API Platform 3 Part 2 Security for your Treasures

Home : Book details : Book description

Description of API Platform 3 Part 2 Security for your Treasures

Ryan Weaver | Duration: 3:43 h | Video: H264 1920x1080 | Audio: AAC 48 kHz 2ch | 1,30 GB | Language: English
Here be dragons! We've built a pretty sweet API for storing dragon treasures... but we've completely neglected one minor detail: security! In this tutorial, we'll secure our API Platform-powered API in every way imaginable... and spin up a nifty test suite along the way
? Disabling documentation on production
? Different types of API authentication

? Logging in via Ajax & sessions
? Creating an API Token system with "scopes"
? Securing your API resources
? Bootstrapping tests with zenstruck/browser & zenstruck/foundry!
? How to use PATCH
? Adding security & securityPostDenormalize to operations & using object
? Voters
? Conditional fields based on permissions: #[ApiProperty(security: 'is_granted(...)')]

? Dynamic serialization groups with a ContextBuilder
? Completely dynamic fields by decorating the normalizer
? Preventing "not allowed" data with validation
? Automatically set the "owner" of an object on create
? Auto-filter collections with "query extensions"
Sheesh! Let's go!