Stars: 150
Forks: 11
Pull Requests: 34
Issues: 5
Watchers: 4
Last Updated: 2023-02-15 17:09:44
Expose the authorization logic of your REST API using HATEOAS links
License: MIT License
Languages: PHP
HATEOAS allows you to expose the authorization logic of your REST API. This package makes it easy to add HATEOAS links to your Laravel API resources.
Each resource has its HATEOAS links, and only the accessible links per resource are returned. If a link is not available on a resource, then the clients of your API can disable functionality linked to that HATEOAS link.
By default an array of links, in the following format, will be added to the JSON of a Laravel API resource:
{
"data": [
{
"id": 1,
"text": "Hello world!",
"_links": [
{
"rel": "self",
"type": "GET",
"href": "http://localhost/message/1"
},
{
"rel": "delete",
"type": "DELETE",
"href": "http://localhost/message/1"
}
]
}
]
}
You can install the package via composer:
composer require gdebrauwer/laravel-hateoas
You can create a new HATEOAS class for a model using the following artisan command:
php artisan make:hateoas MessageHateoas --model=Message
In the created class you can define public methods that will be used to generate the links. A method should either return a link or null
.
class MessageHateoas
{
use CreatesLinks;
public function self(Message $message) : ?Link
{
if (! auth()->user()->can('view', $message)) {
return;
}
return $this->link('message.show', ['message' => $message]);
}
public function delete(Message $message) : ?Link
{
if (! auth()->user()->can('delete', $message)) {
return $this->link('message.archive', ['message' => $message]);
}
return $this->link('message.destroy', ['message' => $message]);
}
}
To add the links to an API resource, you have to add the HasLinks
trait and use the $this->links()
method. The HATEOAS class will be automatically discovered.
class MessageResource extends JsonResource
{
use HasLinks;
public function toArray($request) : array
{
return [
'id' => $this->id,
'text' => $this->text,
'_links' => $this->links(),
];
}
}
You can customize the JSON links formatting by providing a formatter class that implements the Formatter
interface to the formatLinksUsing
method.
If the code to format the links is pretty small or you don't want to create a separate formatter class for it, you also have the option to provide a formatting callback function to the formatLinksUsing
method.
use GDebrauwer\Hateoas\Hateoas;
use GDebrauwer\Hateoas\LinkCollection;
// Provide your own Formatter class ...
Hateoas::formatLinksUsing(CustomFormatter::class);
// ... Or provide a callback
Hateoas::formatLinksUsing(function (LinkCollection $links) {
// return array based on links
});
By default, the HATEOAS classes of models will be auto-discovered. Specifically, the HATEOAS classes must be in a Hateoas directory below the directory that contains the models. If you would like to provide your own HATEOAS class discovery logic, you can register a custom callback:
use GDebrauwer\Hateoas\Hateoas;
Hateoas::guessHateoasClassNameUsing(function (string $class) {
// return a HATEOAS class name
});
composer test
composer lint
Please see CHANGELOG for more information what has changed recently.
Please see CONTRIBUTING for details.
The MIT License (MIT). Please see License File for more information.