your rest api using laravel
DESCRIPTION
Webinar : https://www.youtube.com/watch?v=E9ure0xwQJETRANSCRIPT
![Page 1: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/1.jpg)
Your REST APIusing Laravel
@sulaeman2014 by Sulaeman
![Page 2: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/2.jpg)
![Page 3: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/3.jpg)
di kelon duluhttps://github.com/feelinc/Your-Laravel-Api
@sulaeman2014 by Sulaeman
![Page 4: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/4.jpg)
Postman - REST Client
http://bit.ly/1kuDLtc
@sulaeman2014 by Sulaeman
![Page 5: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/5.jpg)
Metode HTTPOPTIONS Untuk mengetahui persyaratan dan atau kemampuan server dalam menerima request maupun
memberikan response
HEAD Untuk mengetahui header yang tersedia dari HTTP server
GET Hanya digunakan untuk mengambil data
POST Hanya digunakan untuk membuat data baru
PATCH Hanya digunakan untuk memperbaharui sebagian data
PUT Hanya digunakan untuk memperbaharui data secara lengkap
DELETE Hanya untuk menghapus data
@sulaeman2014 by Sulaeman
![Page 6: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/6.jpg)
Default Response Header
Header Value
Access-Control-Allow-Credentials true
Access-Control-Allow-Origin *
Access-Control-Allow-Methods OPTIONS, HEAD, GET, POST, PUT, PATCH, DELETE
Access-Control-Allow-Headers Origin, Accept, Content-Type, Content-MD5, Content-Range, Content-Disposition, Authorization
@sulaeman2014 by Sulaeman
![Page 7: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/7.jpg)
HTTP Status● 200 OK - Respon sukses untuk metode GET, PUT, PATCH or DELETE. Bisa juga digunakan untuk metode POST yang
tidak berhasil membuat data baru.● 201 Created - Respon sukses untuk metode POST● 204 No Content - Respon sukses untuk metode DELETE● 304 Not Modified - Digunakan berhubungan dengan metode caching via HTTP header● 400 Bad Request - Request data tidak valid● 401 Unauthorized - Jika client request tidak ter-otentikasi● 403 Forbidden - Jika akses terhadap endpoint tidak diperbolehkan● 404 Not Found - You Now What● 405 Method Not Allowed - Jika request terhadap endpoint tidak diperbolehkan berdasarkan user yang ter-otentikasi● 410 Gone - Jika endpoint sudah tidak tersedia● 415 Unsupported Media Type - Jika format konten request tidak valid● 422 Unprocessable Entity - Bisa digunakan untuk validasi form● 429 Too Many Requests - Jika request ditolak berhubungan dengan limitasi request per periode
@sulaeman2014 by Sulaeman
![Page 8: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/8.jpg)
HTTP Caching
ETag & If-None-Match
ETag hash atau checksum dari konten response
If-None-Match hash atau checksum ketika melakukan request. API memberikan response 304 - Not Modified jika ETag dari konten response cocok dengan If-None-Match
@sulaeman2014 by Sulaeman
![Page 9: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/9.jpg)
Request LimiterPeriode dapat ditentukan bedasarkan per-jam atau per-hari.
Respon HTTP header untuk setiap request
Header Keterangan
X-Rate-Limit-Limit Total request yang diperbolehkan dalam periode sekarang
X-Rate-Limit-Remaining Total sisa request yang diperbolehkan dalam periode sekarang
X-Rate-Limit-Reset Sisa waktu periode sekarang, dalam detik
@sulaeman2014 by Sulaeman
![Page 10: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/10.jpg)
Versioning
api.domain.com/v1/api.domain.com/v2/
@sulaeman2014 by Sulaeman
![Page 11: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/11.jpg)
PaginationLink: <https://api.domain.com/v1/data?offset=3&limit=100>; rel="next", <https://api.domain.com/v1/data?offset=50&limit=100>; rel="last"
Available “rel” : next, last, first, prev
@sulaeman2014 by Sulaeman
![Page 12: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/12.jpg)
Otentikasibiasa nya sih nyebut “Authentication”
@sulaeman2014 by Sulaeman
![Page 13: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/13.jpg)
Otentikasi
Aplikasi = OAuth 2
User = Basic Auth + OAuth 2 Access Token
@sulaeman2014 by Sulaeman
![Page 14: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/14.jpg)
Otentikasi Aplikasi
Scope
read write
@sulaeman2014 by Sulaeman
![Page 15: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/15.jpg)
Otentikasi User
Group
Administrators Users
@sulaeman2014 by Sulaeman
![Page 16: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/16.jpg)
Otentikasi User
Permissions
user.create user.update user.viewuser.delete
@sulaeman2014 by Sulaeman
![Page 17: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/17.jpg)
POST /authorization
REQUEST
Header Content-Type: application/jsonContent-MD5: md5($stringRequestBody.$clientSecret)
Body (raw) {"grant_type":"client_credentials","client_id":"JXSb6nEzpQ0e3WAWjsSsZurCaLy0knDjzkwxRlJs","client_secret":"C4vpZLRI2kncfXJQZ9l0hdnaTCTupyqF1deCVEPf","scope":"read,write"}
RESPONSE
Header X-Rate-Limit-Limit: 5000X-Rate-Limit-Remaining: 4999X-Rate-Limit-Reset: 3600
Body { access_token: "jU5vKEBSPSVqRwEXwjIM0N1YefCG0hwqTK5i0UC3" token_type: "bearer" expires: 1399017374 expires_in: 3600}
Otorisasi Aplikasi / Client
@sulaeman2014 by Sulaeman
![Page 18: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/18.jpg)
POST /api/v1/authenticate
REQUEST
Header Authorization: Basic bWVAc3VsYWVtYW4uY29tOndoYXQ=Content-MD5: md5($stringRequestBody.$clientSecret)
Body(form-data) access_token=NMy2Q0zKwoW406DN2xEpDYUpjGX7rDAabXbadQNA
RESPONSE
Header X-Rate-Limit-Limit: 5000X-Rate-Limit-Remaining: 4999X-Rate-Limit-Reset: 3600
Body { access_token: "qJAq492q8x2H2uZUmUN5pQPS8fOLjinDbbMCZ4DF" token_type: "bearer" expires: 1399027251 expires_in: 3600 refresh_token: "81pG21LwQVZVN1fcWWCzqLhGkNtcmxEcdXMoyeO9" user: { id: 1, email: "[email protected]" display_name: "Sulaeman Tea" last_login: "2014-05-02T16:40:51+07:00" is_activated: true registered_at: "-001-11-30T00:00:00+07:07" updated_at: "2014-05-02T16:40:51+07:00" groups: ["Administrators"] }}
Otentikasi User
![Page 19: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/19.jpg)
POST /authorization
REQUEST
Header Content-Type: application/jsonContent-MD5: md5($stringRequestBody.$clientSecret)
Body (raw) {"grant_type":"refresh_token","refresh_token":"81pG21LwQVZVN1fcWWCzqLhGkNtcmxEcdXMoyeO9","client_id":"JXSb6nEzpQ0e3WAWjsSsZurCaLy0knDjzkwxRlJs","client_secret":"C4vpZLRI2kncfXJQZ9l0hdnaTCTupyqF1deCVEPf","state":3438732984782937489}
RESPONSE
Header X-Rate-Limit-Limit: 5000X-Rate-Limit-Remaining: 4999X-Rate-Limit-Reset: 3600
Body { access_token: "H6MUOmYSAUG2nmOrvPXQvFWMJFXOELwP34kjPsza" token_type: "bearer" expires: 1399027533 expires_in: 3600}
Refresh Token Aplikasi / Client
@sulaeman2014 by Sulaeman
![Page 20: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/20.jpg)
POST /api/v1/authenticate
REQUEST
Header Authorization: Basic d3JvbmdAdXNlci5jb206d2hhdA==Content-MD5: md5($stringRequestBody.$clientSecret)
Body(form-data) access_token=H6MUOmYSAUG2nmOrvPXQvFWMJFXOELwP34kjPsza
RESPONSE
Status 401 Unauthorized
Header X-Rate-Limit-Limit: 5000X-Rate-Limit-Remaining: 4999X-Rate-Limit-Reset: 3600
Body {"message":"User was not found."}
Otentikasi User
Gunakan user credential yang salah
@sulaeman2014 by Sulaeman
![Page 21: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/21.jpg)
Resourcesagak enak baca nya? ato malah buka google translate?
@sulaeman2014 by Sulaeman
![Page 22: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/22.jpg)
POST /api/v1/users Membuat / Mendaftarkan User
REQUEST
Header Authorization: Bearer 7E81Ojh0pSLgqtbHAHfYRrcfJ2HWNNYrNL4CqjEMContent-Type: application/jsonContent-MD5: md5($stringRequestBody.$clientSecret)
Body (raw) {"email":"[email protected]","password":"abcabc","group":"Users","activated":true,"first_name":"Neneng","last_name":""}
RESPONSE
Status 201 Created
Header X-Rate-Limit-Limit: 5000X-Rate-Limit-Remaining: 4999X-Rate-Limit-Reset: 3600
Body { id: 2, email: "[email protected]" first_name: "Neneng" last_name: "" display_name: "Neneng" last_login: null is_activated: true registered_at: "2014-05-03T04:29:34+07:00" updated_at: "2014-05-03T04:29:34+07:00" groups: ["Users"]}
![Page 23: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/23.jpg)
GET /api/v1/users/:id Mengambil User
REQUEST Header Authorization: Bearer 7E81Ojh0pSLgqtbHAHfYRrcfJ2HWNNYrNL4CqjEM
RESPONSE
Header X-Rate-Limit-Limit: 5000X-Rate-Limit-Remaining: 4999X-Rate-Limit-Reset: 3600
Body { id: 2, email: "[email protected]" first_name: "Neneng" last_name: "" display_name: "Neneng" last_login: null is_activated: true registered_at: "2014-05-03T04:29:34+07:00" updated_at: "2014-05-03T04:29:34+07:00" groups: ["Users"]}
@sulaeman2014 by Sulaeman
![Page 24: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/24.jpg)
PATCH /api/v1/users/:id Memperbaharui Data User (sebagian)
REQUEST
Header Authorization: Bearer 7E81Ojh0pSLgqtbHAHfYRrcfJ2HWNNYrNL4CqjEMContent-Type: application/jsonContent-MD5: md5($stringRequestBody.$clientSecret)
Body (raw) {"first_name":"Neneng","last_name":"Caur"}
RESPONSE
Header X-Rate-Limit-Limit: 5000X-Rate-Limit-Remaining: 4999X-Rate-Limit-Reset: 3600
Body { id: 2, email: "[email protected]" first_name: "Neneng" last_name: "Caur" display_name: "Neneng Caur" last_login: null is_activated: true registered_at: "2014-05-03T04:29:34+07:00" updated_at: "2014-05-03T04:29:34+07:00" groups: ["Users"]}
![Page 25: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/25.jpg)
PUT /api/v1/users/:id Memperbaharui Data User
REQUEST
Header Authorization: Bearer 7E81Ojh0pSLgqtbHAHfYRrcfJ2HWNNYrNL4CqjEMContent-Type: application/jsonContent-MD5: md5($stringRequestBody.$clientSecret)
Body (raw) {"email":"[email protected]","password":"abcabc","group":"Users","activated":false,"first_name":"Neneng","last_name":"Caur"}
RESPONSE
Header X-Rate-Limit-Limit: 5000X-Rate-Limit-Remaining: 4999X-Rate-Limit-Reset: 3600
Body { id: 2, email: "[email protected]" first_name: "Neneng" last_name: "Caur" display_name: "Neneng Caur" last_login: null is_activated: false registered_at: "2014-05-03T04:29:34+07:00" updated_at: "2014-05-03T04:29:34+07:00" groups: ["Users"]}
![Page 26: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/26.jpg)
DELETE /api/v1/users/:id Menghapus Data User
REQUEST Header Authorization: Bearer 7E81Ojh0pSLgqtbHAHfYRrcfJ2HWNNYrNL4CqjEM
RESPONSE
Status 204 No Content
Header X-Rate-Limit-Limit: 5000X-Rate-Limit-Remaining: 4999X-Rate-Limit-Reset: 3600
Body
@sulaeman2014 by Sulaeman
![Page 27: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/27.jpg)
GET /api/v1/users Mengambil Daftar User
REQUESTHeader Authorization: Bearer 7E81Ojh0pSLgqtbHAHfYRrcfJ2HWNNYrNL4CqjEM
Param offset=1&limit=1
RESPONSE
Header X-Rate-Limit-Limit: 5000X-Rate-Limit-Remaining: 4999X-Rate-Limit-Reset: 3600
Body [ { id: 1 email: "[email protected]" first_name: "Neneng" last_name: "" display_name: "Neneng" last_login: null is_activated: true registered_at: "2014-05-03T12:07:50+07:00" updated_at: "2014-05-03T12:07:50+07:00" }]
@sulaeman2014 by Sulaeman
![Page 28: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/28.jpg)
PROBLEMASEM!
@sulaeman2014 by Sulaeman
![Page 29: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/29.jpg)
Apache Web ServerCGI/Fast CGI
HTTP Basic AuthServer variable PHP_AUTH_USER dan PHP_AUTH_PW nyasar entah kemana :P
SOLUSI.htaccess
# Fix the HTTP basic authRewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
@sulaeman2014 by Sulaeman
![Page 30: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/30.jpg)
Nginx Web ServerHTTP “Authorization” header
Server variable HTTP_AUTHORIZATION nyasar entah kemana :P
SOLUSIKonfigurasi Nginx server
ignore_invalid_headers off;
@sulaeman2014 by Sulaeman
![Page 31: Your rest api using laravel](https://reader035.vdocument.in/reader035/viewer/2022081716/5483dec45906b5c6158b46bb/html5/thumbnails/31.jpg)
Terima KasihSulaeman
@sulaemanhttp://id.linkedin.com/in/sulaeman