies as just a way to pass the token value instead of the session_id directly. In this case we can make a compromise and pass the token value in a cookie instead of passing it via a custom header. Using cookies can be considered an “unRESTful” practice as REST requests should be stateless. This can be a tedious ordeal in legacy projects. Browser based clients will automatically send appropriate cookies within XHR requests, eliminating the need of an additional authorization header.Īnother important reason is that you don’t need to do anything regarding subdomain configuration or management problems where custom headers may be stripped by some proxy servers. One of the most important reasons behind taking the second approach is that this allows cookies to be used as a means to transfer credentials. In reality, however, if you’re building a project-specific API, it could be more appropriate to choose the second variant. Create a path, such as /api.Īt a glance, it may seem that the first variant is more popular and attractive.One of the very first things that we need to decide is at what URL path the API endpoints will be available. In this article we will assume that it is web based (either desktop or mobile), and so it is written in JavaScript. App: client application which will communicate with the REST application via API endpoints.API token: a unique identifier passed via HTTP headers or cookies from which the user can be identified.API endpoint URL: URL through which the backend system is accessible to the world.API endpoint: a backend “method” which the client communicates with to perform an action and produce results.API server: main REST application serving the API, in this case, written in PHP.To make it easy for you to follow along, here is a list of some terms used throughout this article and and their meanings: Here, we will not cover what a REST API is in general, so if you’re not familiar with it be sure to read about it first. In this article, we will take a look at some common challenges of trying to implement REST APIs from scratch, a few ways to work around those issues and an overall strategy for building custom PHP based API servers for legacy projects.Īlthough the article is based on PHP 5.3 and above, the core concepts are valid for all versions of PHP beyond version 5.0, and can even be applied to non-PHP projects.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |