API Platform 3 Part 2: Security for your Treasures

[oaxino]

API Platform 3 Part 2: Security for your Treasures

Ryan Weaver | Duration: 3:43 h | Video: H264 1920x1080 | Audio: AAC 48 kHz 2ch | 1,30 GB | Language: English

Here be dragons! We've built a pretty sweet API for storing dragon treasures... but we've completely neglected one minor detail: security! In this tutorial, we'll secure our API Platform-powered API in every way imaginable... and spin up a nifty test suite along the way
• Disabling documentation on production
• Different types of API authentication
• Logging in via Ajax & sessions
• Creating an API Token system with "scopes"
• Securing your API resources
• Bootstrapping tests with zenstruck/browser & zenstruck/foundry!
• How to use PATCH
• Adding security & securityPostDenormalize to operations & using object
• Voters
• Conditional fields based on permissions: #[ApiProperty(security: 'is_granted(...)')]
• Using a "state processor" to hash user passwords
• Dynamic serialization groups with a ContextBuilder
• Completely dynamic fields by decorating the normalizer
• Preventing "not allowed" data with validation
• Automatically set the "owner" of an object on create
• Auto-filter collections with "query extensions"
Sheesh! Let's go!

Homepage:

https://symfonycasts.com/screencast/api-platform-security

Screenshots

Download link

rapidgator.net:

https://rapidgator.net/file/c7dfab0539c302b6b1e11012032fb6a4/jysmh.API.Platform.3.Part.2.Security.for.your.Treasures.rar.html

nitroflare.com:

https://nitroflare.com/view/600F593B7577E26/jysmh.API.Platform.3.Part.2.Security.for.your.Treasures.rar