Chapters

27 Chapters | 2:54:11 |

01

API Platform Installation!

6:42
02

Our First ApiResource

5:37
03

Swagger: Instant, Interactive API Docs

8:32
04

OpenAPI Specification

6:32
05

JSON-LD: Context for your Data

10:30
06

Hydra: Describing API Classes, Operations & More

6:01
07

API Debugging with the Profiler

3:17
08

Operations

5:21
09

The Serializer

9:13
10

Serialization Groups

9:34
11

@SerializedName & Constructor Args

7:15
12

Filtering & Searching

6:02
13

PropertyFilter: Sparse Fieldsets

5:34
14

Pagination

4:34
15

More Formats: HAL & CSV

6:05
16

Validation

6:29
17

Creating the User Entity

5:07
18

User API Resource

7:20
19

Relating Resources

7:38
20

Relations and IRIs

4:39
21

Embedded Relation

7:54
22

Embedded Write

8:22
23

Adding Items to a Collection Property

4:38
24

Creating Embedded Objects

7:06
25

Removing Items from a Collection

5:29
26

Filtering on Relations

5:06
27

Subresources

3:36

This tutorial has a new version, check it out!

> Symfony 5 > API Platform 2 Part 1: Serious RESTful APIs

Buy Access to Course

18.

User API Resource

Autoplay

Keep on Learning!

If you liked what you've learned so far, dive in! Subscribe to get
access to this tutorial plus video, code and script downloads.

Start your All-Access Pass

Buy just this tutorial for $12.00

Previous Chapter

Next Chapter

With a Subscription, click any sentence in the script to jump to that part of the video!

I want to expose our new User entity as an API resource. And we know how to do that! Add... @ApiResource!

            Copy Code

                            Show All Lines

                        128 lines
            |
            src/Entity/User.php
        
                Show Lines

                                                    // ... lines 1 - 4
                            
            use ApiPlatform\Core\Annotation\ApiResource;
        
                Show Lines

                                                    // ... lines 6 - 8
                            
            /**
        
             * @ApiResource()
        
                Show Lines

                                                    // ... line 11
                            
             */
        
            class User implements UserInterface
        
                Show Lines

                                                    // ... lines 14 - 128

Just like that! Yes! Our API docs show one new resource with five new endpoints, or operations. And at the bottom, here's the new User model.

Hmm, but it's a bit strange: both the hashed password field and roles array are part of the API. Yea, we could create a new user right now and pass whatever roles we think that user should have! That might be ok for an admin user to be able to do, but not anyone. Let's take control of things.

UUID's?

Oh, one thing I want you to notice is that, so far, the primary key is always being used as the "id" in our API. This is something that's flexible in API Platform. In fact, instead of using an auto-increment id, one option is to use a UUID. We're not going to use them in this tutorial, but using a UUID as your identifier is something that's supported by Doctrine and API Platform. UUIDs work with any database, but they are stored more efficiently in PostgreSQL than MySQL, though we use some UUID's in MySQL in some parts of SymfonyCasts.

But... why am I telling you about UUID's? What's wrong with auto-increment ids? Nothing... but.... UUID's may help simplify your JavaScript code. Suppose we write some JavaScript to create a new CheeseListing. With auto-increment ids, the process looks like this: make a POST request to /api/cheeses, wait for the response, then read the @id off of the response and store it somewhere... because you'll usually need to know the id of each cheese listing. With UUID's, the process looks like this: generate a UUID in JavaScript - that's totally legal - send the POST request and... that's it! With UUID's, you don't need to wait for the AJAX call to finish so you can read the id: you created the UUID in JavaScript, so you already know it. That is why UUID's can often be really nice.

To make this all work, you'll need to configure your entity to use a UUID and add a setId() method so that it's possible for API Platform to set it. Or you can create the auto-increment id and add a separate UUID property. API Platform has an annotation to mark a field as the "identifier".

Normalization & Denormalization Groups

Anyways, let's take control of the serialization process so we can remove any weird fields - like having the encoded password be returned. We'll do the exact same thing we did in CheeseListing: add normalization and denormalization groups. Copy the two context lines, open up User and paste. I'm going to remove the swagger_definition_name part - we don't really need that. For normalization, use user:read and for denormalization, user:write.

            Copy Code

                            Show All Lines

                        135 lines
            |
            src/Entity/User.php
        
                Show Lines

                                                    // ... lines 1 - 9
                            
            /**
        
             * @ApiResource(
        
             *     normalizationContext={"groups"={"user:read"}},
        
             *     denormalizationContext={"groups"={"user:write"}},
        
             * )
        
                Show Lines

                                                    // ... line 15
                            
             */
        
            class User implements UserInterface
        
                Show Lines

                                                    // ... lines 18 - 135

We're following the same pattern we've been using. Now... let's think: what fields do we need to expose? For $email, add @Groups({}) with "user:read", "user:write": this is a readable and writable field. Copy that, paste above password and make it only user:write.

            Copy Code

                            Show All Lines

                        135 lines
            |
            src/Entity/User.php
        
                Show Lines

                                                    // ... lines 1 - 7
                            
            use Symfony\Component\Serializer\Annotation\Groups;
        
                Show Lines

                                                    // ... lines 9 - 16
                            
            class User implements UserInterface
        
            {
        
                Show Lines

                                                    // ... lines 19 - 25
                            
                /**
        
                Show Lines

                                                    // ... line 27
                            
                 * @Groups({"user:read", "user:write"})
        
                 */
        
                private $email;
        
                Show Lines

                                                    // ... lines 31 - 36
                            
                /**
        
                Show Lines

                                                    // ... lines 38 - 39
                            
                 * @Groups({"user:write"})
        
                 */
        
                private $password;
        
                Show Lines

                                                    // ... lines 43 - 133
                            
            }

This... doesn't really make sense yet. I mean, it's not readable anymore, which makes perfect sense. But this will eventually store the encoded password, which is not something that an API client will set directly. But... we're going to worry about all of that in our security tutorial. For now, because password is a required field in the database, let's temporarily make it writable so it doesn't get in our way.

Finally, make username readable and writable as well.

            Copy Code

                            Show All Lines

                        135 lines
            |
            src/Entity/User.php
        
                Show Lines

                                                    // ... lines 1 - 16
                            
            class User implements UserInterface
        
            {
        
                Show Lines

                                                    // ... lines 19 - 43
                            
                /**
        
                Show Lines

                                                    // ... line 45
                            
                 * @Groups({"user:read", "user:write"})
        
                 */
        
                private $username;
        
                Show Lines

                                                    // ... lines 49 - 133
                            
            }

Let's try it! Refresh the docs. Just like with CheeseListing we now have two models: we can read email and username and we can write email, password and username.

The only other thing we need to make this a fully functional API resource is validation. To start, both $email and $username need to be unique. At the top of the class, add @UniqueEntity() with fields={"username"}, and another @UniqueEntity() with fields={"email"}.

            Copy Code

                            Show All Lines

                        142 lines
            |
            src/Entity/User.php
        
                Show Lines

                                                    // ... lines 1 - 6
                            
            use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
        
                Show Lines

                                                    // ... lines 8 - 11
                            
            /**
        
                Show Lines

                                                    // ... lines 13 - 16
                            
             * @UniqueEntity(fields={"username"})
        
             * @UniqueEntity(fields={"email"})
        
                Show Lines

                                                    // ... line 19
                            
             */
        
            class User implements UserInterface
        
                Show Lines

                                                    // ... lines 22 - 142

Then, let's see, $email should be @Assert\NotBlank() and @Assert\Email(), and $username needs to be @Assert\NotBlank(). I won't worry about password yet, that needs to be properly fixed anyways in the security tutorial.

            Copy Code

                            Show All Lines

                        142 lines
            |
            src/Entity/User.php
        
                Show Lines

                                                    // ... lines 1 - 9
                            
            use Symfony\Component\Validator\Constraints as Assert;
        
                Show Lines

                                                    // ... lines 11 - 20
                            
            class User implements UserInterface
        
            {
        
                Show Lines

                                                    // ... lines 23 - 29
                            
                /**
        
                Show Lines

                                                    // ... lines 31 - 32
                            
                 * @Assert\NotBlank()
        
                 * @Assert\Email()
        
                 */
        
                private $email;
        
                Show Lines

                                                    // ... lines 37 - 49
                            
                /**
        
                Show Lines

                                                    // ... lines 51 - 52
                            
                 * @Assert\NotBlank()
        
                 */
        
                private $username;
        
                Show Lines

                                                    // ... lines 56 - 140
                            
            }

So, I think we're good! Refresh the documentation and let's start creating users! Click "Try it out". I'll use my real-life personal email address: cheeselover1@example.com. The password doesn't matter... and let's make the username match the email without the domain... so I don't confuse myself. Execute!

Woohoo! 201 success! Let's create one more user... just to have some better data to play with.

Failing Validation

Oh, and what if we send up empty JSON? Try that. Yea! 400 status code.

Ok... we're done! We have 1 new resource, five new operations, control over the input and output fields, validation, pagination and we could easily add filtering. Um... that's amazing! This is the power of API Platform. And as you get better and better at using it, you'll develop even faster.

But ultimately, we created the new User API resource not just because creating users is fun: we did it so we could relate each CheeseListing to the User that "owns" it. In an API, relations are a key concept. And you're going to love how they work in API Platform.

32 Comments

Sort By

bquarta 5 years ago

Hello everyone,
a quick "heads up" when you're using PostgreSQL. Since Ryan is talking about some benefits of using UUIDs you should mention that in Postgres "user" is a reserved word ;) ... If you don't want to run into an Error 500 when trying to create a User please add the following line to your Entity:
@Orm\Table("`user`")

This will escape the word in your SQL-Statements and you should be fine :)

best regards
Ben

3 | Reply |

erop bquarta 5 years ago

... or just @Orm\Table(name=“users”). I mostly like name table with plurals.

| Reply |

bquarta erop 5 years ago

Yeah, that would be even easier :D

| Reply |

Roozbeh S. 3 years ago

Hi Ryan,

I am a beginner and I have a question which may not be very relevant to this Tutorial, any help will be appreciated.

I have created a React Native application that has a login page!
A symfony project with a controller and a router to login page and a Database!
Also, an API platform(REST) with User and Person and Token Entities!
(In additions, the "User" Entity has a person_id and Token Entity has a user_id).

In the mobile page, If the User enters the correct email address and the password, the App will send a "POST" request to my Router defined inside the Controller and then the User will be navigated to the main page of the mobile application!
In the main page, when the user clicks on the "profile screen", I need to fetch the data from my API side!

So, Here is what becomes unclear to me!
1. Should my method be "GET" or "POST"?

2-How can I retrieve the User data by submitting a Bearer Authorization Token instead of adding an id to the Url.
Does API Platform support this?

With Regards
Roozbeh

| Reply |

weaverryan SFCASTS Roozbeh S. 3 years ago edited

Hi Roozbeh S. !

Nice to chat with you :). I do need to tell you that I don't have any practical experience with React Native apps, but I will do my best to answer your questions!

> 1. Should my method be "GET" or "POST"?

GET - because you are "fetching" user data.

> 2-How can I retrieve the User data by submitting a Bearer Authorization Token instead of adding an id to the Url.
> Does API Platform support this?

Good question. You have two options for this:

A) The more "pure" option would say that, when you log in, you should receive back some "user data"... most importantly the current user IRI. Then, you can store that in your app and whenever you need to fetch the user's data, you will know what URL to use (e.g. /api/users/5). You will, of course, still need to send the Authorization token. But the point is that the API won't use the token to *identify* the user (you are already telling it which user you want)... it will just be using it to make sure that this Bearer token has *access* to read that user's information.

B) It's also fairly common to make an endpoint like /api/me which you can use to request the "users information" that is related to the sent Token. In API Platform, you would probably implement this as a custom controller on your User resource. I think... I have not actually done that before... which is why I'm slightly guessing on the implementation :).

Cheers!

| Reply |

Roozbeh S. weaverryan 3 years ago

Yes! I have the IRI now!

You've explained it very clearly Ryan!
Thank you!

| Reply |

JavierMendezK 3 years ago

My schema shows correct on the User-user.read and User-user.write but on the POST operation, it is not showing "password" and it will not work unless I add the user:read group for password. Any ideas?
Using symfony 5.2

| Reply |

MolloKhan SFCASTS JavierMendezK 3 years ago edited

Hey JavierMendezK

That's a bit odd. I'd expect the password field to be present in the POST operation. Do you have a setter method for the password field? I think I'd need to see your entity code

Cheers!

| Reply |

JavierMendezK MolloKhan 3 years ago

namespace App\Entity;

use ApiPlatform\Core\Annotation\ApiFilter;
use ApiPlatform\Core\Annotation\ApiResource;
use ApiPlatform\Core\Serializer\Filter\PropertyFilter;
use App\Repository\UserRepository;
use Doctrine\Common\Collections\ArrayCollection;
use Doctrine\Common\Collections\Collection;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Serializer\Annotation\Groups;
use Symfony\Component\Validator\Constraints as Assert;

/**
* @ApiResource(
* attributes={"security"="is_granted('ROLE_USER')"},
* collectionOperations={
* "get",
* "post" = { "security" = "is_granted('IS_AUTHENTICATED_ANONYMOUSLY')" }
* },
* itemOperations={
* "get",
* "put" = { "security" = "is_granted('ROLE_USER') and object == user" },
* "delete" = { "security" = "is_granted('ROLE_ADMIN')" }
* },
* normalizationContext={"groups"={"user:read"}},
* denormalizationContext={"groups"={"user:write"}},
* )
* @ApiFilter(PropertyFilter::class)
* @UniqueEntity(fields={"username"})
* @UniqueEntity(fields={"email"})
* @ORM\Entity(repositoryClass=UserRepository::class)
*/
class User implements UserInterface
{
/**
* @ORM\Id
* @ORM\GeneratedValue
* @ORM\Column(type="integer")
*/
private $id;

/**
* @ORM\Column(type="string", length=180, unique=true)
* @Groups({"user:read", "user:write"})
* @Assert\NotBlank()
* @Assert\Email()
*/
private $email;

/**
* @ORM\Column(type="json")
*/
private $roles = [];

/**
* @var string The hashed password
* @ORM\Column(type="string")
*/
private $password;

/**
* @Groups({"user:write"})
*/
private $plainPassword;

/**
* @ORM\Column(type="string", length=255, unique=true)
* @Groups({"user:read", "user:write","computer_listing:item:get", "computer_listing:write"})
* @Assert\NotBlank()
*/
private $username;

// use orphanRemoval=true to remove the computers that have no owner
/**
* @ORM\OneToMany(targetEntity=ComputerListing::class, mappedBy="owner", cascade={"persist"})
* @Groups({"user:read","user:write"})
* @Assert\Valid()
*/
private $computerListings;

public function __construct()
{
$this->computerListings = new ArrayCollection();
}

public function getId(): ?int
{
return $this->id;
}

public function getEmail(): ?string
{
return $this->email;
}

public function setEmail(string $email): self
{
$this->email = $email;

return $this;
}

/**
* A visual identifier that represents this user.
*
* @see UserInterface
*/
public function getUsername(): string
{
return (string) $this->username;
}

/**
* @see UserInterface
*/
public function getRoles(): array
{
$roles = $this->roles;
// guarantee every user at least has ROLE_USER
$roles[] = 'ROLE_USER';

return array_unique($roles);
}

public function setRoles(array $roles): self
{
$this->roles = $roles;

return $this;
}

/**
* @see UserInterface
*/
public function getPassword(): string
{
return (string) $this->password;
}

public function setPassword(string $password): self
{
$this->password = $password;

return $this;
}

/**
* Returning a salt is only needed, if you are not using a modern
* hashing algorithm (e.g. bcrypt or sodium) in your security.yaml.
*
* @see UserInterface
*/
public function getSalt(): ?string
{
return null;
}

/**
* @see UserInterface
*/
public function eraseCredentials()
{
// If you store any temporary, sensitive data on the user, clear it here
$this->plainPassword = null;
}

public function setUsername(string $username): self
{
$this->username = $username;

return $this;
}

/**
* @return Collection|ComputerListing[]
*/
public function getComputerListings(): Collection
{
return $this->computerListings;
}

public function addComputerListing(ComputerListing $computerListing): self
{
if (!$this->computerListings->contains($computerListing)) {
$this->computerListings[] = $computerListing;
$computerListing->setOwner($this);
}

return $this;
}

public function removeComputerListing(ComputerListing $computerListing): self
{
if ($this->computerListings->removeElement($computerListing)) {
// set the owning side to null (unless already changed)
if ($computerListing->getOwner() === $this) {
$computerListing->setOwner(null);
}
}

return $this;
}

public function getPlainPassword(): ?string
{
return $this->plainPassword;
}

public function setPlainPassword(string $plainPassword): self
{
$this->plainPassword = $plainPassword;

return $this;
}

}

| Reply |

MolloKhan SFCASTS JavierMendezK 3 years ago edited

Hey Javier, sorry for my slow reply. The field password should not be shown on any operation because you don't have any serialization group for it, but the plainPassword field should be shown on POST operations due to the user:write group

| Reply |

TristanoMilano MolloKhan 3 years ago edited

I have got the same problem and my code is exactly the same as the example code as i followed the tutorial step by step.
To verify that i made no errors i then just copied from the codeblock in this chapter. The schemas for read and write are shown as intended in the part of the bottom of the swagger doc page:

ApiUser-user.write{
email*	string($email)
externalDocs: OrderedMap { "url": "http://schema.org/email" }
password	string

The hashed password
username*	string

But: above, under POST and PUT my password fild is missing, my example values are the following:

{
  "email": "user@example.com",
  "username": "string"

When i manually add the "password" : "some string" field and click on "execute", everything works as intended.

Even more interestingy, when i click on "schema" right next to "Example Value", is says:

ApiUser.jsonld-user.read{
email*	string($email)
externalDocs: OrderedMap { "url": "http://schema.org/email" }

Shouldn't it use the write model here?

| Reply |

weaverryan SFCASTS TristanoMilano 3 years ago edited

Hey Tristan P.!

Hmm. It's interesting that we now have two people with the same issue in a short period of time. And in fact (as you already noticed @Tristano! ) there is a third person with an issue that is suspiciously similar: https://symfonycasts.com/sc...

My gut is that there has been a change in API Platform that is causing this. And if so, I believe it is a bug. If you can open an issue and link me to it, I can help push that along.

Cheers!

| Reply |

Zaz weaverryan 3 years ago

Hi,
I have the same issue using symfony 5.3.1

| Reply |

weaverryan SFCASTS Zaz 3 years ago

Yup, there's an open issue about it - no fix proposed at the moment :/ https://github.com/api-plat...

| Reply |

miguelbarreiro85 weaverryan 3 years ago

UPDATE ERROR

| Reply |

miguelbarreiro85 weaverryan 3 years ago

I'm having the same problem here, I installed api platform by the official guide with docker, so the version is different the one you used for the tutorial, api platform 2.6 symfony 5.2

| Reply |

weaverryan SFCASTS miguelbarreiro85 3 years ago

Yea, it looks like there is a bug in 2.6.3 related to this - there are several open issues about it - it looks like you already found the main one ;) https://github.com/api-plat...

Cheers!

| Reply |

Covi A. weaverryan 3 years ago

Hey,
did you find the solution? if yes then please show us because i face exactly same problem.

| Reply |

Victor SFCASTS Covi A. 3 years ago

Hey Monoranjan,

Unfortunately, no official possible solution as I can see the main issue is still open: https://github.com/api-plat... - you probably may look over the thread to find possible workaround if any.

Cheers!

| Reply |

Thomas C. 4 years ago

Hello everyone,

when i post new user return error 500 with message "General error: 1364 Field 'roles' doesn't have a default value" but my code is the same as eample code. What is wrong?

| Reply |

MolloKhan SFCASTS Thomas C. 4 years ago edited

Hey Thomas C.

That's odd. Can you double-check that your roles property is initially set to an empty array?


// User.php

private $roles = [];

Cheers!

| Reply |

Thomas C. MolloKhan 4 years ago

Yes i have check this. To solve i have modify this in the db ALTER TABLE `user` CHANGE `roles` `roles` TEXT NULL.

My code was :
/*
*
* @ORM\Column(type="json")
*/
private $roles = [];

| Reply |

MolloKhan SFCASTS Thomas C. 4 years ago edited

Hmm, that's odd. If you persist an User with an empty array in its roles property, it should store a json like this <code[]` and that's not considered as empty for a Database

| Reply |

Ioan adrian S. 4 years ago edited

Hello,
It is possible to make a post request providing the primary key value too?
e.g.


{
  id: 1,
  name: "Szabo"
}

I ask because when I try to make the post I get
{
"code": 500,
"message": "Update is not allowed for this operation."
}

| Reply |

weaverryan SFCASTS Ioan adrian S. 4 years ago

Hey @Szabo!

This *should* be possible, but it would be a PUT request. It's an HTTP "spec" thing - if you're creating an object but *providing* the primary key, then the proper HTTP method is PUT. Try PUT and let me know if it works.

Cheers!

| Reply |

Joel D. 4 years ago

Hi everyone!
I thought everyting was undercontrole util I saw in my Mysql database two things:
- the password hasen't been hashed
- no role has been set too

And one question: is it normal that the id inserted has no change compare to an normal autoIncrement, what the difference of having the UUID orientation ? '

I post my new user thanks to the api_doc via the POST tab

thank you for any return which can light this up

| Reply |

MolloKhan SFCASTS Joel D. 4 years ago

Hey man,

Good observation. Hashing the password and adding roles is a job you have to do and has nothing to do with ApiPlatform. Ryan talks more about that in the next course: https://symfonycasts.com/sc...

About the id thing. How's your configuration? If you are using UUID's then it should be totally different than an auto-incremented id

Cheers!

| Reply |

Adam D. 4 years ago

I am sure I am doing something stupid, but I am getting this error when adding the groups annotation to the email property in the user entity...

[Semantical Error] The annotation "@Groups" in property App\Entity\User::$email was never imported. Did you maybe forget to add a "use" statement for this annotation?

Solution:

as per
https://api-platform.com/do...

# api/config/packages/framework.yaml
framework:
serializer: { enable_annotations: true }

#in your user entity
use Symfony\Component\Serializer\Annotation\Groups;

#and you will need this later...
use Symfony\Component\Validator\Constraints as Assert;

This had me stumped for awhile as it is not evident in the tutorial video... maybe a good idea to update this considering it is paid for (well I paid for it). Or it could be that I missed some kind of importation at the start of things...

| Reply |

weaverryan SFCASTS Adam D. 4 years ago edited

Hey Adam D.!

Good job finding the solution! Like all errors, it's a tough error the first time you see it - hopefully it won't be next time! Our code *does* have this use statement, but you're right that you don't see it in the video. The reason is that we *often* allow classes (or annotations) to auto-complete in PhpStorm. When we do this, it automatically adds the use statement needed on top (you need the php-annotations plugin installed for this to work with annotations). I try to mention that this is happening from time-to-time... but if I mention it *every* time, it gets laborious. It's a tricky balance :/. But now that you know it, I think you should be good. If you ever have some mysterious problem, you can also expand the full code block below the video and see *exactly* what our code looks like.

Cheers!

| Reply |

None N. 5 years ago

Hey, I get the error below when selecting Argon2i. How can I get around it? Running a mac with brew installed php.

Argon2i algorithm is not supported. Install the libsodium extension or use BCrypt instead.

| Reply |

sadikoff SFCASTS None N. 5 years ago edited

Hey @Codsworth

You can try pecl install libsodium just be sure that brew installed php is fully configured

Cheers

| Reply |

None N. sadikoff 5 years ago

Thanks Vladimir,

I'll give that a try!

| Reply |

This tutorial works great for Symfony 5 and API Platform 2.5/2.6.

Symfony 4 API Platform 2.4

What PHP libraries does this tutorial use?

// composer.json
{
    "require": {
        "php": "^7.1.3",
        "ext-ctype": "*",
        "ext-iconv": "*",
        "api-platform/core": "^2.1", // v2.4.3
        "composer/package-versions-deprecated": "^1.11", // 1.11.99
        "doctrine/annotations": "^1.0", // 1.10.2
        "doctrine/doctrine-bundle": "^1.6", // 1.11.2
        "doctrine/doctrine-migrations-bundle": "^2.0", // v2.0.0
        "doctrine/orm": "^2.4.5", // v2.7.2
        "nelmio/cors-bundle": "^1.5", // 1.5.5
        "nesbot/carbon": "^2.17", // 2.19.2
        "phpdocumentor/reflection-docblock": "^3.0 || ^4.0", // 4.3.1
        "symfony/asset": "4.2.*|4.3.*|4.4.*", // v4.3.11
        "symfony/console": "4.2.*", // v4.2.12
        "symfony/dotenv": "4.2.*", // v4.2.12
        "symfony/expression-language": "4.2.*|4.3.*|4.4.*", // v4.3.11
        "symfony/flex": "^1.1", // v1.21.6
        "symfony/framework-bundle": "4.2.*", // v4.2.12
        "symfony/security-bundle": "4.2.*|4.3.*", // v4.3.3
        "symfony/twig-bundle": "4.2.*|4.3.*", // v4.2.12
        "symfony/validator": "4.2.*|4.3.*", // v4.3.11
        "symfony/yaml": "4.2.*" // v4.2.12
    },
    "require-dev": {
        "symfony/maker-bundle": "^1.11", // v1.11.6
        "symfony/stopwatch": "4.2.*|4.3.*", // v4.2.9
        "symfony/web-profiler-bundle": "4.2.*|4.3.*" // v4.2.9
    }
}

Previous Chapter

Next Chapter

User API Resource

Share this awesome video!

Keep on Learning!

UUID's?

Normalization & Denormalization Groups

Failing Validation

32 Comments

Delete comment?

What PHP libraries does this tutorial use?

Show Lines	// ... lines 1 - 4
	use ApiPlatform\Core\Annotation\ApiResource;
Show Lines	// ... lines 6 - 8
	/**
	* @ApiResource()
Show Lines	// ... line 11
	*/
	class User implements UserInterface
Show Lines	// ... lines 14 - 128

Show Lines	// ... lines 1 - 9
	/**
	* @ApiResource(
	* normalizationContext={"groups"={"user:read"}},
	* denormalizationContext={"groups"={"user:write"}},
	* )
Show Lines	// ... line 15
	*/
	class User implements UserInterface
Show Lines	// ... lines 18 - 135

Show Lines	// ... lines 1 - 7
	use Symfony\Component\Serializer\Annotation\Groups;
Show Lines	// ... lines 9 - 16
	class User implements UserInterface
	{
Show Lines	// ... lines 19 - 25
	/**
Show Lines	// ... line 27
	* @Groups({"user:read", "user:write"})
	*/
	private $email;
Show Lines	// ... lines 31 - 36
	/**
Show Lines	// ... lines 38 - 39
	* @Groups({"user:write"})
	*/
	private $password;
Show Lines	// ... lines 43 - 133
	}

Show Lines	// ... lines 1 - 16
	class User implements UserInterface
	{
Show Lines	// ... lines 19 - 43
	/**
Show Lines	// ... line 45
	* @Groups({"user:read", "user:write"})
	*/
	private $username;
Show Lines	// ... lines 49 - 133
	}

Show Lines	// ... lines 1 - 6
	use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
Show Lines	// ... lines 8 - 11
	/**
Show Lines	// ... lines 13 - 16
	* @UniqueEntity(fields={"username"})
	* @UniqueEntity(fields={"email"})
Show Lines	// ... line 19
	*/
	class User implements UserInterface
Show Lines	// ... lines 22 - 142

Show Lines	// ... lines 1 - 9
	use Symfony\Component\Validator\Constraints as Assert;
Show Lines	// ... lines 11 - 20
	class User implements UserInterface
	{
Show Lines	// ... lines 23 - 29
	/**
Show Lines	// ... lines 31 - 32
	* @Assert\NotBlank()
	* @Assert\Email()
	*/
	private $email;
Show Lines	// ... lines 37 - 49
	/**
Show Lines	// ... lines 51 - 52
	* @Assert\NotBlank()
	*/
	private $username;
Show Lines	// ... lines 56 - 140
	}