Open in app

Sign in

Write

Sign in

Build scalable and testable API-Centric Applications faster with PHP & Laravel using Apiato

We all know that developing a solid API from scratch is time consuming so if you are agreeing with me, read on.

Mohammad Alavi
3 min readApr 26, 2021

Every time you are going to build a decent API even while using a good framework like Laravel as your starting point you need to prepare and implement many features like:

  • A solid architecture
  • API versioning
  • Authentication
  • Administrative features like RBAC (Role based access control)
  • Documentation generator
  • Localization
  • Data caching
  • And the list just goes on…

And after you did all of that then you have just reached a point where you are able to begin writing your first real business logics. And this cycle of preparation repeats itself for each new API project over and over again and before long you will get tired and eventually you will decide to write your own starter project or search for one.

Here comes in the Apiato.

What is Apiato?

Apiato is framework for building scalable and testable API-Centric Applications with PHP, built on top of Laravel. It uses the best architectures, tools and conventions in a very creative way to deliver a rich set of features for a modern PHP Application.

Apiato comes with a fully detailed documentation, with code samples, principles, definitions and guidelines.

Software Architecture

Apiato is built using the new architectural pattern Porto. Porto SAP is a modern Software Architectural Pattern, designed to help developers organize their Code in a super maintainable way. It is very helpful for big and long terms projects, as they tend to have higher complexity with time.

Features

Here are some of the features that Apiato has to offer:

  • Authentication with OAuth2.0 for first/third-party clients (using Laravel Passport).
  • Role-Based Access Control (RBAC), seeded with a Super Admin, Roles and Permissions.
  • Query Parameters support (orderBy, sortedBy and filter) with full-text search.
  • Useful Endpoints for managing users, roles/permissions, tokens and more.
  • API Documentations generator, to generate API docs from PHP Docblock (using ApiDocJS).
  • Supports CORS (Cross-Origin Resource Sharing) and JSONP (JSON with padding).
  • Auto encoding/decoding of real ID’s, to prevent exposing real ID’s to the outer world.
  • API Throttling (rate limiting to control the rate of traffic received and protect your server).
  • Support “include” request parameter to load nested relationships.
  • Support Data Caching (with auto clearing on Create, Update and Delete).
  • API versioning in the URL or Header (versioning based on the route file name).
  • Exception handling with custom JSON errors responses.
  • Support Shallow ETag HTTP Header, to reduce client bandwidth.
  • Localization (easily switch between languages via request header field).
  • Automatic Data Pagination (meta links to the next and previous data).
  • WEB and API Auth Middlewares. With Proxy endpoints for safer authentication of first-party Apps.
  • Http Requests/Response Monitor and DB Query Debugger.
  • Profiler, to display profiling data in the response (using Laravel Debugbar).
  • Social Authentication supported out of the box “Google, Facebook, Twitter” (Using Laravel Socalite).
  • Type-Casting JSON responses and pagination results with Transformers (using Fractal).
  • Useful Tests Helpers for faster and more enjoyable automated testing (using PHPUnit).
  • Support multiple response payload formats (JSON API spec v1.0, Data Array & pure Data).
  • Automatic dates conversion to ISO format in responses, from the Transformers.
  • Support Stripe payment gateway (expandable to support other payment gateways).
  • System and user level settings out of the box.
  • Easy Validation and Authorization (for User data, accessibility and ownership) with Requests objects.
  • Maintainable and scalable Software Architectural Pattern (using the Porto SAP).
  • Code generator commands, for generating full CRUD operations, and other useful Commands.
  • Separation of UI’s (Web, API and CLI) components (routes, controllers, requests, tests…).

Links:

Apiato website
Porto software architectural pattern
Discord server to get in touch with the Apiato community

Follow me on Twitter Mohammad Alavi

Laravel
PHP
API
Software Development
Software Architecture

--

--

Mohammad Alavi

Written by Mohammad Alavi

12 Followers

Full stack web developer — Looking for remote job opportunities

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams