Repository files navigation

This plugin simplifies the REST API development for your CakePHP 3 application. It simply converts the output of your controller into a JSON response.

You can install this plugin into your CakePHP application usingcomposer.

The recommended way to install composer packages is:

composer require sprintcube/cakephp-rest

After installation,Load the plugin

Plugin::load('Rest', ['bootstrap' =>true]);

Or, you can load the plugin using the shell command

$ bin/cake plugin load -b Rest

No major change requrires in the way you code in your CakePHP application. Simply, just add one parameter to your route configurationisRest like,

$routes->connect('/foo/bar', ['controller' =>'Foo','action' =>'bar','isRest' =>true]);

And extend your controller toRestController and everything will be handled by the plugin itself. For example,

<?phpnamespaceApp\Controller;useRest\Controller\RestController;/** * Foo Controller * */class FooControllerextends RestController{/**     * bar method     *     * @return Response|void     */publicfunctionbar()    {$bar = ['falanu' => ['dhikanu','tamburo'            ]        ];$this->set(compact('bar'));    }}

And that's it. You will see the response as below.

{"status":"OK","result": {"bar": {"falanu": ["dhikanu","tamburo"            ]        }    }}

Doesn't it too simple? WhateverviewVars you set from your controller's action usingset() method, will be converted into JSON response.

This plugin returns the response in the following format.

{"status":"OK","result": {...    }}

Thestatus key may contain OK or NOK based on your response code. For all successful responses, the code will be 200 and the value of this key will be OK.

In case of error or exception, the value ofstatus will become NOK. Also, based on your application'sdebug setting, it will contain the exception and trace data.

Theresult key contains the actual response. It holds all the variables set from your controller. This key will not be available in case of error/exception.

This plugin also provides an option to authenticate request using JWT. Simply, just add one more parameter to your route configurationrequireAuthorization like,

$routes->connect('/foo/bar', ['controller' =>'Foo','action' =>'bar','isRest' =>true,'requireAuthorization' =>true]);

Now, the plugin will check for the JWT token in the request in form of a header, query parameter or post data. If you want to pass the token in the header, use the following format.

Authorization: Bearer [token]

And for query parameter or post data, usetoken parameter and set the token as a value of the parameter.

If you require the authentication in API, you first must grant the token to the user who is making the API request. In general, when a user logs in, the response should contain the token for all next requests.

To generate a token, use the method from Utility class of the plugin:JwtToken::generate().

/** * login method * * @return Response|void */publicfunctionlogin(){// you user authentication code will go here, you can compare the user with the database or whatever$payload = ['id' =>"Your User's ID",'other' =>"Some other data"    ];$token = \Rest\Utility\JwtToken::generate($payload);$this->set(compact('token'));}

And it will return the token in response. So, in next API calls, a user can use that token for authorization. You can add whatever data is required in your payload.

By default, the plugin uses the predefined key and algorithm to generate JWT token. You can update this configuration by creatingconfig/rest.php file. The content of this configuration file will be as following,

<?phpreturn ['Rest' => ['jwt' => ['key' =>'PUT YOUR KEY HERE',// it should contain alphanumeric string with symbols'algorithm' =>'HS256'// See https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40        ]    ]];

If there is a valid token available in the request, you can access it in your controller using thetoken andpayload properties.

/** * view method * * @return Response|void */publicfunctionview(){$token =$this->token;$payload =$this->payload;// your action logic...}

These properties are also available in your controller'sbeforeFilter method, so you can put additional authentication logic there.

If you have a problem with this plugin or found any bug, please open an issue onGitHub.