[symfonycasts] API Platform 3: Security for your Treasures

[Организатор]

Ссылка на картинку

This course is in the planning stages
Here be dragons! We've built a pretty sweet API for storing dragon treasures... but we've completely neglected one minor detail: security! In this tutorial, we'll secure our API Platform-powered API in every way imaginable... and spin up a nifty test suite along the way:

Disabling documentation on production
Different types of API authentication
Logging in via Ajax & sessions
Creating an API Token system with "scopes"
Securing your API resources

Bootstrapping tests with zenstruck/browser & zenstruck/foundry!
How to use PATCH
Adding security & securityPostDenormalize to operations & using object
Voters
Conditional fields based on permissions: #[ApiProperty(security: 'is_granted(...)')]
Using a "state processor" to hash user passwords
Dynamic serialization groups with a ContextBuilder
Completely dynamic fields by decorating the normalizer
Preventing "not allowed" data with validation
Automatically set the "owner" of an object on create
Auto-filter collections with "query extensions"
Формат: видео-уроки с английскими субтитрами и текст урока на английском языке в формате PDF.

Смотреть далее...