参考文档:http://www.yiiframework.com/doc-2.0/guide-rest.html
以 DB 中的 news 表为例创建该资源的 RESTful API,最终的测试通过工具 POSTMAN 测试如下图;
通过 yii2 ,非常方便的创建 RESTful API
步骤:
- 准备工作,配置友好的 URLManager
- 创建News Model (via gii)
- 创建News Controller
- 测试用 POSTMAN 工具或者 CURL
- Restful Api 验证和授权
- 配置 friendly Url
参看另一篇文章 http://www.cnblogs.com/ganiks/p/yii2-config.html
'urlManager' => [
'enablePrettyUrl' => true,
'showScriptName' => false,
'enableStrictParsing' => true,
'rules' => [
'<controller:w+>/<id:d+>' => '<controller>/view',
'<controller:w+>/<action:w+>/<id:d+>' => '<controller>/<action>',
'<controller:w+>/<action:w+>' => '<controller>/<action>',
['class' => 'yii
estUrlRule', 'controller' => ['user', 'news']],
],
]
原创文章,转载请注明 http://www.cnblogs.com/ganiks/
.htaccess 不要遗漏
更新20140731:特别说明, 上面的
rules配置有误, 用于yii1.x版本中的rules(前三行)在这个地方时多余的,而且引起了一个很严重的 bug
参看另一篇随笔 http://www.cnblogs.com/ganiks/p/yii2-RESTful-API-405-Method-Not-Allowed.html
- 创建 News Model
- 创建 News Controller
<?php
namespace appcontrollers;
use yii
estActiveController;
class NewsController extends ActiveController
{
public $modelClass = 'appmodelsNews';
}
- 测试
用Chrome工具 POSTMAN 测试
GET /news: list all news page by page;
HEAD /news: show the overview information of new listing;
POST /news: create a new new;
GET /news/123: return the details of the new 123;
HEAD /news/123: show the overview information of new 123;
PATCH /news/123 and PUT /news/123: update the new 123;
DELETE /news/123: delete the new 123;
OPTIONS /news: show the supported verbs regarding endpoint /news;
OPTIONS /news/123: show the supported verbs regarding endpoint /news/123.
遗留问题: 如何用 POSTMAN 工具测试 PUT 方法?
用 CURL 命令行测试
GET 方法
E:>curl http://192.168.4.126/news/126
{
"array": {
"type": "yii\web\UnauthorizedHttpException",
"name": "Unauthorized",
"message": "You are requesting with an invalid access token.",
"code": 0,
"status": 401
}
}
授权访问
E:>curl http://192.168.4.126/news/126?access-token=100-token
{
"array": {
"id": "126",
"image": "201_img.jpg",
"link": "http:\/\/www.surveymonkey.com\/s\/HZYZ3ZZ",
"show_date": "2012-05-15",
"state": 1,
"show_order": 18
}
}
PUT 方法
E:>curl -X PUT -d image="test_method_put" http://192.168.4.126/news/126
{
"array": {
"type": "yii\web\UnauthorizedHttpException",
"name": "Unauthorized",
"message": "You are requesting with an invalid access token.",
"code": 0,
"status": 401
}
}
E:>curl -X PUT -d image="test_method_put" http://192.168.4.126/news/126?access-token=100-token
{
"array": {
"id": "126",
"image": "test_method_put",
"link": "http:\/\/www.surveymonkey.com\/s\/HZYZ3ZZ",
"show_date": "2012-05-15",
"state": 1,
"show_order": 18
}
}
E:>curl http://192.168.4.126/news/126?access-token=100-token
{
"array": {
"id": "126",
"image": "test_method_put",
"link": "http:\/\/www.surveymonkey.com\/s\/HZYZ3ZZ",
"show_date": "2012-05-15",
"state": 1,
"show_order": 18
}
}
DELETE 方法
E:>curl -X DELETE http://192.168.4.126/news/126?access-token=100-token
E:>curl http://192.168.4.126/news/126?access-token=100-token
{
"array": {
"type": "yii\web\NotFoundHttpException",
"name": "Not Found",
"message": "Object not found: 126",
"code": 0,
"status": 404
}
}
POST 方法
E:>curl -X POST -d image="test_method_post" http://192.168.4.126/news?access-token=100-token
{
"array": {
"image": "test_method_post",
"id": "165"
}
}
E:>curl http://192.168.4.126/news/165?access-token=100-token
{
"array": {
"id": "165",
"image": "test_method_post",
"link": "",
"show_date": "0000-00-00",
"state": 1,
"show_order": 0
}
}
其他方法
E:>curl -X OPTIONS http://192.168.4.126/news/165?access-token=100-token
E:>curl -X OPTIONS http://192.168.4.126/news?access-token=100-token
E:>curl -X HEAD http://192.168.4.126/news?access-token=100-token
E:>curl -i http://192.168.4.126/news/165?access-token=100-token
HTTP/1.1 200 OK
Date: Thu, 31 Jul 2014 06:37:40 GMT
Server: Apache/2.2.9 (Win32) PHP/5.4.30 mod_fcgid/2.3.6
X-Powered-By: PHP/5.4.30
Content-Length: 99
Content-Type: application/json; charset=UTF-8
{"id":"165","image":"test_method_post","link":"","show_date":"0000-00-00","state":1,"show_order":0}
E:>
- Restful Api 验证和授权
首先参看我的另一篇译文 http://www.cnblogs.com/ganiks/p/Yii2-RESTful-Authentication-and-Authorization.html
官方文档中介绍了3种发送 access-token 的方法, 方便测试的有 http basic Auth 以及 Query parameter 两种
这里简单介绍下配置的流程:
- config/web.php 设置
enableSession
'user' => [
'identityClass' => 'appmodelsUser',
'enableAutoLogin' => true,
'enableSession' => false,
]
- controllers/news.php
use yiifiltersauthHttpBasicAuth;
use yiihelpersArrayHelper;
use yiifiltersauthCompositeAuth;
use yiifiltersauthHttpBearerAuth;
use yiifiltersauthQueryParamAuth;
public function behaviors()
{
return ArrayHelper::merge(parent::behaviors(), [
'authenticator' => [
#这个地方使用`ComopositeAuth` 混合认证
'class' => CompositeAuth::className(),
#`authMethods` 中的每一个元素都应该是 一种 认证方式的类或者一个 配置数组
'authMethods' => [
HttpBasicAuth::className(),
HttpBearerAuth::className(),
QueryParamAuth::className(),
]
]
]);
}
- models/User.php
private static $users = [
'100' => [
'id' => '100',
'username' => 'admin',
'password' => 'admin',
'authKey' => 'test100key',
'accessToken' => '100-token',
],
'101' => [
'id' => '101',
'username' => 'demo',
'password' => 'demo',
'authKey' => 'test101key',
'accessToken' => '101-token',
],
];
public static function findIdentityByAccessToken($token, $type = null)
{
foreach (self::$users as $user) {
if ($user['accessToken'] === $token) {
return new static($user);
}
}
return null;
}
两种方式测试一下:
- 访问 http://192.168.4.126/news/122 ,在弹出的登录对话框中输入用户名
100-token 或者 101-token, 密码任意,登录 - 直接访问 http://192.168.4.126/news/122?access-token=101-token