Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[API] add docs to show API Platform implementation. #147

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

[API] add docs to show API Platform implementation. #147

wants to merge 6 commits into from

Conversation

jrushlow
Copy link
Collaborator

@jrushlow jrushlow commented Jan 29, 2021
edited by weaverryan
Loading

This guide is incomplete and should not be used until after it is merged. Everything subject to change until then.

refs #128

Relates to symfony/maker-bundle#798

@jrushlow jrushlow added documentation Improvements or additions to documentation Status: Needs Work Additional work is needed labels Jan 29, 2021
@jrushlow
Copy link
Collaborator Author

TODO - Do not return a 500 if the user could not be found.

@jrushlow
Copy link
Collaborator Author

jrushlow commented Feb 1, 2021
edited
Loading

Routes:

POST /reset-password-requests 
{
    "email": "[email protected]"
}

Responses:
202 - Request succeeds || User not found (We don't want to reveal who is a user and who is not)
422 - if email is not set, is empty, or otherwise malformed

PUT /reset-passwords/{token}

{
    "newPlaintextPassword": "some new password"
}

{token} = the token provided to the user via email

Responses:
200 - Token accepted, password changed.
404 - Invalid Token || User not Found || Any exception thrown by ResetPasswordHelper

weaverryan
weaverryan reviewed Feb 2, 2021
View reviewed changes
README.md Outdated Show resolved Hide resolved
README.md Outdated
* @Assert\NotBlank(groups={"putValidation"})
* @Groups({"reset-password:put"})
*/
public string $plainTextPassword;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It might be easier to split this into 2 DTO objects - something like RequestResetPasswordInput and ResetPasswordInput. Then you can configure the input on each, specific operation i think (instead of having the input= on the top-level.

Another option would be to create these 2 DTO's and make THEM each their own @ApiResource... each with 1 operation. I'm not sure if having ResetPasswordRequest as the @ApiResource is doing us any favors, as we never use it as the input or output. That would be my biggest potential feedback on this otherwise awesome effort. input and output DTO's are kind of an edge-case feature in API Platform... so if we can find a clean way to do this without them, that might ideal.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@weaverryan weaverryan weaverryan left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
documentation Improvements or additions to documentation Status: Needs Work Additional work is needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jrushlow @weaverryan