The Definitive Guide to Yii 2.0
This tutorial is released under the Terms of Yii Documentation.
All Rights Reserved.
2014 (c) Yii Software LLC.
- Getting Started
- Application Structure
- Handling Requests
- Key Concepts
- Working with Databases
- Getting Data from Users
- Displaying Data
- RESTful Web Services
- Development Tools
- Special Topics
Unlike Web applications, RESTful APIs are usually stateless, which means sessions or cookies should not be used. Therefore, each request should come with some sort of authentication credentials because the user authentication status may not be maintained by sessions or cookies. A common practice is to send a secret access token with each request to authenticate the user. Since an access token can be used to uniquely identify and authenticate a user, API requests should always be sent via HTTPS to prevent man-in-the-middle (MitM) attacks.
With resource and controller classes ready, you can access the resources using the URL like
http://localhost/index.php?r=user/create, similar to what you can do with normal Web applications.
In practice, you usually want to enable pretty URLs and take advantage of HTTP verbs. For example, a request
POST /users would mean accessing the
user/create action. This can be done easily by configuring the
urlManager application component in the application configuration like the following:
After creating the resource classes and specifying how resource data should be formatted, the next thing to do is to create controller actions to expose the resources to end users through RESTful APIs.
RESTful APIs are all about accessing and manipulating resources. You may view resources as models in the MVC paradigm.
While there is no restriction in how to represent a resource, in Yii you usually would represent resources in terms of objects of [[yii\base\Model]] or its child classes (e.g. [[yii\db\ActiveRecord]]), for the following reasons:
Yii provides a whole set of tools to simplify the task of implementing RESTful Web Service APIs. In particular, Yii supports the following features about RESTful APIs:
- Quick prototyping with support for common APIs for Active Record;
- Response format negotiation (supporting JSON and XML by default);
- Customizable object serialization with support for selectable output fields;
- Proper formatting of collection data and validation errors;
- Collection pagination, filtering and sorting;
- Support for HATEOAS;
- Efficient routing with proper HTTP verb check;
- Built-in support for the
- Authentication and authorization;
- Data caching and HTTP caching;
- Rate limiting;
Introduction Article Count: 2
Getting Started Article Count: 8
Application Structure Article Count: 12
Handling Requests Article Count: 8
Key Concepts Article Count: 9
Working with Databases Article Count: 8
Getting Data from Users Article Count: 6
Displaying Data Article Count: 7
Security Article Count: 7
Caching Article Count: 5
RESTful Web Services Article Count: 9
Development Tools Article Count: 3
Testing Article Count: 6
Special Topics Article Count: 12
Widgets Article Count: 2
Helpers Article Count: 4
Page 6 of 18