Git Product home page Git Product logo

concrete_api_proposal_2022's Introduction

Concrete CMS API Proposal 2022

Hello there! This is a package for Concrete CMS (9.1.1+) that adds a proposed REST API. This API is reasonably comprehensive: there are certainly many things you won't be able to do with this API that you can do with the full CMS application, but this API should give you significant access to the most important aspects of a Concrete CMS application.

The Purpose of this Package

This package demonstrates a comprehensive REST API. It demonstrates a proposed format for REST calls, including API scopes, endpoints, schemas, formats and operations. This proposal package has been built to be fully functional – meaning the documented operations in this package should actually work with a real site – but that doesn't mean it's fully tested and ready for production. Instead, this package is meant to demonstrate a proposed API, spark discussion about the API, and work as a spec.

Now that this proposed API is available, I hope that developers will install it somewhere, take a look at its proposals, kick the tires, and let me know if they think it's perfect everywhere (:fingerscrossed) or whether it needs some tweaks (more likely!)

Ultimately, this API – including any enhancements or tweaks that come about during this testing phase – is slated for inclusion in Concrete CMS 9.2.0 this fall.

Installation

Clone this repository into your testing site's packages/ directory.

Within your testing site, enable the Concrete CMS REST API on Dashboard > System and Settings > API > Settings. Do not create an integration at this time, it will be created for you when the package is installed.

For the redirect URL in this API integration, specify http://www.yoursiteurl.com/packages/concrete_api_proposal_2022/swagger/oauth2-redirect.html

Now, install the "Concrete CMS API Proposal" package into your site.

Try it Out

API proposals can be found in Dashboard > API Proposal. Clicking on this page will redirect you into a REST API page. From this page, click the "View API Documentation Console" button. This will launch standard REST API docs, powered by Swagger UI.

Screen Shot 2022-08-04 at 2 58 58 PM

Demonstration Video

For a quick walkthrough of installation and a demonstration of a couple REST endpoints in the new proposal, watch this video:

https://www.loom.com/share/d3f22bd837a44105a5c6b5ae982bcfe3

GraphQL

Yes, we are planning on a GraphQL API in addition to a REST API. No, that work has not yet been started.

Feedback

-- @aembler

concrete_api_proposal_2022's People

Contributors

aembler avatar korvinszanto avatar

Stargazers

Takuro Hishikawa avatar DanK avatar Remo Laubacher avatar Dimitris Gerasopoulos avatar Michele Locati avatar

Watchers

Takuro Hishikawa avatar avatar Michele Locati avatar avatar Franz Maruna avatar Lucian Povatanu avatar avatar

Forkers

lucian-hostco

concrete_api_proposal_2022's Issues

Proposal: change type for $results

The type of $results is array , but getSlice may return an object. How about changing it to iterable ?

concrete_api_proposal_2022/src/Traits/SupportsCursorTrait.php

Lines 28 to 34 in 2d48a3a

public function addCursorToResource(
array $results,
Request $request,
string $getNewCursorMethod,
ResourceAbstract $resource,
$previousCursor = null
) {

https://github.com/BabDev/Pagerfanta/blob/da4e5587853ae39662f8804e55a214fce820cb7f/lib/Core/Adapter/AdapterInterface.php#L17-L25

Client secrets not hashed

Client secrets should be hashed in the database and verified using password_verify. The ClientRepository wrapper included here does handle hashed passwords, but we rely on them being not hashed in the swagger UI and we should never have them not hashed.

Responses are unstructured JSON

We're using the DataArraySerializer by default which doesn't structure data beyond throwing it underneath a data key. Compare that to the JsonApiSerializer which does a lot more like integrating with pagerfanta to structure the data in a standard format.

The value of having a fixed organized structure is clients can be written to consume things like pagination, search, and any other metadata without needing to write separate functionality for each endpoint and implementors can be sure their outputs match the requirements rather than write something unique each time. Take for example Stripe's API, all endpoints that include pagination respond in the same clearly defined way: https://stripe.com/docs/api/pagination

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.