The first edition of the API Platform Conference took place on September 10th, both online and at Euratechnologies in Lille. For the first time, the API Platform community gathered for a day of high-level conferences on this Symfony-based API framework. Several developers from the SensioLabs team attended, and SensioLabs was a Gold sponsor of the event. Find a summary of the talks we enjoyed the most.
Opening Keynote: The future of API (Platform) architecture
Kévin Dunglas, the creator of API Platform, first brought us back to the genesis of the project. Through the history of the project, he gave us a glimpse of the talks we would attend throughout the day.
For this first event on API Platform, we needed an announcement to highlight the moment. We got what we were looking for, Kevin presented his vision of a new architecture for the creation of APIs on the back-end: ESA for Edge Side API. This architecture is based on the concept of JAMStack on the front end, to have applications as close to the user as possible, use caching features to avoid back-end calculations as much as possible. By distributing the applications on several servers around the world, as we could do with a front-end CDN, we can reduce the distance to the user, and so improve the performance.
Although this architecture is innovative and full of promise, we still have to check if the performance gain is worth the complexity of the infrastructure.
The journey towards API Platform 3
In this talk, Antoine Bluchet gave us an overview of API Platform and, in particular, the latest changes that occurred. The subResource system that was causing a few issues has been completely overhauled. The goal was to simplify the developer experience and facilitate the management of sub resources. These changes come with API 2.7, the old way being still available but deprecated. API Platform version 3 comes with the new management of sub resources (notably the removal of @APISubResources), new keys in the annotations of resources, and the possibility to declare several resources for the same entity.
The API mindset: tech, product, business and legal
After a brief history from the original idea of reusing software routines to the modern world where applications interact with each other, Mehdi Medjaoui tackled how to think about what an API is and what it is intended for. The API is now a product, so we need to think of it as such and keep in mind things like its integration with the outside world, its consumption mode, its monetization, its different actors, and its legal side (privacy, terms of services).
Sylius and API Platform. The story of integration
Łukasz Chrusciel explained how API Platform is being integrated into Sylius. One of the first issues that emerge is how to make API Platform cohabit with Sylius which is very extensible. By taking a simple example, he showed us that adding an attribute #[ApiResource] is not enough because it is hard to manage the different business needs in this way. To keep a separation between application layers, they chose to use Commands / Handlers via the Messenger component. CQRS fans will surely recognize themselves in this!
Łukasz then listed a few recommendations such as embedding all the information needed for an order to be processed. It is essential if you want to pass some processing asynchronously later on. This was followed by a quick explanation of the enrichment principle to add information to your orders. Don't hesitate to have a look at the CommandAwareInputDataTransformer class!
Coming back to API Platform, Łukasz, too, explained the advantages of using IRIs to link different resources. Indeed, the /api/v2/shop/product-option-values/COLOR_BLUE option values can be easily retrieved by an application while returning only COLOR_BLUE requires knowing how to query the API for the same result.
The second part, and not the least, is the use of tests as a migration tool. Since Sylius already has its Behat tests, all you need is an annotation to test a newly created API. How can we do this?
Let's take the login functionality for example. The "I log in" step for an @ui test consists in logging in from the login page (which is quite logical). By adding the @api tag, this step now goes through the API equivalent. Of course, this is not without additional complexity but it enables reusing existing specifications.
The talk ended with some examples of PHPUnit tests which are in charge of checking that the answers respect the contract. Let's note the use of the ApiTestCase class or of the PHPMatcher library that I particularly like.
For those who are curious or motivated, the API is still being implemented here: New Sylius API on API Platform.
How To Become A React-admin Grandmaster In 237 Easy Steps
CRUD... Who hasn't done it before and won't do it again? Do you need to develop your backend? Take a look at React-Admin!
François Zaninoto presented us in 237 steps (maybe a little less actually) how to get the best out of it to quickly build a killer SPA backend!
React-Admin offers a multitude of components that will allow you to customize the rendering of your page to add a sortable table, filters, accessibility, data validation, and so on!
He also presented hooks. Thanks to them, you can easily integrate a behavior to your component in the React sauce. Even if you're allergic to JS (yes, I know you), don't hesitate to have a look at the documentation of this feature brought in version 16.8.
Still not convinced? Imagine that a column in your table requires a call to the API to be displayed. A table of 30 rows would logically trigger 30 API calls because each one is made from the rendered component. Well no, the ReferenceField component is smart enough to group these calls into one to use dataProvider.getMany() once instead of dataProvider.getOne() 30 times.
All coded via TypeScript to make it even easier for you!
Symfony Runtime: wrapping API Platform in a lambda
The original idea of decorrelating the execution from its context (e.g. super globals) led to the creation of the Runtime component in Symfony and the new form of the Symfony front controller (public/index.php). This new front controller is only used to declare a lambda that will encompass the whole execution of the Symfony stack. The interest for the Symfony team is to have control over the update of this front controller while keeping the flexibility on this layer of the stack through the Runtime and Runner concepts. The Runtime and the Runner are PHP interfaces for which several implementations already exist, which can be reused and extended.
A suitable serialization with API Platform and Symfony
In this talk, Mathias Arlaud (a SensioLabs Alumni) started by refreshing our memory on how serialization works with Symfony before moving on to its use with API Platform.
The tour started quietly with a concrete example of an API managing the more or less unofficial activities of a robot sent on Mars. We discussed all the means available to us to adapt the return of our APIs, as well as possible:
- Manage visibility or write rights on a property via PHP attributes.
- Use serialization groups to return the necessary information to the client.
- Use ApiProperty::security to secure some properties. Be careful not to use it on a resource that can be hidden and shared.
- How to choose between a default or a case by case configuration
We then went a little deeper into the subject by exploring how ApiPlatform proceeds to format the data that our controllers return. Yes, there is no need to return a Response or to format the data in JSON-LD, API Platform takes care of that!
Mathias led us to two ways to customize the normalization logic: ContextBuilder and ResourceMetadataFactory which can be very useful to add a common behavior to various resources in a few lines of code.
Although the next versions of API Platform will reduce serialization to a more basic use (see Opening Keynote: The future of API (Platform) architecture), it will still be able to get you out of some more complex situations. Thanks to Mathias for the tour! For those who have access, this talk is also available in the SymfonyLive Online French Edition replays.
French tech & Start up Nation, what else?
From the presentation of a cooperative to work ethics, during this talk by Hélène Maître-Marchois we questioned many things.
What if the salary wasn't so important? Today money and salary are indeed crucial elements in the choice of a job. But developers are also eager to learn new things in an environment that allows it.
There are indeed developers who would rather lower their salary to join a promising company than to choose an average company with a higher salary. The choice is theirs, and ethics will play a huge role here and weigh in the balance.
In addition to the salary, the choice of an assignment or a new client is also a point on which she pressed. It is possible to say no, if you do not find yourself in the values of the client or of an assignment, why force yourself? A new client arrives with a juicy offer, it is difficult to say no and yet she told us how she and her team refused a client despite the lure of the contract because it did not correspond to the company's ethics.
Closed by debates that made the afternoon break skip a beat, this talk leads to reflection on one's role in the company, one's values, and one's personal and professional ethics.
See you next year at the second edition of the API Platform Conference in 2022!