This video describes how individual middlewares fit together with sorting, weighting, and before and after handling.
- [Instructor] So let's make sure we understand…our constraints and concerns.…First, we need to keep the API credentials a secret.…So we need to remember what is secure and what is not.…The URL we request is not secure or secret.…Anything we put into the URL, such as credentials,…will be captured and stored by web servers,…proxies and cashing systems across the internet.…And even tools like Runscope or Postman,…will store them indefinitely.…In fact, once we put an API key in the URL,…we may copy and paste that into an email or slack channel,…without even thinking about it.…
Alternatively, everything in the header…is somewhat protected.…I don't mean they're encrypted or a complete secret,…but the headers are not captured and stored by default.…This isn't perfect,…but it's a heading in the right direction.…Next, we want to limit damage or separate concerns…in case the credentials are compromised.…As a result, we don't want to use…our account's username and password.…While that seems like an easy solution,…it's creating some unnecessary dependencies.…
Author
Released
10/10/2016This course begins with a simple application specification and builds it one step at a time. Each chapter includes a key concept, with examples from other public APIs, and then shows how to build it yourself with Slim. Learn about URL routing, validating input, and generating response codes and hypermedia payloads. Like any project, the first implementation may be a little messy but don't worry. The last chapter covers refactoring and what it takes to scale and support the API going forward.
- Understanding the project goals
- Setting up the database
- Adding authentication in Slim
- Using cross-framework and authentication middleware
- Creating a read-write API in Slim
- Uploading files via the API
- Adding file security
- Creating payloads and response codes in Slim
- Scaling your API
Skill Level Beginner
Duration
Views
Related Courses
-
PHP 7 New Features
with Kevin Skoglund1h 4m Intermediate -
PHP Date and Time Essential Training
with David Powers4h 31m Intermediate -
PHP: Managing Persistent Sessions
with David Powers2h 41m Intermediate
-
Introduction
-
Welcome49s
-
What you should know2m 5s
-
Useful tools for this course3m 45s
-
-
1. Project Explanation and Goals
-
The Request-Response Flow3m 44s
-
Setup the database1m 48s
-
2. Authentication Options and Tradeoffs
-
Cross framework middleware1m 32s
-
3. Create a Read-Write API
-
Create a read-write API4m 49s
-
Delete API3m 43s
-
-
4. File Uploads via API
-
File uploads via API1m 43s
-
Wire up the file move5m 35s
-
-
5. Scale Your API
-
Scale your API4m 12s
-
Manage complex API routes4m 13s
-
-
Conclusion
-
Next steps1m 46s
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: How authentication fits into our APIs