Chapters
37 Chapters
|
3:43:31
|
Login to bookmark this video
-
Course Code
Subscribe to download the code!
Subscribe to download the code!
-
This Video
Subscribe to download the video!
Subscribe to download the video!
-
Subtitles
Subscribe to download the subtitles!
Subscribe to download the subtitles!
-
Course Script
Subscribe to download the script!
Subscribe to download the script!
Scroll down to the script below, click on any sentence (including terminal blocks) to jump to that spot in the video!
Subscribe to jump to this part in the video!
Keep on Learning!
If you liked what you've learned so far, dive in! Subscribe to get access to this tutorial plus video, code and script downloads.
What PHP libraries does this tutorial use?
// composer.json
{
"require": {
"php": ">=8.2",
"ext-ctype": "*",
"ext-iconv": "*",
"api-platform/core": "^3.0", // v3.1.2
"doctrine/annotations": "^2.0", // 2.0.1
"doctrine/doctrine-bundle": "^2.8", // 2.8.3
"doctrine/doctrine-migrations-bundle": "^3.2", // 3.2.2
"doctrine/orm": "^2.14", // 2.14.1
"nelmio/cors-bundle": "^2.2", // 2.2.0
"nesbot/carbon": "^2.64", // 2.66.0
"phpdocumentor/reflection-docblock": "^5.3", // 5.3.0
"phpstan/phpdoc-parser": "^1.15", // 1.16.1
"symfony/asset": "6.2.*", // v6.2.5
"symfony/console": "6.2.*", // v6.2.5
"symfony/dotenv": "6.2.*", // v6.2.5
"symfony/expression-language": "6.2.*", // v6.2.5
"symfony/flex": "^2", // v2.2.4
"symfony/framework-bundle": "6.2.*", // v6.2.5
"symfony/property-access": "6.2.*", // v6.2.5
"symfony/property-info": "6.2.*", // v6.2.5
"symfony/runtime": "6.2.*", // v6.2.5
"symfony/security-bundle": "6.2.*", // v6.2.6
"symfony/serializer": "6.2.*", // v6.2.5
"symfony/twig-bundle": "6.2.*", // v6.2.5
"symfony/ux-react": "^2.6", // v2.7.1
"symfony/ux-vue": "^2.7", // v2.7.1
"symfony/validator": "6.2.*", // v6.2.5
"symfony/webpack-encore-bundle": "^1.16", // v1.16.1
"symfony/yaml": "6.2.*" // v6.2.5
},
"require-dev": {
"doctrine/doctrine-fixtures-bundle": "^3.4", // 3.4.2
"mtdowling/jmespath.php": "^2.6", // 2.6.1
"phpunit/phpunit": "^9.5", // 9.6.3
"symfony/browser-kit": "6.2.*", // v6.2.5
"symfony/css-selector": "6.2.*", // v6.2.5
"symfony/debug-bundle": "6.2.*", // v6.2.5
"symfony/maker-bundle": "^1.48", // v1.48.0
"symfony/monolog-bundle": "^3.0", // v3.8.0
"symfony/phpunit-bridge": "^6.2", // v6.2.5
"symfony/stopwatch": "6.2.*", // v6.2.5
"symfony/web-profiler-bundle": "6.2.*", // v6.2.5
"zenstruck/browser": "^1.2", // v1.2.0
"zenstruck/foundry": "^1.26" // v1.28.0
}
}
18 Comments
Hi ! when I use the process method I need to return the result of the process method of the decorated class. else my POST call return an empty string.
Hey @Hugues!
Hmm, interesting! Let's think about this. If you don't return something from your processor, then API Platform will ultimately serialize the
$dataargument that you passed in. In your case, unless something else is going on, the inner processor, after saving, returns$dataright back to you. So... there shouldn't be any difference: if you return nothing, then$data(your entity) is serialized. But by returning$this->innerProcessor->process()... that should result in returning the same object! If you dump$dataand$this->innerProcessor->process(), they must be different. Are they? If so, what are the differences? I would be interested to know - it smells like a mystery :).Cheers!
Hi @weaverryan,
Thank you for your answer !
You're totally right
$dataand$this->innerProcessor->process()return the same entity.I use Symfony 6.4 with api-platform/core v3.2.7.
If I debug my
UserHashPasswordProcessormethod I have this call stack :if I've not returned anything from my processor
$datawill be null in the process method of SerializeProcessor.perhaps the code has changed in the meantime?
have a good weekend and I hope the conferences in Brussels were fascinating...
Hey @Hugues!
Hmm, indeed! The
WriteProcessorstuff is new in API Platform 3.2... and while its addition shouldn't have changed anything, by looking at your debugging, it seems like you're right. If you don't return anything, nothing gets serialized. Well, actually, this is likely because you're using the new "mode" of API Platform without event listeners - https://api-platform.com/docs/core/upgrade-guide/#event-listeners - I'm guessing the "old" mode still works. But really, returning something from your processor is more correct anyway. I'll add a note to the tutorial to help others.It was GREAT. Many friends, many great conversations and ideas. Excited about the future :)
Cheers!
Hi @weaverryan,
I suspect a regression in API Platform 3.3.
If I run the tests in the "finish" folder after upgrading Symfony to 6.4 and API Platform to 3.3, then the
patch()calls returnnullagain.If I revert only API Platform to 3.2 and keep Symfony to 6.4, the tests pass flawlessly.
In 3.2,
event_listeners_backward_compatibility_layer: falsebreaks the tests, while when set totruethey pass.In 3.3, either value breaks the tests, so I guess the issue comes from somewhere else.
1) App\Tests\Functional\DragonTreasureResourceTest::testPostToCreateTreasure<br />Expected "(null)" to be the same as "A shiny thing".2) App\Tests\Functional\DragonTreasureResourceTest::testPatchToUpdateTreasure<br />Expected "(null)" to be the same as "12345".... 3 more errors like these. Do you have any suggestion to debug the source of the issue ? Thanks!
EDIT : fixed
The issue was that I added the return of
$this->innerProcessor->process()only to one of the twoStateProcessors, adding thereturnto all of them, changing the method return type tomixedsolves the bug.event_listeners_backward_compatibility_layeris not concerned.Does it really make sense to set up decoration for the UserHashPasswordProcessor via #[AsDecorator()]? As I understand it the decorating service is then involved in every call of the PersistProcessor?
In the API Platform docs they use a "bind" in the services to bind the $persistProcessor as an argument to the "UserPasswordHasher".
This way I guess it is only decorating the service when it is used (e.g. defining the "processor" on operation level)...
Hey @Tobias-B!
Your thinking on this is absolutely correct. For me, it was a trade-off between complexity (the API Platform official way is more complex) vs potential performance problems. So, the final decision is subjective, but since
PersistProcessoris only called during POST/PUT/PATCH operations and it will only be called once (I would be more concerned ifPersistProessorwere called many times during a single request) and the logic inside ofUserHashPasswordProcessoris really simple in those cases (if notUser, it exits immediately), I think the performance issue is non-material. So, I went for simplicity :). But I think the other approach is 110% valid - so you can choose your favorite.Cheers!
I'm building this tutorial not in the project but in a custom bundle.
Since it took me some time to find the solution for my case, I'd like to post it here for others that might struggle with that.
I did NOT set the
#[AsDecorator(PersistProcessor::class)]attribute inUserHashPasswordProcessorIn the User Entity I added
processor: UserHashPasswordProcessor::classto Put, Post and Patch.Example:
In the bundles services.xml I added:
Since this Processor is called from the
UserEntity now, I also modified theprocessmethod inUserHashPasswordProcessora litte:If this isn't smart, please correct me :-)
Is there a way to process additional fields from the request?
For example, for the registration, I send,
email,passwordandfirstname.emailandpasswordgoes to theUserentity and thefirstnamein theProfileentity (that's created in aStateProcessor, but there, I don't have access to the original POST request/dataHey @Sebastian-K!
Hmmm. How have you set things up so that the "registration" endpoint has a
firstNamefield but withoutUserhaving afirstNameproperty? Usually I WOULD have this as a property onUser, or I might make a DTO for this specific operation if you've got things split up.But anyway, this is an interesting problem! The JSON is ready from the request and passed directly to the serializer here: https://github.com/api-platform/core/blob/main/src/Symfony/EventListener/DeserializeListener.php#L98-L101
The problem is that, if your "resource class" for this operation is
Userand it doesn't have afirstNameproperty, then that field from the JSON is simply ignored. I think the only way to get thefirstNamefield would be to grab the$request->getContent()andjson_decode()it manually. But... I really hope we can find a better way :).Cheers!
Hi @weaverryan,
When using your method of declaring the state processor on the post operation, I get an error :
Processor \"App\\State\\UserHashPasswordStateProcessor\" not found on operation \"_api_/users{._format}_post\"Don't know why it happens, I just figured out I'd let you know, and maybe you could help me understand
To solve the issue, I use the documentation's method, binding the persist processor to my own using the service.yaml config file, and it works fine.
https://api-platform.com/docs/core/user/
Hey @Frederic
How did you set up the
UserHashPasswordStateProcessor? What Ryan did was to decorate the main "persist" processor service, which would surprise me to throw an error. But anyway, the docs way seems better to me because you don't want to check the object's type every timeCheers!
I can't confirm I did exactly the same as Ryan, I followed the script (no video, because not paid membership (yet...)), maybe I missed something in the video that isn't shown in the script and I might also just have missed something obvious on my part.
I manage to make it work the Ryan's way. Don't know what went wrong the first time
But I noticed something else, I let the
dump('ALIVE')statement at the beginning of myprocess()method, and I discovered it behaves differently between both ways of wiring :using
AsDecorator,"ALIVE"gets dump to the console during test,using the service config file, it doesn't.
Everything else happens the same (post, patch, hash, persist)
I see, if it is working now it's very likely that you missed something.
The difference between the config file and using PHP attributes is that attributes are not environment-specific, they will work on any your app is running, but config files are bound to an environment (dev, test, prod). If you configure the decorator service in a
config/services_test.yamlfile, does it work?Cheers!
Hi Ryan,
Thnaks for your amazing work.
I follow exactly the tutorial.
When I use
#[AsDecorator('api_platform.doctrine.orm.state.persist_processor')]it's working.But if I try (as you wrote in the tip) with
I get an error when launching tests
Any Idea ? Thanks
Hey @Sylvain-B!
Hmm, yea, I think I know what's going on - and my tip was misleading! If you wanted to simply inject/autowire the
api_platform.doctrine.orm.state.persist_processorinto some other service, usingPersistProcessor::class(which is a service alias) would work great. But with decoration, it doesn't - and that's my fault. Explanation:api_platform.doctrine.orm.state.persist_processor. Other services specifically reference this id to have this service injected into them.api_platform.doctrine.orm.state.persist_processor, you effectively "replace" this service with your own. So anyone that was previously asking for this service id to be passed to them, will now be passed your service.PersistProcessor::class, you are decorating a service alias. So IF anyone asked forPersistProcessor::classto be passed to them, they would receive your service. But in reality, everyone asks forapi_platform.doctrine.orm.state.persist_processor... which remains the original, core service.Thanks for mentioning this - I wanted people to be aware of the new, shorter way of referencing the service - but in decoration, it's incorrect! I'm going to remove the note.
Cheers!
Hi team, my question is: if I use Symfony with Api Platform and Easy Admin, where I have to write "unified" logic to hash the password for both applications?
I think that in that case a listener/subscriber is better, right?
Hey @Fedale!
That's a great question. I can think of 2 options, and they're both totally fine imo:
persistEntity()in your controller. Duplication sounds lame... but password hashing logic is already SO simple (it's just 1 line basically) that you are not really duplicating much.Cheers!
"Houston: no signs of life"
Start the conversation!