Symfony REST API (without FosRestBundle) using JWT authentication: PART 1

In this first article we are going to explore the simplest way to implement a REST API in symfony project without FosRestBundle. I will add the second article containing JWT authentication. Before we create this implementation, we need firstly understand what REST actually means.

1- What is Rest?

Rest as Representational State transfer is an architectural style for developing web services. It is something that can not be ignored because there is a big need for creating Restful applications in today’s ecosystem. This might be due to the continued climb of JavaScript and these frameworks.

Rest API should use HTTP protocol. This mean that when the client makes any request to this web service, it can specify any of the normal HTTP verbs of GET, POST, DELETE and PUT. Below is what would happen If the respective verbs were sent by the client.

- GET: This would be used to get the list of resources or the details of one.
- POST: this would be used to create a new resource.
- PUT: This would be used to update an existing resource.
- DELETE: This would be used to delete an existing resource.

Rest is stateless and this mean that the server side doesn’t hold any request state. The state should be kept on the client side (example of using JWT for authentication, we are going to secure our RestApi using this). So, when using authentication in our Rest Api, we need to send the authentication header in order to get a correct response in a stateless way.

2- Create a symfony project:

Firstly, we suppose you have installed php and the composer package manager to create a new symfony project. After that, create a new project using the following command in the terminal:

composer create-project symfony/skeleton demo_rest_api

create symfony project

We are using a basic symphony skeleton that is recommended for microservices and APIs. Here is what directory structure looks like:

project structure

Config: contains all bundle configuration and a list of bundle in the bundle.php.

Public: provides access to the application via index.php

Src: contains all controller, models and services.

Var: contains system logs and cache files.

Vendor: contains all external packages

Now, let’s install some necessary bundles with composer:

composer require symfony/orm-pack

composer require sensio/framework-extra-bundle

we installed the sensio/framework-extra-bundle that will help us to make code easier by using annotations for defining our routes.

We need also to install symphony/orm-pack for integration with Doctrine ORM in order to connect with a database. Bellow is the configuration of database I created which may be set in the .env file.

.env configuration file

Now, let’s create our first entity. Create a new file called Post.php inside the src/Entity folder.

And after run the command: php bin/console doctrine:schema:create to create a database table according to our Post entity.

Now, let’s create a PostController.php where we will add all methods interacting with api. It should be placed inside the folder src/Controller.

Here we defined the five routes:

  • GET /api/posts: will return a list of the Posts.
get all posts api
  • POST /api/posts: will create a new Post.
add new post api
  • GET /api/posts/id: will return a Post matching the specific identifer
get single post
  • PUT /api/posts/id : will update the Post.
update post

This is the result after update:

post after updated
  • DELETE /api/posts/id: will delete the Post.
delete post

This is the result of get all posts after delete the post with the ID 3:

all posts after delete

The code source can be found: Here


So now we understand what REST and Restful is. A restful API should be stateless. We know how to create a Restful application using HTTP verbs. All in all we now have a good understanding of REST and are ready to create Restful applications in a professional way.

Next Article we will take a look at how to secure the restful API using JWT authentication.

Software Developer