• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Is REST API Possible with Codeigniter?

#1
I want to create REST API. I have chosen two framework to work with. One is Slim and another one is Lumen. But if it is possible with codeigniter i will stick with codeigniter.
Reply

#2
Hello,

Yes, it's possible to create an REST API with codeigniter. Take a look at https://code.tutsplus.com/tutorials/work...--net-8814
Reply

#3
Read this:

How to create RESTful web services in codeigniter
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#4
That is a good tutorial.
But missing the security part.
How to give access to the specific user only? OAuth?

Is it maintained by codeigniter?
Is it safe to use in my projects?
Reply

#5
(12-09-2017, 06:06 AM)mahesh2150 Wrote: That is a good tutorial.
...
Is it maintained by codeigniter?

CodeIgniter does not include a REST API so no, the tutorial is not maintained by CodeIgniter.

(12-09-2017, 06:06 AM)mahesh2150 Wrote: Is it safe to use in my projects?
What do you mean by safe?

As far as it goes the code should work but I would say there are problems. The main one being that user input is being trusted without being verified or sanitized. Never trust user input! There might be other issues but I did not examine the tutorial in depth.

From my point of view there is some coding there that (at best) points to a less than full understanding of CodeIgniter or (at worst) indicates a thoughtless approach to coding. For instance, this bit of code.
PHP Code:
  //API call - add new book record
 
   public function add($data){

 
       if($this->db->insert('tbl_books'$data)){
 
          return true;
 
       }else{
 
          return false;
 
       }
 
   

The if statement is totally unnecessary. Since index() returns true or false why use the if conditional? Instead, simply return the results from index().

PHP Code:
  //API call - add new book record
 
   public function add($data){
 
       return $this->db->insert('tbl_books'$data));
 
   

And again the input is accepted "as-is" which is far from a best practice.

To be fair, it's important to recognize that the tutorial is not presented as complete and robust production level code. It simply demonstrates basic concepts.

(12-09-2017, 06:06 AM)mahesh2150 Wrote: But missing the security part.
How to give access to the specific user only? OAuth?

You are asking about Authentication which is a separate concern from REST API.

There are many third-party authentication libraries build for CodeIgniter. Community Auth and Ion_Auth are but two that are in wide use. There are others and also lots of examples on how to do-it-yourself. Any of these could be integrated using a RESTful API.
Reply

#6
(12-09-2017, 08:09 AM)dave friend Wrote: You are asking about Authentication which is a separate concern from REST API.

There are many third-party authentication libraries build for CodeIgniter. Community Auth and Ion_Auth are but two that are in wide use. There are others and also lots of examples on how to do-it-yourself. Any of these could be integrated using a RESTful API.

The problem with using a standard authentication library with an API is that most APIs don't work that way. I've used a lot of APIs over the years, and never used one ever that utilized cookies/sessions, which is how Community Auth works, and I'm assuming how Ion Auth works.

You'd normally have API users sign up and assign them a username and password for their API access. So you develop that, and when API requests come in they must include the username and password. With the exception of Amazon, every API I've used works this way, unless authentication is not required. It's not rocket science.
Reply

#7
(12-09-2017, 11:01 AM)skunkbad Wrote: The problem with using a standard authentication library with an API is that most APIs don't work that way. I've used a lot of APIs over the years, and never used one ever that utilized cookies/sessions, which is how Community Auth works, and I'm assuming how Ion Auth works.

You'd normally have API users sign up and assign them a username and password for their API access. So you develop that, and when API requests come in they must include the username and password. With the exception of Amazon, every API I've used works this way, unless authentication is not required. It's not rocket science.

The term "API" covers a lot of territory. I believe there is a difference between what "API" means to you and what the OP is thinking. It seems to me that you are talking about APIs that allow a developer to access services (Amazon, Twitter, etc) so the service can be integrated into a website or application. As such, it makes perfect sense that the developer has the proper credentials to access the API. I took the OP's remark to be about the site's end-user authentication - not permission to access a development library.

My understanding might be faulty, but if not then integrating a package like Community Auth into his site (via a REST architecture) does not seem out of line to me and deserves consideration. It would be a lot less work than DIY from scratch.
Reply

#8
API = Application Programming Interface.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#9
(12-10-2017, 04:46 AM)InsiteFX Wrote: API = Application Programming Interface.

OK. I think most everyone here knows that. What's your point?
Reply

#10
(12-09-2017, 03:32 AM)mahesh2150 Wrote: I want to create REST API. I have chosen two framework to work with. One is Slim and another one is Lumen. But if it is possible with codeigniter i will stick with codeigniter.

Hi dear, I provide REST API in my repository, documentation is ready and just clone and use it in :

https://github.com/LegenD1995/foxyntax_ci
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.