204

Product support

Get help in the plugin support forum.

  • Added on Jul 20, 2023
  • Current version: 2.5.0
  • Platform Compatibility
    v3.x use latest
    v2.x not tested
    v1.x not tested
  • Created by
  • Public repository

Categories

This plugin enables the creation of CRUD operations for REST services and allows the creation of custom REST services with middleware support for API authorization. Additionally, the plugin provides an API for OctoberCMS frontend users to perform actions such as login, registration, token refresh, and retrieval of user information. Bearer API tokens are utilized for API authorization within this plugin.

You can easily connect your client mobile and web apps with APIs generated through this plugin with security. This plugin also supports communication with Firebase to authorize your users with Firebase. Additionally, it comes with a handy Flutter SDK, allowing you to connect your Flutter apps easily without writing bulky client-side stubs.

Please read the documentation for more information.

Developed by Chatura Dilan Perera

Company: Dilexus IT

Octobase : REST API Services Plugin for OctoberCMS

Introduction

An awesome plugin for OctoberCMS is available to expose REST API services for data access from anywhere. This plugin enables the creation of CRUD operations for REST services and allows the creation of custom REST services with middleware support for API authorization. Additionally, the plugin provides an API for OctoberCMS frontend users to perform actions such as login, registration, token refresh, and retrieval of user information. Bearer API tokens are utilized for API authorization within this plugin.

Requirements

Tested in PHP 8.2 and above. You need to enable sodium extension in the server inorder to work with this plugin

Flutter SDK

You can connect the APIs of your Octobase Easily with Flutter SDK here https://pub.dev/packages/octobase_flutter

Manual Installation

php artisan plugin:install Dilexus.Octobase --from=https://github.com/chaturadilan/octobase-plugin.git

Roadmap

This plugin requires additional features to be added in the future.

  1. Web SDK (Javascript) support for the plugin

You can assist in accelerating the development of the plugin by contributing to the following features that are on the roadmap.

"Buy Me A Coffee"

How To

If you want to expose a REST webservice from your OctoberCMS plugin, please ensure that the following plugins have been installed.

  1. October CMS Frontend Users Plugin
  2. Octobase Plugin

Create your Routes and APIs

  1. Create routes.php in your plugin
  2. As an example if you want to enable CRUD services. Let's say your plugin is School and you have a Model for Student
use Dilexus\Octobase\Classes\Api\Lib\Octobase;

...

  Route::prefix('api/school/v1')->group(function () {

    (new Octobase)->crud('Dilexus\School\Models\Student',
        ['obPublic'], // List All records
        ['obPublic'], // List single record
        ['obPublic'], // add single record
        ['obPublic'], // update single record
        ['obPublic']  // delete single record
    );

});

Here obPublic is a middlewere that expose your CRUD APIs to public.

More Examples

 (new Octobase)->crud('Dilexus\School\Models\Student',
        createM: ['obPublic'], // Enable only the add (create) API
    );

Operations

The above will expose the following APIs to the public

Main APIs

GET /api/school/v1/students - List all students (you can use page, limit query parametrs for pagination, with, where, order quary parameters to filter data)

GET /api/school/v1/students/1 - List single student by Id (form parameters are required)

POST /api/school/v1/students - Create a new student (form parameters are required)

POST /api/school/v1/students/1 - updates a student by Id

DELETE /api/school/v1/students/1 - delete a student by Id

File APIs

POST /api/school/v1/students/1/files - upload file to the student (form file parameters are required)

DELETE /api/school/v1/students/1/files - delete file of a student (file parameter name is required, use all to delete all files)

Language

if you want to speicify a language to the api, either you can use Content-Language (Eg: Content-Language: en) header or locale (Eg: locale=en) query parameter. For this you need to have OctoberCMS Translation plugin

More Examples

This will only allow list API to public, by default other APIs are restricted to anyone

  Route::prefix('api/school/v1')->group(function () {

    (new Octobase)->crud('Dilexus\School\Models\Category',
        ['obPublic'], // List All records
    );

});

Middleware

obRestricted

Restrict Anyone from acccessing the APIs

obRegistered

Only registered users will be allowed to access the APIs. If you want to restrict registered users to only access their own data, add ":true" after the middleware name. For example, [obRegistered:true]. However, please ensure that the table has a user_id column if you choose to do so.

obAdmin

Only registered Admin will be allowed to access the APIs. Please make sure to create a Admin user group with the code 'admin' in the Groups section of the Users Plugin and user has been assigned to admin group. Admin has permission to do any operations on the APIs

obPublic

Anyone who calls the APIs has unrestricted access to them.

obGroups

Only the defined groups can access the APIs. For example, if you want to restrict access to the groups "admin" and "api", you can add them as follows using a colon: [obGroups:admin:api].

Custom Functions

If you want to modify the output before it is sent to the client, you can use a custom function like below

 (new Octobase)->crud('Dilexus\School\Models\Student',
        ['obPublic'],
        function :function ($request, $records, $method) {
            return $records->select('name');
        }
 );

Authentication and Authrorization

Authentication

You can authenticate the API using following API. You have to send login, password form parameters. login is the user's email

POST /octobase/login

Registration

You can register the user using following API. You need to send first_name, last_name, email, password, confirm_password as form parameters. You can disable this feature from Octobase plugin settings. Also You can enable the auto activation of the user from the plugin settings.

POST /octobase/register

Refresh

You can send the SHA256 token and get a new token from refresh API. You need to send the token in the Authtorization heder as a Bearer token

POST /octobase/refresh

User

You get the user information from this API. You need to send the token in the Authtorization header as a Bearer token

GET /octobase/user

Check

You get the status of the token whether it is exist or not. You need to send the token in the Authtorization header as a Bearer token

GET /octobase/check

Firebase Authentication

You can authenticate it with Firebase by sending ID token to following API. It required a form parameter called token (eg: token=[Firebase User ID Token]). It will create a record in Users if the user is not there or return the existing user with Octobase token. You can use Octobease token after that to call APIs. Firebase can be configured in Octobase Settings

POST /octobase/login/firebase

Authrorization

To Authorize all your APIs you need to send the token in the Authtorization heder as a bearer token

Debug mode Settings

If you are using APIs solely for testing purposes, you can enable the debug mode to test them without authentication and authorization.

Create your own APIs with Middleware

You can attach Octobase middleware to your own APIs as well. As an example.

Route::prefix('api/school/v1')->group(function () {

    Route::get('student/{id}/getInfo', function (Request $request, $id)  {
       // Logic Here
    })->middleware(['obRegistered']);

});

License (MIT)

Copyright (c) 2023 Chatura Dilan Perera

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Developer

This plugin is developed by Chatura Dilan Perera

Bugs and Comments

To report bugs or comments on this app or if you are looking to create an Flutter app based on this app please contact me 'Chatura Dilan Perera'

2.5.0

Fixes for bugs

May 29, 2024

2.4.1

Changes to error messages

May 29, 2024

2.4.0

Added app check for firebase

May 28, 2024

2.3.0

Added one session per user at a time

May 26, 2024

2.2.0

Fixed issue with groups and admin

May 26, 2024

2.1.0

Make tokens more secure

May 26, 2024

2.0.0

Release with the new User Plugin 3

May 25, 2024

1.29.0

Fixed bug in the first and last name

May 25, 2024

1.28.0

Fixed update and add functions in Octobase

May 17, 2024

1.27.0

Remove the need of sodium extension (1)

May 05, 2024

1.26.0

Remove the need of sodium extension

May 05, 2024

1.25.0

Bug fix in groups Middleware

Apr 16, 2024

1.24.0

Added Allowed Groups to the Group Middleware

Apr 16, 2024

1.23.0

Changes to groups

Apr 16, 2024

1.22.0

Added User Groups to the Group Middleware

Apr 16, 2024

1.21.0

Added User Id for Debug groups

Apr 16, 2024

1.20.0

Added Debug User Id in Settings

Apr 10, 2024

1.19.0

Added Custom Functions

Apr 01, 2024

1.18.0

Added API Debug mode

Mar 31, 2024

1.17.0

Change perPage to Limit

Feb 28, 2024

1.16.0

Added Octobase data object support

Feb 28, 2024

1.15.0

Added Description

Jan 16, 2024

1.14.0

Update Firebase Version

Jan 16, 2024

1.13.0

Update Firebase Version

Jan 16, 2024

1.12.0

Fixes for sodium

Jan 16, 2024

1.11.0

Fixes for sodium

Jan 16, 2024

1.10.0

Fixes for sodium

Jan 16, 2024

1.9.0

Fixes for sodium

Jan 16, 2024

1.8.0

Fixes for sodium extension

Jan 16, 2024

1.7.0

Fixes for Firebase API

Jan 14, 2024

1.6.0

Added id for user

Jan 13, 2024

1.5.0

Changes to Login API and Error code, added new token check API

Jan 11, 2024

1.4.0

Added Firebase Auth and default groups

Jan 09, 2024

1.3.0

Added language header support

Sep 07, 2023

1.2.0

Fixed the issue in version

Aug 08, 2023

1.1.0

Restrict Settings to Super Users only

Aug 08, 2023

1.0.3

Fixed the issue in version

Aug 01, 2023

1.0.2

Restrict Settings to Super Users only

Jul 25, 2023

1.0.1

Initialize plugin

Jul 20, 2023