README

一个具有受限访问权限的通用API，为第三方应用提供访问。

登录 /api/login/member 或 api/login/user

登录通过symfony guard 认证器与contao成员 tl_member 或用户 tl_user 结合进行。登录成功后，将返回一个短暂的令牌（默认：24小时），该令牌用于任何API，必须在请求头中提供 Authorization: Bearer {{token}};

# test login (with contao front end member)
curl --user username:password -H "Content-Type: application/json" -X POST http://domain.tld/api/login/member

# example response on success
{
    "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmXtZSI6ImRpZ2l0YWxlc0BoZWltcmljaA1oYW5ub3QuZGUiLCJpYXQiOjE1MzY4NTYwMDMsImV4cCI6MTUzNjk0MjQwM30.trp-1NgYgXGfHYdE3dlQ8awE8aXUWL-RfBQyfWm2Hz0"
}

# test login (with contao back end member)
curl --user username:password -H "Content-Type: application/json" -X POST http://domain.tld/api/login/user

# example response on success
{
    "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmXtZSI6ImRpZ2l0YWxlc0BoZWltcmljaA1oYW5ub3QuZGUiLCJpYXQiOjE1MzY4NTYwMDMsImV4cCI6MTUzNjk0MjQwM30.trp-1NgYgXGfHYdE3dlQ8awE8aXUWL-RfBQyfWm2Hz0"
}

使用自定义API密钥创建应用

访问您的contao后端 http://domain.tld/contao?do=api_apps 并创建您的第一个应用。可以限制成员或用户组的访问权限。管理员用户 tl_user 默认可以访问每个API。对于除了登录路由之外的所有请求，您必须提供生成的API key 作为 GET 参数。

资源 /api/resource/{resource_alias}

要添加您的自定义资源，只需在您的包或应用中添加一个服务在 services.yml

services:
	my.api.resource.my_resource:
		class: MyApi\Resource\MyResource
		arguments:
              - "my_resource"
		tags:
		- { name: huh.api.resource, alias: my_resource}

并在您的包或应用中注册您的资源配置 config.yml

huh:
  api:
    resources:
      - {name: my_resource, type: entity_resource, modelClass: "MyResourceModel", verboseName: my_resource}

要正确加载 config.yml，您的 Plugin 类必须实现接口 Contao\ManagerPlugin\Config\ExtensionPluginInterface

namespace MyApi\ContaoManager;

use Contao\ManagerPlugin\Config\ContainerBuilder;
use Contao\ManagerPlugin\Config\ExtensionPluginInterface;
use HeimrichHannot\UtilsBundle\Container\ContainerUtil;

class Plugin implements ExtensionPluginInterface
{

    /**
     * {@inheritdoc}
     */
    public function getExtensionConfig($extensionName, array $extensionConfigs, ContainerBuilder $container)
    {
        return ContainerUtil::mergeConfigFile(
            'huh_api',
            $extensionName,
            $extensionConfigs,
            __DIR__.'/../Resources/config/config.yml'
        );
    }

之后不要忘记清除symfony缓存！

现在您可以通过 /api/resource/my_resource 访问您的资源。

# test access to my_resource (provide your token from user or member login and your api key)
curl --header "Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VybmXtZSI6ImRpZ2l0YWxlc0BoZWltcmljaA1oYW5ub3QuZGUiLCJpYXQiOjE1MzY4NTYwMDMsImV4cCI6MTUzNjk0MjQwM30.trp-1NgYgXGfHYdE3dlQ8awE8aXUWL-RfBQyfWm2Hz0" -H "Content-Type: application/json" -X GET http://domain.tld/api/resource/my_resource?key=<api-key>

现在您可以通过相关的 HTTP方法 使用crud功能。

# test create() new resource
curl --header "Authorization: Bearer <login-token>" -H "Content-Type: application/json" -X POST -d "{"title":"My test title", "published":true}" http://domain.tld/api/resource/my_resource?key=<api-key>

# test update() existing resource
curl --header "Authorization: Bearer <login-token>" -H "Content-Type: application/json" -X PUT -d "{"title":"My new test title", "published":false}" http://domain.tld/api/resource/my_resource/23?key=<api-key>

# test list() all resources
curl --header "Authorization: Bearer <login-token>" -H "Content-Type: application/json" -X GET http://domain.tld/api/resource/my_resource?key=<api-key>

# test show() existing resource
curl --header "Authorization: Bearer <login-token>" -H "Content-Type: application/json" -X GET http://domain.tld/api/resource/my_resource/23?key=<api-key>

# test delete() existing resource
curl --header "Authorization: Bearer <login-token>" -H "Content-Type: application/json" -X DELETE http://domain.tld/api/resource/my_resource/23?key=<api-key>

可用资源

服务：huh.api.resource.member

一个骨架资源，提供与contao成员（tl_member）实体相关的简单crud功能