Senior Golang Software Engineer – Melbourne » Blog Archive

Last Tweets
- RT @phpmelb: Melbourne Developers! What's your favourite productivity hack, tool or technique? Fancy giving a lightning talk on it on Feb 21?, Jan 21
- RT @mrmidi: 1950 show Trackdown featured a snake oil salesman named Trump who claimed he could save the world by building a wall https://t.co/cEk1bF3adY, Jan 15
- RT @sam_dark: Implementation of JSON API specification for the Yii framework https://t.co/awIVGDXol6 #yii, Dec 18
- Is anyone looking for a very experienced #API developer in Melbourne? I'm looking for a new project to work on., Sep 19
- I just saw a great presentation on http2 by @dshafik at @phpmelb. Really interesting stuff to speed up mobile and web applications., Aug 16
- RT @buzzconfio: Getting ready for #BuzzConf Nights. Great talks coming up, and some awesome announcements! https://t.co/QghjIYj2AB https://t.co/jL35EzjTId, May 26
- RT @jakeasmith: Dear CORS, If you’re going to screw up my request at least let me know that you’re screwing up my request. Sincerely, Everyone, May 20
- RT @ianoshorty: "Every code decision ultimately becomes a ux decision." Great quote from @cap @dibiconf #dibi2016, Mar 17
- RT @snyff: I'm giving a talk on web application security at #Ruxmon this Friday in Melbourne: https://t.co/RD9MEU56KD, Mar 16
- Come along to #phpmelb tonight to see my presentation on how to build an #api with #yii framework. #Melbourne #php #yii2, Mar 15
- RT @phpmelb: @doublehops will be talking about an introduction to building an RESTful API easily with Yii2. https://t.co/8GQNniyLXC, Mar 10
- I've just installed SSL certificates with #letsencrypt. It was quite easy and will encourage the use at work., Dec 17
- I've written my first #nodebot script whilst at #buzzconf. https://t.co/230ZGuyNr0 https://t.co/CbWWrkDV7p, Nov 14
- Great presentations at @phpmelb tonight on development laws and privacy and also great to see my friends again., Oct 20
- Ex prime minister @TonyAbbottMHR shows us how far behind the times he is one last time by resigning by fax http://t.co/1q4ifL6Cpu, Sep 16
- RT @TheTweetOfGod: In a minute I'm going to turn the universe off and then back on again. Apologies for the inconvenience., Sep 08
- I just purchased my ticket to @buzzconfio. The technology festival focused on future technologies., Sep 07
- RT @wandergame: Sorry for the delay on PS4, I've been stuck on a UI bug for days. If anyone knows Scaleform on PS4 I'd love to chat!, Aug 24
- RT @phpmelb: Our next meetup is 6:30 tonight at Queens Collective. We've got great speakers, pizza and beer Don't forget to RSVP @ http://t.co/qhRQLn1tgu, Aug 18
- RT @sam_dark: If you're having trouble with #yii and composer, do `composer global require fxp/composer-asset-plugin:~1.0@dev`., Jul 30
Follow me on Twitter

Building RESTful APIs with Yii2

This entry was posted on Sep 21 2015

I have been building an API with Yii2 for the last four months and and I’m really enjoying it. The developers of Yii have done a tremendous job putting together a framework that makes building applications both fun and fast. The API is to be used by iOS and Android apps as well as a web app (Angular JS) to facilitate phone calls and messages, among other things.

Many of Yii’s strengths come from the clever and well thought-out design that makes common tasks incredibly easy to implement and more complex tasks easy to build whilst keeping the code and structure of your application clean. Some of my favourite attributes to see are:

RESTful services

Building a RESTful service is incredibly quick to build by calling the inbuilt scaffolding tool. It will read the database table to build the model, and also views if you’re building a traditional website. Then with just a few changes in the controller you can start creating, reading, updating and deleting records through your browser.

Behaviours

Attaching a behaviour to a component or controller is similar to extending a class but gives you more control and can act on events. Yii2 has a collection of behaviours that are built in but allows you to create your own. Two built-in behaviors that I’m using are Authenticator and CORS.

Authenticator behaviour: This behaviour allows you to easily implement common authentication models such as HTTP Basic Auth and OAuth. But I was able to add a custom authentication module to the auth behaviour to meet our unique rrequirements.

CORS behaviour: CORS (Cross Origin Resource Sharing) is a standard that allows browsers to make Javascript requests to servers that the Javascript files themselves weren’t server from. This is generally not possible due to security issues. CORS can be quite complicated and can cause major headaches but Yii2 allows you to simply include the behaviour to a controller and the API will respond with the required headers to each CORS request from the browser.

Custom authentication

Yii2 has a great solution for Authentication and has the common ones, such as OAuth and Basic Http Auth built in. But it also quite simple to add your own authentication if need be. The requirements for us was to allow each user to connect to the API with multiple devices. Therefore each device is required to send its individual token for each request made to the API. Yii2 makes this quite trivial.

Testing

Yii makes it easy to use use test databases and environment variables which makes testing easy. My solution was to setup an alias domain (env.myapi.test) for each environment. When Yii receives a request on a domain ending with .test it will use test variables and database to run my tests and not pollute the dev or prod data with test data. Every API endpoint is tested and it’s very reassuring watching the tests that you have not broken any endpoints when new features are added.

API, Yii

API, PHP, Web Development, Yii, Yii2

Sorry, comments for this entry are closed at this time.

Doublehops

Web development and technology blog

Last Tweets

Building RESTful APIs with Yii2

RESTful services

Behaviours

Custom authentication

Testing