RESTful Web Services
Content of the «RESTful Web Services» section The Definitive Guide to Yii 2.0:
- Quick Start
- Response Formatting
- Rate Limiting
- Error Handling
Articles section «RESTful Web Services» The Definitive Guide to Yii 2.0:
When handling a RESTful API Yii request, if there is an error in the user request or if something unexpected happens on the server, you may simply throw an exception to notify the user that something went wrong.
A good API is versioned. Unlike Web applications, with which you have full control of both the client-side and server-side code, APIs are meant to be used by clients beyond your control. For this reason, backward compatibility (BC) of the APIs should be maintained whenever possible.
To prevent abuse, you should consider adding rate limiting to your APIs. To enable rate limiting, the [[yii\web\User::identityClass|user identity class]] should implement [[yii\filters\RateLimitInterface]].
Unlike Web applications, RESTful APIs Yii are usually stateless, which means sessions or cookies should not be used. Yii API requests should always be sent via HTTPS to prevent man-in-the-middle (MitM) attacks.
Еnable pretty URLs and take advantage of HTTP verbs. Compared to the URL management for Web applications, the main new thing above is the use of [[yii\rest\UrlRule]] for routing RESTful API requests.
Create controller actions to expose the resources to end users through RESTful APIs after creating the resource classes and specifying how resource data should be formatted.
RESTful APIs in Yii 2 are all about accessing and manipulating resources. You may view resources as models in the MVC paradigm. In Yii you usually would represent resources in terms of objects of [[yii\base\Model]] or its child classes