The Definitive Guide to Yii 2.0

The Definitive Guide to Yii 2.0

The Definitive Guide to Yii 2.0

This tutorial is released under the Terms of Yii Documentation.

All Rights Reserved.

2014 (c) Yii Software LLC.



Authentication in Yii 2

User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active

Authentication

Unlike Web applications, RESTful APIs are usually stateless, which means sessions or cookies should not be used. Therefore, each request should come with some sort of authentication credentials because the user authentication status may not be maintained by sessions or cookies. A common practice is to send a secret access token with each request to authenticate the user. Since an access token can be used to uniquely identify and authenticate a user, API requests should always be sent via HTTPS to prevent man-in-the-middle (MitM) attacks.

Yii 2 Response Formatting

User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active

Response Formatting

When handling a RESTful API request, an application usually takes the following steps that are related with response formatting:

Routing in Yii 2

User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active

Routing

With resource and controller classes ready, you can access the resources using the URL like http://localhost/index.php?r=user/create, similar to what you can do with normal Web applications.

In practice, you usually want to enable pretty URLs and take advantage of HTTP verbs. For example, a request POST /users would mean accessing the user/create action. This can be done easily by configuring the urlManager application component in the application configuration like the following:

RESTful APIs Yii controllers

User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active

Controllers

After creating the resource classes and specifying how resource data should be formatted, the next thing to do is to create controller actions to expose the resources to end users through RESTful APIs.

RESTful APIs Resources in Yii 2

User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active

Resources

RESTful APIs are all about accessing and manipulating resources. You may view resources as models in the MVC paradigm.

While there is no restriction in how to represent a resource, in Yii you usually would represent resources in terms of objects of [[yii\base\Model]] or its child classes (e.g. [[yii\db\ActiveRecord]]), for the following reasons:

Quick Start in RESTful Web Services Yii 2

User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active

Quick Start

Yii provides a whole set of tools to simplify the task of implementing RESTful Web Service APIs. In particular, Yii supports the following features about RESTful APIs:

  • Quick prototyping with support for common APIs for Active Record;
  • Response format negotiation (supporting JSON and XML by default);
  • Customizable object serialization with support for selectable output fields;
  • Proper formatting of collection data and validation errors;
  • Collection pagination, filtering and sorting;
  • Support for HATEOAS;
  • Efficient routing with proper HTTP verb check;
  • Built-in support for the OPTIONS and HEAD verbs;
  • Authentication and authorization;
  • Data caching and HTTP caching;
  • Rate limiting;

Subcategories