RAML-JSON-API PHP-code generator (based on RAML-types) for Laravel framework, with complete support of JSON-API data format
JSON API support turned on by default - see Turn off JSON API support
section bellow
- Installation
- Configuration
- Running generator
- RAML Types and Declarations
- Generated files content
- Relationships
- Query parameters
- Security
- Static access token
- JWT
composer require rjapi/raml-json-api
Add command to $commands
array in app/Console/Kernel.php
protected $commands = [
RJApiGenerator::class,
];
Next add the following service provider in config/app.php
.
'providers' => [
Nwidart\Modules\LaravelModulesServiceProvider::class,
],
Next, add the following aliases to aliases
array in the same file.
'aliases' => [
'Module' => Nwidart\Modules\Facades\Module::class,
],
Next publish the package's configuration file by running :
php artisan vendor:publish --provider="Nwidart\Modules\LaravelModulesServiceProvider"
By default controllers, entities or repositories are not loaded automatically. You can autoload your modules using psr-4
. For example :
{
"autoload": {
"psr-4": {
"App\\": "app/",
"Modules\\": "Modules/"
}
}
}
Run in console:
php artisan raml:generate raml/articles.raml --migrations
This command creates the whole environment for You to proceed building complex API based on RAML/Laravel/JSON API, in particular: directories for modular app, Controllers/Middlewares/Models+Pivots to support full MVC, Routes (JSON API compatible) and even migrations to help You create RDBMS structure.
raml/articles.raml
- raml file in raml directory in the root of Your project,
which should be prepared before or You may wish to just try by copying an example from tests/functional/tests/articles.raml
Options:
--migrations
is an option to create migrations (create_entityName_table) for every entity + pivots if there are ManyToMany relationships.
--regenerate
use this if You need to rewrite all files generated previously.
By default generated files preserved to prevent overwriting of added/modified content.
The output will look something like this:
Created : /srv/rjapi-laravel/Modules/V1/start.php
Created : /srv/rjapi-laravel/Modules/V1/Http/routes.php
Created : /srv/rjapi-laravel/Modules/V1/module.json
Created : /srv/rjapi-laravel/Modules/V1/Resources/views/index.blade.php
Created : /srv/rjapi-laravel/Modules/V1/Resources/views/layouts/master.blade.php
Created : /srv/rjapi-laravel/Modules/V1/Config/config.php
Created : /srv/rjapi-laravel/Modules/V1/composer.json
Created : /srv/rjapi-laravel/Modules/V1/Database/Seeders/V1DatabaseSeeder.php
Created : /srv/rjapi-laravel/Modules/V1/Providers/V1ServiceProvider.php
Created : /srv/rjapi-laravel/Modules/V1/Http/Controllers/V1Controller.php
Module [V1] created successfully.
Module [V1] used successfully.
This is done (behind the scene) by wonderful package laravel-modules, many thx to nWidart https://github.com/nWidart/laravel-modules
And RAML-types based generated files:
================ Tag Entities
Modules/V1/Http/Controllers/DefaultController.php created
Modules/V1/Http/Controllers/TagController.php created
Modules/V1/Http/Middleware/TagMiddleware.php created
Modules/V1/Entities/TagArticle.php created
Modules/V1/Entities/Tag.php created
Modules/V1/Http/routes.php created
Modules/V1/Database/Migrations/11_01_2017_145028_create_tag_table.php created
Modules/V1/Database/Migrations/11_01_2017_145011_create_tag_article_table.php created
================ Article Entities
Modules/V1/Http/Controllers/ArticleController.php created
Modules/V1/Http/Middleware/ArticleMiddleware.php created
Modules/V1/Entities/Article.php created
Modules/V1/Database/Migrations/11_01_2017_145023_create_article_table.php created
================ Topic Entities
Modules/V1/Http/Controllers/TopicController.php created
Modules/V1/Http/Middleware/TopicMiddleware.php created
Modules/V1/Entities/Topic.php created
Modules/V1/Database/Migrations/11_01_2017_145036_create_topic_table.php created
...
The version
root property !required
version: v1
converts to /Modules/V1/
directory.
Types ID, Type, DataObject/DataArray
are special helper types - !required
ID:
type: integer
required: true
# it will be BIGINT UNSIGNED in migration Schema if maximum > 10
maximum: 20
Type:
type: string
required: true
minLength: 1
maxLength: 255
DataObject:
type: object
required: true
DataArray:
type: array
required: true
Special data type RelationshipsDataItem
- !required
RelationshipsDataItem:
type: object
properties:
id: ID
type: Type
defined in every relationship custom type
Attributes *Attributes
are defined for every custom Object ex.:
ArticleAttributes:
description: Article attributes description
type: object
properties:
title:
required: true
type: string
minLength: 16
maxLength: 256
description:
required: true
type: string
minLength: 32
maxLength: 1024
url:
required: false
type: string
minLength: 16
maxLength: 255
show_in_top:
description: Show at the top of main page
required: false
type: boolean
status:
description: The state of an article
enum: ["draft", "published", "postponed", "archived"]
topic_id:
description: ManyToOne Topic relationship
required: true
type: integer
minimum: 1
maximum: 6
rate:
type: number
minimum: 3
maximum: 9
format: double
Relationships custom type definition semantics *Relationships
TagRelationships:
description: Tag relationship description
type: object
properties:
data:
type: DataArray
items:
type: RelationshipsDataItem
Complete composite Object looks like this:
Article:
type: object
properties:
type: Type
id: ID
attributes: ArticleAttributes
relationships:
type: TagRelationships[] | TopicRelationships
That is all that PHP-code generator needs to provide code structure that just works out-fo-the-box within Laravel framework, where may any business logic be applied.
To use multiple files processing add (as root element):
uses:
topics: raml/topic.raml
otherfile: raml/otherFile.raml
yetanother: raml/yetanother.raml
all files will be generated as if they were one composite object. The thing to note here, is that RAML-spec requires to include all header info and dependent types into those included. You can see warning details in Atom IDE with Workbench API plugin, or any other RAML analysing tools.
To set default values for GET query parameters - set QueryParams like this:
QueryParams:
type: object
properties:
page:
type: integer
required: false
default: 10
description: page number
limit:
type: integer
required: false
default: 15
description: elements per page
sort:
type: string
required: false
pattern: "asc|desc"
default: "desc"
access_token:
type: string
required: true
example: db7329d5a3f381875ea6ce7e28fe1ea536d0acaf
description: sha1 example
default: db7329d5a3f381875ea6ce7e28fe1ea536d0acaf
it will be used on requests similar to: http://example.com/v1/article?include=tag
where no params were passed.
Complete directory structure after generator will end up it`s work will be like:
Modules/{ModuleName}/Http/Controllers/ - contains controllers that extends the DefaultController (descendant of Laravel's Controller)
Modules/{ModuleName}/Http/Middleware/ - contains forms that extends the BaseFormRequest (descendant of Laravel's FormRequest) and validates input attributes (that were previously defined as *Attributes in RAML)
Modules/{ModuleName}/Entities/ - contains mappers that extends the BaseModel (descendant of Laravel's Model) and maps attributes to RDBMS
Modules/{ModuleName}/Http/routes.php - contains routings pointing to controllers with JSON API protocol support
Modules/{ModuleName}/Database/Migrations/ - contains migrations created with option --migrations
DefaultController example:
<?php
namespace Modules\V1\Http\Controllers;
class ArticleController extends DefaultController
{
}
By default every controller works with any of GET - index/view, POST - create, PATCH - update, DELETE - delete methods. So You don't need to implement anything special here.
Validation BaseFormRequest example:
<?php
namespace Modules\V1\Http\Middleware;
use rjapi\extension\BaseFormRequest;
class ArticleMiddleware extends BaseFormRequest
{
public $id = null;
// Attributes
public $title = null;
public $description = null;
public $url = null;
public $show_in_top = null;
public $status = null;
public $topic_id = null;
public function authorize(): bool {
return true;
}
public function rules(): array {
return [
"title" => "required|string|min:16|max:256",
"description" => "required|string|min:32|max:1024",
"url" => "string|min:16|max:255",
// Show at the top of main page
"show_in_top" => "boolean",
// The state of an article
"status" => "in:draft,published,postponed,archived",
// ManyToOne Topic relationship
"topic_id" => "required|integer|min:1|max:9",
];
}
public function relations(): array {
return [
"tag",
"topic",
];
}
}
BaseModel example:
<?php
namespace Modules\V1\Entities;
use rjapi\extension\BaseModel;
class Article extends BaseModel
{
protected $primaryKey = "id";
protected $table = "article";
public $timestamps = false;
public function tag() {
return $this->belongsToMany(Tag::class, 'tag_article');
}
public function topic() {
return $this->belongsTo(Topic::class);
}
}
Routes will be created in /Modules/{ModuleName}/Http/routes.php
file, for every entity defined in raml:
Route::group(['prefix' => 'v1', 'namespace' => 'Modules\\V1\\Http\\Controllers'], function()
{
Route::get('/article', 'ArticleController@index');
Route::get('/article/{id}', 'ArticleController@view');
Route::post('/article', 'ArticleController@create');
Route::patch('/article/{id}', 'ArticleController@update');
Route::delete('/article/{id}', 'ArticleController@delete');
// relation routes
Route::get('/article/{id}/relationships/{relations}', 'ArticleController@relations');
Route::post('/article/{id}/relationships/{relations}', 'ArticleController@createRelations');
Route::patch('/article/{id}/relationships/{relations}', 'ArticleController@updateRelations');
Route::delete('/article/{id}/relationships/{relations}', 'ArticleController@deleteRelations');
});
Generated migrations will look like standard migrations in Laravel:
<?php
use Illuminate\Support\Facades\Schema;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;
class CreateArticleTable extends Migration
{
public function up()
{
Schema::create('article', function(Blueprint $table) {
$table->bigIncrements('id');
$table->string('title', 256);
$table->string('description', 1024);
$table->string('url', 255);
// Show at the top of main page
$table->unsignedTinyInteger('show_in_top');
$table->enum('status', ["draft","published","postponed","archived"]);
// ManyToOne Topic relationship
$table->unsignedMediumInteger('topic_id');
$table->double('rate', 9, 3);
$table->date('date_posted');
$table->time('time_to_live');
$table->timestamps();
});
}
public function down()
{
Schema::dropIfExists('article');
}
}
Note, that U have an ability to make any ranges for varchar, integer, double types through minLength/maxLength and minimum/maximum respectively.
All migrations for specific module will be placed in Modules/{ModuleName}/Database/Migrations/
To execute them all - run: php artisan module:migrate
Also worth to mention - Laravel uses table_id convention to link tables via foreign key.
So U can either follow the default - add to RAML an id that matches to the table name
(just like in example: topic_id
-> in article table for topic table id
, see ArticleAttributes
in RAML Types and Declarations)
or make Your own foreign key and add it to hasMany/belongsTo -> $foreignKey
parameter in generated BaseModel entity.
To let generator know about what a particular relationship to apply (ex.: ManyToMany, OneToMany, OneToOne)
set the relationships
property in an Entity like so - for ex. let's see how to set ManyToOne relationship between Article and Tag entities.
Define Article with relationships like:
relationships:
type: TagRelationships[]
and Tag with relationships like:
relationships:
type: ArticleRelationships
This way You telling to generator: "make the relation between Article and Tag OneToMany from Article to Tag"
The idea works with any relationship You need - ex. ManyToMany: TagRelationships[] -> ArticleRelationships[]
,
OneToOne: TagRelationships -> ArticleRelationships
You can also bind several relationships to one entity, for instance - You have an Article entity that must be bound to TagRelationships and TopicRelationships, this can be done similar to:
relationships:
type: TagRelationships[] | TopicRelationships
or vise versa
relationships:
type: TopicRelationships | TagRelationships[]
Generator will independently detect all relationships between entities.
You may want to use additional query parameters to fetch includes and/or pagination, for instance:
http://example.com/v1/article?include=tag&page=2&limit=10&sort=asc
You may not wish to drag all the attributes/fields:
http://example.com/v1/article/1?include=tag&data=["title", "description"]
Note: data array items MUST be set in double quotes.
or You may want to ORDER BY several columns in different directions:
http://example.com/v1/article/1?include=tag&order_by={"title":"asc", "created_at":"desc"}
Also, You have an ability to filter results this way:
http://example.com/v1/article?include=tag&filter=[["updated_at", ">", "2017-01-03 12:13:13"], ["updated_at", "<", "2017-01-03 12:13:15"]]
those arrays will be put to Laravel where clause and accordingly protected by param bindings.
The dynamic module name similar to: v1, v2 - will be taken on runtime
as the last element of the array in config/module.php
file,
if You, by strange circumstances, want to use one of the previous modules,
just set one of previously registered modules as the last element of an array.
An example of auto-generated config/module.php
:
<?php
return [
'modules'=> [
'v1',
]
];
To get configuration parameters at runtime generator will create content
in Modules/{ModuleName}/Config/config.php
file:
<?php
return [
'name'=>'V1',
'query_params'=> [
// default settings
'limit' => 15,
'sort' => 'desc',
// access token to check via global middleware
'access_token' => 'db7329d5a3f381875ea6ce7e28fe1ea536d0acaf',
],
];
In QueryParams
RAML types You can declare the access_token
property, that will be placed to Modules/{ModuleName}/Config/config.php
.
Generator will create app/Http/Middleware/ApiAccessToken.php
global middleware.
To activate this check on every request - add ApiAccessToken middleware to app/Http/Middleware/Kernel.php
, ex.:
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\App\Http\Middleware\ApiAccessToken::class,
];
Generated configuration part:
'query_params'=> [
'limit' => 15,
'sort' => 'desc',
'access_token' => 'db7329d5a3f381875ea6ce7e28fe1ea536d0acaf',
],
To support a JWT check, You need to add to any users, employees,
customers like table the jwt
and password
RAML properties:
password:
description: user password to refresh JWT (encrypted with password_hash)
required: true
type: string
maxLength: 255
jwt:
description: Special field to run JWT Auth via requests
required: true
type: string
minLength: 256
maxLength: 512
default: ' '
The maxLength
parameter is important, because of varchar-type sql field will be created with length 512.
The default
value should be equal precisely ' ' - empty string with space.
JWT specific configuration will be appended by generator in Modules/{ModuleName}/Config/config.php
:
'jwt'=> [
'enabled' => true,
'table' => 'user',
'activate' => 30,
'expires' => 3600,
],
As for any standard Laravel middleware register it in app/Http/Kernel.php
:
/**
* The application's route middleware.
*
* These middleware may be assigned to groups or used individually.
*
* @var array
*/
protected $routeMiddleware = [
'jwt' => \rjapi\extension\BaseJwt::class,
And just use this middleware in any requests U need defining
it in Modules/{ModuleName}/Http/routes.php
, ex:
To declare JWT check only for one specific route:
Route::get('/article', 'ArticleController@index')->middleware('jwt');
To declare JWT check for routes group:
Route::group(['middleware' => 'jwt',
JWT will be created on POST and updated on PATCH request to the entity You've been created,
for instance, if You send POST request to http://example.com/v1/user
with the following content:
{
"data": {
"type":"user",
"attributes": {
"first_name":"Alice",
"last_name":"Hacker",
"password":"my123Password"
}
}
}
Response will be similar to:
{
"data": {
"type": "user",
"id": "7",
"attributes": {
"first_name": "Alice",
"last_name": "Hacker",
"password": null,
"jwt": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImp0aSI6IjU4ODljOGY2NzE3YjIifQ.eyJpc3MiOiJsYXJhdmVsLmxvYyIsImF1ZCI6ImxhcmF2ZWwubG9jIiwianRpIjoiNTg4OWM4ZjY3MTdiMiIsImlhdCI6MTQ4NTQyNDg4NiwibmJmIjoxNDg1NDI0OTE2LCJleHAiOjE0ODU0Mjg0ODYsInVpZCI6N30.JnC7OhlUIBoMTlu617q0q2nCQ4SqKh19bXtiHfBeg9o",
"attributes": null,
"request": null,
"query": null,
"server": null,
"files": null,
"cookies": null,
"headers": null
},
"links": {
"self": "laravel.loc/user/7"
}
}
}
Note if JWT enabled=true
, password will be hashed with password_hash
and saved to password field internally.
Do not bother with "password": null,
attribute it is unset before output for safety.
You can add additional checks on password or other fields ex.: length, strength etc in Model on befor/afterSave events.
An example for JWT refresh - http://example.com/v1/user/4
:
{
"data": {
"type":"user",
"attributes": {
"password":"myPassword123",
"jwt":true
}
}
}
Note that password and jwt set to true are required.
Response:
{
"data": {
"type": "user",
"id": "4",
"attributes": {
"first_name": "Alice",
"last_name": "Hacker",
"jwt": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImp0aSI6IjU4ODcwNGU1NTRjNzkifQ.eyJpc3MiOiJsYXJhdmVsLmxvYyIsImF1ZCI6ImxhcmF2ZWwubG9jIiwianRpIjoiNTg4NzA0ZTU1NGM3OSIsImlhdCI6MTQ4NTI0MzYyMSwibmJmIjoxNDg1MjQzNjUxLCJleHAiOjE0ODUyNDcyMjEsInVpZCI6NH0.GD96ewc1dhbpz9grNaE2070Qy30Mqkh3B0VpEb7h3mQ",
...
Regular request with JWT will look like:
http://example.com/v1/article?include=tag&jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiIsImp0aSI6IjU4ODVmYmM0NjUyN2MifQ.eyJpc3MiOiJsYXJhdmVsLmxvYyIsImF1ZCI6ImxhcmF2ZWwubG9jIiwianRpIjoiNTg4NWZiYzQ2NTI3YyIsImlhdCI6MTQ4NTE3NTc0OCwibmJmIjoxNDg1MTc1ODA4LCJleHAiOjE0ODUxNzkzNDgsInVpZCI6M30.js5_Fe5tFDfeK88KJJpSEpVO6rYBOG0UFAaVvlYYxcw
The algorithm to sign the token is HS256, it can be changed in future releases with additional user-defined options to let developers choose another. However, HMAC SHA-256 is the most popular these days.
If you are willing to disable json api specification mappings into Laravel application (for instance - You need to generate MVC-structure into laravel-module and make Your own json schema, or any other output format), just set $jsonApi
property in DefaultController to false:
<?php
namespace Modules\V1\Http\Controllers;
use rjapi\extension\BaseController;
class DefaultController extends BaseController
{
protected $jsonApi = false;
}
As this class inherited by all Controllers - You don't have to add this property in every Controller class. By default JSON API is turned on.
HTTP request/response examples can be found on WiKi page - https://github.com/RJAPI/raml-json-api/wiki
Laravel project example with generated files can be found here - https://github.com/RJAPI/rjapi-laravel
To get deep-into RAML
specification - https://github.com/raml-org/raml-spec/blob/master/versions/raml-10/raml-10.md/
To get deep-into JSON-API
specification - http://jsonapi.org/format/
JSON-API support is provided, particularly for output, by Fractal package - http://fractal.thephpleague.com/
Happy coding ;-)