SlideShare a Scribd company logo
Creating REST Applications
with the Slim Micro-Framework




                                Vikram Vaswani
                                  October 2012
slim
adj. slim·mer, slim·mest
   1. Small in girth or thickness in proportion
      to height or length; slender.
   2. Small in quantity or amount; meager:
      slim chances of success.

            From www.thefreedictionary.com
slim
PHP micro framework that helps you
quickly write simple yet powerful web
applications and APIs.

           From www.slimframework.com
Micro-Frameworks in 20 18 Words
●   Lightweight
●   Short learning curve
●   Flexible
●   Single-purpose
●   Good for
    ●   Small, static websites
    ●   API development and testing
    ●   Rapid prototyping
PHP Micro-Frameworks
●   Silex                ●   Phraw
●   Limonade             ●   Photon
●   GluePHP              ●   Fitzgerald
●   FlightPHP            ●   phpMF
●   Fat-Free Framework   ●   Swiftlet
●   MicroMVC             ●   Tachyon
●   Bullet               ●   Pupcake
●   Bento                ●   Relax
●   Yolo                 ●   Lime
●   Fluphy               ●   Shield
●   Tonic                ●   Hydra
●   Phlyty               ●   Gum
Entrée
Introducing Slim

   "Slim is a PHP micro framework that helps you
 quickly write simple yet powerful web applications
                     and APIs."

          From www.slimframework.com
Key Features
●   Powerful router
    ●   Standard and custom HTTP methods
    ●   Route parameters with wildcards and conditions
    ●   Route middleware
●   Template rendering with custom views
●   Flash messages
●   Secure cookies with AES-256 encryption
Key Features
●   HTTP caching
●   Logging with custom log writers
●   Error handling and debugging
●   Middleware architecture
●   Simple configuration
●   Extensive documentation
●   Active, enthusiastic community
●   Licensed under the MIT Public License
First Taste
<?php
// load
require 'Slim/Slim.php';
SlimSlim::registerAutoloader();

// initialize
$app = new SlimSlim();

// map routes
$app->get('/eat/:food', function ($food) {
  echo "Yum! That $food looks fantastic!";
});

// ...and we're off!
$app->run();
First Taste
Main Course
Slim + REST
●   Define URI routes, parameters and HTTP methods
    ●   GET / POST / PUT / DELETE
    ●   /my/api/endpoint/:parameter
●   Map routes to callbacks
    ●   Accept and validate input parameters from request object
    ●   Perform custom processing within callback
    ●   Produce and return response object
Example: REST Resources




                                                  So urce : W ikipe dia
                          e n. wikipe dia. o rg /wiki/Pe rio dic_ table
REST API
GET /api/v1/elements        Retrieve all elements from the periodic table


GET /api/v1/elements/1      Retrieve element #1 (hydrogen)


POST /api/v1/elements       Create new element


PUT /api/v1/elements/28     Update element #28 (nickel)


DELETE /api/v1/elements/8   Delete element #8 (oxygen)
Resource Representation (MySQL)
CREATE TABLE IF NOT EXISTS `elements` (
 `id` int(11) NOT NULL AUTO_INCREMENT,
 `num` int(11) NOT NULL,
 `name` varchar(255) NOT NULL,
 `symbol` char(2) NOT NULL,
 `weight` float NOT NULL,
 PRIMARY KEY (`id`)
) ENGINE=InnoDB;


INSERT INTO `elements` (`id`, `num`, `name`, `symbol`,
`weight`) VALUES(1, 1, 'Hydrogen', 'H', 1.008);
INSERT INTO `elements` (`id`, `num`, `name`, `symbol`,
`weight`) VALUES(2, 2, 'Helium', 'He', 4.0026);
Resource Representation (JSON)
 {
 "id":"1",
 "num":"1",
 "name":"Hydrogen",
 "symbol":"H",
 "weight":"1.008"
 },{
 "id":"2",
 "num":"2",
 "name":"Helium",
 "symbol":"He",
 "weight":"4.0026"
 }
RedBeanPHP
<?php
// load
require 'RedBean/rb.php';


// set up database connection
R::setup('mysql:host=localhost;dbname=appdata','user','
pass');
R::freeze(true);


// get all records
$elements = R::find('elements');
RedBeanPHP
<?php
// get a single record
$element = R::findOne('elements', 'id=?',
array($id));


// update element record
$element->name = 'foo'


// save modified record
R::store($element);
REST API Implementation
<?php
$app->get('/api/v1/elements', function () { ... }

$app->get('/api/v1/elements/:id', function ($id) { ... }

$app->post('/api/v1/elements', function ($id) { ... }

$app->put('/api/v1/elements/:id', function ($id) { ... }

$app->delete('/api/v1/elements/:id', function ($id) { ... }
GET Request Handler
<?php
// handle GET requests for /api/v1/elements
$app->get('/api/v1/elements', function () use ($app) {
      // get all elements
      $elements = R::find('elements');


      // create JSON response
    $app->response()->header('Content-Type',
'application/json');
      echo json_encode(R::exportAll($elements));
});
GET Response
GET Request Handler
<?php
// handle GET requests for /api/v1/elements/*
$app->get('/api/v1/elements/:id', function ($id) use ($app) {
      // get element by id
      $article = R::findOne('elements', 'id=?', array($id));


      // create JSON response if element found
      // else send 404 server error
      if ($article) {
          $app->response()->header('Content-Type', 'application/json');
          echo json_encode(R::exportAll($article));
      } else {
          $app->response()->status(404);
      }
});
GET Response
In The News Recently...




                                                                                             So urce : Live Scie nce
                 www. live scie nce . co m/20 6 9 8 -e le me nts-pe rio dic-table -fle ro vium-live rmo rium. html
POST Request Handler
<?php
// handle POST requests for /api/v1/elements/*
$app->post('/api/v1/elements', function () use ($app) {
      // get request body, decode into PHP object
      $request = $app->request();
      $body = $request->getBody();
      $input = json_decode($body);


      // create and save element record
      $element = R::dispense('elements');
      $element->num = (string)$input->num;   // do same for other attributes
      R::store($element);


      // create and send JSON response
      $app->response()->status(201);
      $app->response()->header('Content-Type', 'application/json');
      echo json_encode(R::exportAll($element));
});
POST Request
POST Response
PUT Request Handler
<?php
// handle PUT requests for /api/v1/elements/*
$app->put('/api/v1/elements/:id', function ($id) use ($app) {
      // get request body, decode into PHP object
      $request = $app->request();
      $body = $request->getBody();
      $input = json_decode($body);


      // retrieve specified element record
      // save modified record, create and send JSON response
      $element = R::findOne('elements', 'id=?', array($id));
      if ($element) {
          $element->num = (string)$input->num;   // do same for other attributes
          R::store($element);
          $app->response()->header('Content-Type', 'application/json');
          echo json_encode(R::exportAll($element));
      } else {
          $app->response()->status(404);
      }
});
PUT Request
PUT Response
DELETE Request Handler
<?php
// handle DELETE requests for /api/v1/elements
$app->delete('/api/v1/elements/:id', function ($id) use ($app) {
      $request = $app->request();
      $element = R::findOne('elements', 'id=?', array($id));
      if ($element) {
          R::trash($element);
          $app->response()->status(204);
      } else {
          $app->response()->status(404);
      }
});
DELETE Response
Accompaniments
Common Requirements
●   Authentication
●   Parameter validation
●   Request logging
●   Multi-format support
Common Requirements
●   Authentication
●   Parameter validation
●   Request logging
●   Multi-format support
Middleware


"The purpose of middleware is to inspect, analyze, or
  modify the application environment, request, and
 response before and/or after the Slim application is
                     invoked."

           From docs.slimframework.com
Middleware Use Cases
●   Authentication/authorization
●   Request pre-processing
●   Response post-processing
●   Filter chaining
●   Logging
Example: API Authentication
<?php
// route middleware for simple API authentication
function authenticate(SlimRoute $route) {
      $app = SlimSlim::getInstance();
      $uid = $app->getEncryptedCookie('uid');
      $key = $app->getEncryptedCookie('key');
      if (validateUserKey($uid, $key) === false) {
          $app->halt(401);
      }
}


// add API authentication for GET requests
$app->get('/api/v1/elements', 'authenticate', function () use ($app) {
    // GET handler code here
});
Response to Unauthenticated API
Request
Common Requirements
●   Authentication
●   Parameter validation
●   Request logging
●   Multi-format support
Example: API Parameter Validation
●   Optional and mandatory route parameters:
<?php
$app->get('/api/v1/elements(/:symbol)', function
() use ($app) { ... };

●   Route conditions:
<?php
$app->get('/api/v1/elements/:id', function () use
($app) { ... }->conditions(array('id' => '[0-9]
{1,}'));
Common Requirements
●   Authentication
●   Parameter validation
●   Request logging
●   Multi-format support
Request Object
<?php
// get request object
$request = $app->request();


// get request headers as associative array
$headers = $request->headers();


// get request path
$type = $request->getPathInfo()


// get request IP address and host
$body = $request->getIp() . ',' . $request->getHost();
Example: API Request Logging
<?php
// initialize logger
$app = new SlimSlim(array(
    'log.enabled' => 'true',
    'log.writer' => new FileLogWriter()
));


class FileLogWriter {
    public function write($message) {
    file_put_contents('my.log', $message . PHP_EOL,
FILE_APPEND);
    }
}
Example: Request Logging
<?php
// handle GET requests for /api/v1/elements
$app->get('/api/v1/elements', function () use ($app) {
    // get request headers and log message
    $request = $app->request();
    $message = sprintf("%s [%s] "%s %s"",
        $request->getIp(),
        time(),
        $request->getMethod(),
        $request->getPathInfo()
    );
    $app->getLog()->info($message);


    // handler code
}
Common Requirements
●   Authentication
●   Parameter validation
●   Request logging
●   Multi-format support
Request Object
<?php
// get request object
$request = $app->request();


// get request parameters as associative array
$headers = $request->params();


// get cookies
$headers = $request->cookies();


// get request content type
$type = $request->getMediaType()


// get raw request body
$body = $request->getBody();
Example: API Multi-Format Support
<?php
$app->get('/api/v1/elements', function () use ($app) {
      // check request content type, send XML or JSON response
      $mediaType = $app->request()->getMediaType();
      if ($mediaType == 'application/xml') {
          $app->response()->header('Content-Type', 'application/xml');
          $xml = new SimpleXMLElement('<root/>');
          foreach (R::exportAll($elements) as $r) {
              $item = $xml->addChild('item');
              $item->addChild('id', $r['id']);   // do same for other attributes
          }
          echo $xml->asXml();
      } else if (($mediaType == 'application/json')) {
          $app->response()->header('Content-Type', 'application/json');
          echo json_encode(R::exportAll($elements));
      }
});
GET Response (XML)
POST Request (XML)
POST Response (XML)
Dessert
Performance




              Put simply:
                F = ma
Or, To Put It Another Way...



 “ If everything seems under control, you're not going
                     fast enough.”

                   - Mario Andretti



                                                                              So urce : Go o dre ads. co m
                           http: //www. g o o dre ads. co m/autho r/quo te s/21 1 56 9 4. M _ A tti
                                                                                           ario ndre
Weight
Framework             Self time (Milliseconds) Sum of calls
Slim 2.0.0            1,008                     3,612
Zend Framework 1.11   2,917                     4,616
Agavi 1.0.1           13,885                    25,988




   30000

   25000

   20000
                                                              Slim
   15000                                                      Zend Framework
                                                              Agavi
   10000

   5000

      0
                                 Sum of Calls
Requests Per Second
Framework             Throughput (Requests/
                                          Second)
Slim 2.0.0            29.43
Zend Framework 1.11   15.10
Agavi 1.0.1           2.44




   35

   30

   25

   20                                               Slim
                                                    Zend Framework
   15
                                                    Agavi
   10

   5

   0
                      Throughput
Minimum Request Time
Framework                          M R
                                    in. equest Time (Milliseconds)
Slim 2.0.0                         53
Zend Framework 1.11                123
Agavi 1.0.1                        412




   450
   400
   350
   300
   250                                                               Slim
                                                                     Zend Framework
   200
                                                                     Agavi
   150
   100
   50
    0
                      Min. Request Time
"Lies, Damned Lies and Statistics"
Test data based on informal testing
●   Apache JMeter
    ●   300 concurrent requests, averaged over 3 test runs
●   Dual-core Dell server @ 2.4 GhZ
●   Apache 2.2, PHP 5.3, Xdebug 2.2 and MySQL 5.1
●   Unoptimized applications; default framework
    settings
●   Your mileage may (and probably will) vary!
Resources
●   Usage docs: docs.slimframework.com
●   API docs: dev.slimframework.com/phpdocs
●   Source code: github.com/codeguy/Slim
●   Forums: help.slimframework.com
●   News: www.slimframework.com/news
●   Twitter: @slimphp
Questions?
Contact Information
Email:
●   vikram-vaswani.in/contact
Web:
●   www.melonfire.com
●   vikram-vaswani.in
Social networks:
●   plus.google.com/100028886433648406825

More Related Content

What's hot

LowSalPresentation
LowSalPresentationLowSalPresentation
LowSalPresentation
Ajuwa Henry
 
Leakages in pipes,ppt
Leakages in pipes,pptLeakages in pipes,ppt
Leakages in pipes,ppt
santosh naik
 

What's hot (12)

cathodic protection
cathodic protectioncathodic protection
cathodic protection
 
Fingerprint development and Ridge Characteristics
Fingerprint development and Ridge CharacteristicsFingerprint development and Ridge Characteristics
Fingerprint development and Ridge Characteristics
 
LowSalPresentation
LowSalPresentationLowSalPresentation
LowSalPresentation
 
Mine Gas Detections & Monitoring
Mine Gas Detections & MonitoringMine Gas Detections & Monitoring
Mine Gas Detections & Monitoring
 
GUN POWDER
GUN POWDERGUN POWDER
GUN POWDER
 
explosives
explosivesexplosives
explosives
 
Norm
NormNorm
Norm
 
Leakages in pipes,ppt
Leakages in pipes,pptLeakages in pipes,ppt
Leakages in pipes,ppt
 
Dinesh chandola ppt
Dinesh chandola pptDinesh chandola ppt
Dinesh chandola ppt
 
Quality Control & Quality Assurance of MS pipeline
Quality Control & Quality Assurance of MS pipelineQuality Control & Quality Assurance of MS pipeline
Quality Control & Quality Assurance of MS pipeline
 
Recording of Fingeprints
Recording of FingeprintsRecording of Fingeprints
Recording of Fingeprints
 
UG Explosives and Blasting
UG Explosives and BlastingUG Explosives and Blasting
UG Explosives and Blasting
 

Viewers also liked

Keeping it Small: Getting to know the Slim Micro Framework
Keeping it Small: Getting to know the Slim Micro FrameworkKeeping it Small: Getting to know the Slim Micro Framework
Keeping it Small: Getting to know the Slim Micro Framework
Jeremy Kendall
 
Consuming RESTful services in PHP
Consuming RESTful services in PHPConsuming RESTful services in PHP
Consuming RESTful services in PHP
Zoran Jeremic
 
Keeping it small: Getting to know the Slim micro framework
Keeping it small: Getting to know the Slim micro frameworkKeeping it small: Getting to know the Slim micro framework
Keeping it small: Getting to know the Slim micro framework
Jeremy Kendall
 

Viewers also liked (20)

Hello World on Slim Framework 3.x
Hello World on Slim Framework 3.xHello World on Slim Framework 3.x
Hello World on Slim Framework 3.x
 
Micro Web Service - Slim and JWT
Micro Web Service - Slim and JWTMicro Web Service - Slim and JWT
Micro Web Service - Slim and JWT
 
Web 2.0 - From a Social to a Service Web
Web 2.0 - From a Social to a Service WebWeb 2.0 - From a Social to a Service Web
Web 2.0 - From a Social to a Service Web
 
Web Services PHP Tutorial
Web Services PHP TutorialWeb Services PHP Tutorial
Web Services PHP Tutorial
 
Keeping it Small: Getting to know the Slim Micro Framework
Keeping it Small: Getting to know the Slim Micro FrameworkKeeping it Small: Getting to know the Slim Micro Framework
Keeping it Small: Getting to know the Slim Micro Framework
 
Taking Care of The REST - Creating your own RESTful API Server using Restler 2.0
Taking Care of The REST - Creating your own RESTful API Server using Restler 2.0Taking Care of The REST - Creating your own RESTful API Server using Restler 2.0
Taking Care of The REST - Creating your own RESTful API Server using Restler 2.0
 
Slim Framework
Slim FrameworkSlim Framework
Slim Framework
 
AtlasCamp2014: Introducing the Confluence REST API
AtlasCamp2014: Introducing the Confluence REST APIAtlasCamp2014: Introducing the Confluence REST API
AtlasCamp2014: Introducing the Confluence REST API
 
PHP Experience 2016 - [Palestra] Json Web Token (JWT)
PHP Experience 2016 - [Palestra] Json Web Token (JWT)PHP Experience 2016 - [Palestra] Json Web Token (JWT)
PHP Experience 2016 - [Palestra] Json Web Token (JWT)
 
Building Modern and Secure PHP Applications – Codementor Office Hours with Be...
Building Modern and Secure PHP Applications – Codementor Office Hours with Be...Building Modern and Secure PHP Applications – Codementor Office Hours with Be...
Building Modern and Secure PHP Applications – Codementor Office Hours with Be...
 
Os mitos do desenvolvimento front-end
Os mitos do desenvolvimento front-endOs mitos do desenvolvimento front-end
Os mitos do desenvolvimento front-end
 
Consuming RESTful services in PHP
Consuming RESTful services in PHPConsuming RESTful services in PHP
Consuming RESTful services in PHP
 
What they don't tell you about sugarcrm community edition
What they don't tell you about sugarcrm community editionWhat they don't tell you about sugarcrm community edition
What they don't tell you about sugarcrm community edition
 
Git and git flow
Git and git flowGit and git flow
Git and git flow
 
WebApp #3 : API
WebApp #3 : APIWebApp #3 : API
WebApp #3 : API
 
Json web token api authorization
Json web token api authorizationJson web token api authorization
Json web token api authorization
 
Servicio y Consumo de Servicios REST en PHP
Servicio y Consumo de Servicios REST en PHPServicio y Consumo de Servicios REST en PHP
Servicio y Consumo de Servicios REST en PHP
 
Keeping it small: Getting to know the Slim micro framework
Keeping it small: Getting to know the Slim micro frameworkKeeping it small: Getting to know the Slim micro framework
Keeping it small: Getting to know the Slim micro framework
 
Api anti patterns
Api anti patternsApi anti patterns
Api anti patterns
 
Securing Web Applications with Token Authentication
Securing Web Applications with Token AuthenticationSecuring Web Applications with Token Authentication
Securing Web Applications with Token Authentication
 

Similar to Creating REST Applications with the Slim Micro-Framework by Vikram Vaswani

Cakefest 2010: API Development
Cakefest 2010: API DevelopmentCakefest 2010: API Development
Cakefest 2010: API Development
Andrew Curioso
 
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQueryRemedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Tatsuhiko Miyagawa
 
Psgi Plack Sfpm
Psgi Plack SfpmPsgi Plack Sfpm
Psgi Plack Sfpm
som_nangia
 
Psgi Plack Sfpm
Psgi Plack SfpmPsgi Plack Sfpm
Psgi Plack Sfpm
wilburlo
 
Do you want a SDK with that API? (Nordic APIS April 2014)
Do you want a SDK with that API? (Nordic APIS April 2014)Do you want a SDK with that API? (Nordic APIS April 2014)
Do you want a SDK with that API? (Nordic APIS April 2014)
Nordic APIs
 
jsSaturday - PhoneGap and jQuery Mobile for SharePoint 2013
jsSaturday - PhoneGap and jQuery Mobile for SharePoint 2013jsSaturday - PhoneGap and jQuery Mobile for SharePoint 2013
jsSaturday - PhoneGap and jQuery Mobile for SharePoint 2013
Kiril Iliev
 
symfony on action - WebTech 207
symfony on action - WebTech 207symfony on action - WebTech 207
symfony on action - WebTech 207
patter
 

Similar to Creating REST Applications with the Slim Micro-Framework by Vikram Vaswani (20)

REST API for your WP7 App
REST API for your WP7 AppREST API for your WP7 App
REST API for your WP7 App
 
REST API Best Practices & Implementing in Codeigniter
REST API Best Practices & Implementing in CodeigniterREST API Best Practices & Implementing in Codeigniter
REST API Best Practices & Implementing in Codeigniter
 
Cakefest 2010: API Development
Cakefest 2010: API DevelopmentCakefest 2010: API Development
Cakefest 2010: API Development
 
Intro to PSGI and Plack
Intro to PSGI and PlackIntro to PSGI and Plack
Intro to PSGI and Plack
 
api-platform: the ultimate API platform
api-platform: the ultimate API platformapi-platform: the ultimate API platform
api-platform: the ultimate API platform
 
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQueryRemedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
Remedie: Building a desktop app with HTTP::Engine, SQLite and jQuery
 
Psgi Plack Sfpm
Psgi Plack SfpmPsgi Plack Sfpm
Psgi Plack Sfpm
 
Psgi Plack Sfpm
Psgi Plack SfpmPsgi Plack Sfpm
Psgi Plack Sfpm
 
Complex Sites with Silex
Complex Sites with SilexComplex Sites with Silex
Complex Sites with Silex
 
Flask and Angular: An approach to build robust platforms
Flask and Angular:  An approach to build robust platformsFlask and Angular:  An approach to build robust platforms
Flask and Angular: An approach to build robust platforms
 
Building WordPress Client Side Applications with WP and WP-API - #wcmia
Building WordPress Client Side Applications with WP and WP-API - #wcmiaBuilding WordPress Client Side Applications with WP and WP-API - #wcmia
Building WordPress Client Side Applications with WP and WP-API - #wcmia
 
Plack - LPW 2009
Plack - LPW 2009Plack - LPW 2009
Plack - LPW 2009
 
Silex Cheat Sheet
Silex Cheat SheetSilex Cheat Sheet
Silex Cheat Sheet
 
Silex Cheat Sheet
Silex Cheat SheetSilex Cheat Sheet
Silex Cheat Sheet
 
Building Web Apps with Express
Building Web Apps with ExpressBuilding Web Apps with Express
Building Web Apps with Express
 
Do you want a SDK with that API? (Nordic APIS April 2014)
Do you want a SDK with that API? (Nordic APIS April 2014)Do you want a SDK with that API? (Nordic APIS April 2014)
Do you want a SDK with that API? (Nordic APIS April 2014)
 
jsSaturday - PhoneGap and jQuery Mobile for SharePoint 2013
jsSaturday - PhoneGap and jQuery Mobile for SharePoint 2013jsSaturday - PhoneGap and jQuery Mobile for SharePoint 2013
jsSaturday - PhoneGap and jQuery Mobile for SharePoint 2013
 
Using the new WordPress REST API
Using the new WordPress REST APIUsing the new WordPress REST API
Using the new WordPress REST API
 
symfony on action - WebTech 207
symfony on action - WebTech 207symfony on action - WebTech 207
symfony on action - WebTech 207
 
CodeIgniter PHP MVC Framework
CodeIgniter PHP MVC FrameworkCodeIgniter PHP MVC Framework
CodeIgniter PHP MVC Framework
 

Recently uploaded

Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
UXDXConf
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Peter Udo Diehl
 

Recently uploaded (20)

Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for SuccessStructuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdf
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024   Teams Premium - Pretty SecureECS 2024   Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
Server-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at PricelineServer-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at Priceline
 
The architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdfThe architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdf
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
 

Creating REST Applications with the Slim Micro-Framework by Vikram Vaswani

  • 1. Creating REST Applications with the Slim Micro-Framework Vikram Vaswani October 2012
  • 2. slim adj. slim·mer, slim·mest 1. Small in girth or thickness in proportion to height or length; slender. 2. Small in quantity or amount; meager: slim chances of success. From www.thefreedictionary.com
  • 3. slim PHP micro framework that helps you quickly write simple yet powerful web applications and APIs. From www.slimframework.com
  • 4. Micro-Frameworks in 20 18 Words ● Lightweight ● Short learning curve ● Flexible ● Single-purpose ● Good for ● Small, static websites ● API development and testing ● Rapid prototyping
  • 5. PHP Micro-Frameworks ● Silex ● Phraw ● Limonade ● Photon ● GluePHP ● Fitzgerald ● FlightPHP ● phpMF ● Fat-Free Framework ● Swiftlet ● MicroMVC ● Tachyon ● Bullet ● Pupcake ● Bento ● Relax ● Yolo ● Lime ● Fluphy ● Shield ● Tonic ● Hydra ● Phlyty ● Gum
  • 7. Introducing Slim "Slim is a PHP micro framework that helps you quickly write simple yet powerful web applications and APIs." From www.slimframework.com
  • 8. Key Features ● Powerful router ● Standard and custom HTTP methods ● Route parameters with wildcards and conditions ● Route middleware ● Template rendering with custom views ● Flash messages ● Secure cookies with AES-256 encryption
  • 9. Key Features ● HTTP caching ● Logging with custom log writers ● Error handling and debugging ● Middleware architecture ● Simple configuration ● Extensive documentation ● Active, enthusiastic community ● Licensed under the MIT Public License
  • 10. First Taste <?php // load require 'Slim/Slim.php'; SlimSlim::registerAutoloader(); // initialize $app = new SlimSlim(); // map routes $app->get('/eat/:food', function ($food) { echo "Yum! That $food looks fantastic!"; }); // ...and we're off! $app->run();
  • 13. Slim + REST ● Define URI routes, parameters and HTTP methods ● GET / POST / PUT / DELETE ● /my/api/endpoint/:parameter ● Map routes to callbacks ● Accept and validate input parameters from request object ● Perform custom processing within callback ● Produce and return response object
  • 14. Example: REST Resources So urce : W ikipe dia e n. wikipe dia. o rg /wiki/Pe rio dic_ table
  • 15. REST API GET /api/v1/elements Retrieve all elements from the periodic table GET /api/v1/elements/1 Retrieve element #1 (hydrogen) POST /api/v1/elements Create new element PUT /api/v1/elements/28 Update element #28 (nickel) DELETE /api/v1/elements/8 Delete element #8 (oxygen)
  • 16. Resource Representation (MySQL) CREATE TABLE IF NOT EXISTS `elements` ( `id` int(11) NOT NULL AUTO_INCREMENT, `num` int(11) NOT NULL, `name` varchar(255) NOT NULL, `symbol` char(2) NOT NULL, `weight` float NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB; INSERT INTO `elements` (`id`, `num`, `name`, `symbol`, `weight`) VALUES(1, 1, 'Hydrogen', 'H', 1.008); INSERT INTO `elements` (`id`, `num`, `name`, `symbol`, `weight`) VALUES(2, 2, 'Helium', 'He', 4.0026);
  • 17. Resource Representation (JSON) { "id":"1", "num":"1", "name":"Hydrogen", "symbol":"H", "weight":"1.008" },{ "id":"2", "num":"2", "name":"Helium", "symbol":"He", "weight":"4.0026" }
  • 18. RedBeanPHP <?php // load require 'RedBean/rb.php'; // set up database connection R::setup('mysql:host=localhost;dbname=appdata','user',' pass'); R::freeze(true); // get all records $elements = R::find('elements');
  • 19. RedBeanPHP <?php // get a single record $element = R::findOne('elements', 'id=?', array($id)); // update element record $element->name = 'foo' // save modified record R::store($element);
  • 20. REST API Implementation <?php $app->get('/api/v1/elements', function () { ... } $app->get('/api/v1/elements/:id', function ($id) { ... } $app->post('/api/v1/elements', function ($id) { ... } $app->put('/api/v1/elements/:id', function ($id) { ... } $app->delete('/api/v1/elements/:id', function ($id) { ... }
  • 21. GET Request Handler <?php // handle GET requests for /api/v1/elements $app->get('/api/v1/elements', function () use ($app) { // get all elements $elements = R::find('elements'); // create JSON response $app->response()->header('Content-Type', 'application/json'); echo json_encode(R::exportAll($elements)); });
  • 23. GET Request Handler <?php // handle GET requests for /api/v1/elements/* $app->get('/api/v1/elements/:id', function ($id) use ($app) { // get element by id $article = R::findOne('elements', 'id=?', array($id)); // create JSON response if element found // else send 404 server error if ($article) { $app->response()->header('Content-Type', 'application/json'); echo json_encode(R::exportAll($article)); } else { $app->response()->status(404); } });
  • 25. In The News Recently... So urce : Live Scie nce www. live scie nce . co m/20 6 9 8 -e le me nts-pe rio dic-table -fle ro vium-live rmo rium. html
  • 26. POST Request Handler <?php // handle POST requests for /api/v1/elements/* $app->post('/api/v1/elements', function () use ($app) { // get request body, decode into PHP object $request = $app->request(); $body = $request->getBody(); $input = json_decode($body); // create and save element record $element = R::dispense('elements'); $element->num = (string)$input->num; // do same for other attributes R::store($element); // create and send JSON response $app->response()->status(201); $app->response()->header('Content-Type', 'application/json'); echo json_encode(R::exportAll($element)); });
  • 29. PUT Request Handler <?php // handle PUT requests for /api/v1/elements/* $app->put('/api/v1/elements/:id', function ($id) use ($app) { // get request body, decode into PHP object $request = $app->request(); $body = $request->getBody(); $input = json_decode($body); // retrieve specified element record // save modified record, create and send JSON response $element = R::findOne('elements', 'id=?', array($id)); if ($element) { $element->num = (string)$input->num; // do same for other attributes R::store($element); $app->response()->header('Content-Type', 'application/json'); echo json_encode(R::exportAll($element)); } else { $app->response()->status(404); } });
  • 32. DELETE Request Handler <?php // handle DELETE requests for /api/v1/elements $app->delete('/api/v1/elements/:id', function ($id) use ($app) { $request = $app->request(); $element = R::findOne('elements', 'id=?', array($id)); if ($element) { R::trash($element); $app->response()->status(204); } else { $app->response()->status(404); } });
  • 35. Common Requirements ● Authentication ● Parameter validation ● Request logging ● Multi-format support
  • 36. Common Requirements ● Authentication ● Parameter validation ● Request logging ● Multi-format support
  • 37. Middleware "The purpose of middleware is to inspect, analyze, or modify the application environment, request, and response before and/or after the Slim application is invoked." From docs.slimframework.com
  • 38. Middleware Use Cases ● Authentication/authorization ● Request pre-processing ● Response post-processing ● Filter chaining ● Logging
  • 39. Example: API Authentication <?php // route middleware for simple API authentication function authenticate(SlimRoute $route) { $app = SlimSlim::getInstance(); $uid = $app->getEncryptedCookie('uid'); $key = $app->getEncryptedCookie('key'); if (validateUserKey($uid, $key) === false) { $app->halt(401); } } // add API authentication for GET requests $app->get('/api/v1/elements', 'authenticate', function () use ($app) { // GET handler code here });
  • 41. Common Requirements ● Authentication ● Parameter validation ● Request logging ● Multi-format support
  • 42. Example: API Parameter Validation ● Optional and mandatory route parameters: <?php $app->get('/api/v1/elements(/:symbol)', function () use ($app) { ... }; ● Route conditions: <?php $app->get('/api/v1/elements/:id', function () use ($app) { ... }->conditions(array('id' => '[0-9] {1,}'));
  • 43. Common Requirements ● Authentication ● Parameter validation ● Request logging ● Multi-format support
  • 44. Request Object <?php // get request object $request = $app->request(); // get request headers as associative array $headers = $request->headers(); // get request path $type = $request->getPathInfo() // get request IP address and host $body = $request->getIp() . ',' . $request->getHost();
  • 45. Example: API Request Logging <?php // initialize logger $app = new SlimSlim(array( 'log.enabled' => 'true', 'log.writer' => new FileLogWriter() )); class FileLogWriter { public function write($message) { file_put_contents('my.log', $message . PHP_EOL, FILE_APPEND); } }
  • 46. Example: Request Logging <?php // handle GET requests for /api/v1/elements $app->get('/api/v1/elements', function () use ($app) { // get request headers and log message $request = $app->request(); $message = sprintf("%s [%s] "%s %s"", $request->getIp(), time(), $request->getMethod(), $request->getPathInfo() ); $app->getLog()->info($message); // handler code }
  • 47. Common Requirements ● Authentication ● Parameter validation ● Request logging ● Multi-format support
  • 48. Request Object <?php // get request object $request = $app->request(); // get request parameters as associative array $headers = $request->params(); // get cookies $headers = $request->cookies(); // get request content type $type = $request->getMediaType() // get raw request body $body = $request->getBody();
  • 49. Example: API Multi-Format Support <?php $app->get('/api/v1/elements', function () use ($app) { // check request content type, send XML or JSON response $mediaType = $app->request()->getMediaType(); if ($mediaType == 'application/xml') { $app->response()->header('Content-Type', 'application/xml'); $xml = new SimpleXMLElement('<root/>'); foreach (R::exportAll($elements) as $r) { $item = $xml->addChild('item'); $item->addChild('id', $r['id']); // do same for other attributes } echo $xml->asXml(); } else if (($mediaType == 'application/json')) { $app->response()->header('Content-Type', 'application/json'); echo json_encode(R::exportAll($elements)); } });
  • 54. Performance Put simply: F = ma
  • 55. Or, To Put It Another Way... “ If everything seems under control, you're not going fast enough.” - Mario Andretti So urce : Go o dre ads. co m http: //www. g o o dre ads. co m/autho r/quo te s/21 1 56 9 4. M _ A tti ario ndre
  • 56. Weight Framework Self time (Milliseconds) Sum of calls Slim 2.0.0 1,008 3,612 Zend Framework 1.11 2,917 4,616 Agavi 1.0.1 13,885 25,988 30000 25000 20000 Slim 15000 Zend Framework Agavi 10000 5000 0 Sum of Calls
  • 57. Requests Per Second Framework Throughput (Requests/ Second) Slim 2.0.0 29.43 Zend Framework 1.11 15.10 Agavi 1.0.1 2.44 35 30 25 20 Slim Zend Framework 15 Agavi 10 5 0 Throughput
  • 58. Minimum Request Time Framework M R in. equest Time (Milliseconds) Slim 2.0.0 53 Zend Framework 1.11 123 Agavi 1.0.1 412 450 400 350 300 250 Slim Zend Framework 200 Agavi 150 100 50 0 Min. Request Time
  • 59. "Lies, Damned Lies and Statistics" Test data based on informal testing ● Apache JMeter ● 300 concurrent requests, averaged over 3 test runs ● Dual-core Dell server @ 2.4 GhZ ● Apache 2.2, PHP 5.3, Xdebug 2.2 and MySQL 5.1 ● Unoptimized applications; default framework settings ● Your mileage may (and probably will) vary!
  • 60. Resources ● Usage docs: docs.slimframework.com ● API docs: dev.slimframework.com/phpdocs ● Source code: github.com/codeguy/Slim ● Forums: help.slimframework.com ● News: www.slimframework.com/news ● Twitter: @slimphp
  • 62. Contact Information Email: ● vikram-vaswani.in/contact Web: ● www.melonfire.com ● vikram-vaswani.in Social networks: ● plus.google.com/100028886433648406825

Editor's Notes

  1. Typically less than 200-300 KB in size. Slim is ~200 KB. Based on ideas promulgated by Sinatra (Ruby). Reduces overall size of project. Most projects use 5% of a full-stack framework like Zend, Symfony, etc.
  2. The modified object is then saved back to the database, and a JSON representation returned to the caller with a 200 server response code. In the event that the identifier provided does not match an existing resource, a custom exception is thrown and a 404 server error response sent back to the client.
  3. The response to a successful DELETE request can be a 200 (OK) with the status in the response body, or a 204 (No Content) with an empty response body