Install & Config

Download Framework

Get ready to start building with these simple setup instructions. All you need to do is download the files, do some config setup, create a MySQL database and run a SQL script, install Postman or something similar, then test the login feature with your default admin account. SlenderApi comes with built in Auth so you don't have to roll your own.

How To Build In SlenderApi - Overview

Setup your controller, add custom libraries for that controller, access the models from your libraries, output your responses. The idea of an API is to separate backend work from your UI. You should be able to simply call something in your API with a command to execute, data to manipulate, or data to return. It should do the work and respond back with errors/success messages, and/or data.

SlenderApi comes with a boat load of features to make life easy and does not require any 3rd party vendors to run. We did include phpmailer as a vendor library, mostly to be used as an example of how to include your own vendor libraries. Instead of installing fifty-thousand files for your framework, SlenderApi is under 50 files, not including the phpmailer. We wanted a lightweight framework, it doesn't get much more lightweight than this.

Controllers are clean and easy to read with very little code. Models have built in data functions to manipulate and return data from MySQL and only require a few lines of code to setup. We re-invented how models are used. You can write custom queries of course, but you no longer have to write custom inserts and updates for every table, instead you can call the save method and pass it an array. The bulk of you code will be in your custom libraries.

Say goodbye to all the extra code you used to have to write using REST. SlenderAPI allows "Post" requests only. You no longer need to write extra code to handle different request types in your UI or API code. Instead of rest, we went with KISS.

//This is a simple example of some of the cool things SlenderApi can do.
//In your UserModel, this is how simple it is to setup validation.
public static function getValidationRules(): array
{
    return array(
        'id' => 'isint',
        'email_address' => 'email|maxlength:200|minlength:3',
        'password' => 'required|minlength:8|maxlength:20',
        'user_name' => 'required|maxlength:20|alphanumeric|minlength:3',
        'first_name' => 'maxlength:100',
        'last_name' => 'maxlength:100',
    );
}

//The code below would be in your UserLib.php.
//Grab the post request from a login form.
$credentials = $this->request->getCredentialsFromAuthorization();
$this->email = strtolower($credentials->username);
$this->password = $credentials->password;

//Create an array with only these 2 fields.
$data = array(
    'email_address' => $this->email,
    'password' => $this->password
);

//Access the user model object.
$userModal = new Models\UserModel($this->db, null);

//Create custom validation for just these 2 fields.
$validationRules = Validation::getValidationRulesByFields($userModal->getValidationRules(), array('email_address', 'password'));

//If the validation comes back as failed, output the errors in JSON.
//The code will stop here, the save will not execute.
//I thought the save function automatically ran validation and did an error output?
$errors = Validation::getErrors($data, $validationRules);
if (!empty($errors)) {
    $this->response->outputResponse(400, null, $errors);
}

//If all is good, save the data.
//Grab the logged in user id and pass it to the save.
//If no id is passed or 0 is passed it will insert, otherwise it's an update.
$userModal->save($updateData, $this->loginUser->id);

Step 1

Download / Unzip / DB Setup / Config

In the root of your web site, create a directory called api, download and unzip the framework there.
Optional: create a subdomain like api.yoursite.com and point it to index.php.
Create the MySQL database for your project and run the install SQL script.
Update PHP.ini to the correct timezone, as well as your database, UTC preferred.
Also make sure the phpMailer dll is turned on, set your max post sizes, etc..

//Once you have created your DB, run install_queries.sql to create your users and auth tables.
//A default root admin user will be inserted. The email and password are: youremail@test.com changeme123!
//IMPORTANT: Use the users/login api call in postman, then the users/save api call to update the email and password.

Step 2

Configure your constants and env files. Notice they are named "_dev". You can create different env files for dev, staging, and prod.

Configure constants.php.

//The top line is the only thing you need to change.
//Change this line to point to your setup files for dev/staging/prod.
//It is recommended to move your env files back a directory for security purposes.
//Example: ../api_config/env_dev.env and ../api_config/settings_dev.settings.
$cfg = array_merge(parse_ini_file('env_dev.env'), parse_ini_file('settings_dev.settings'));

Configure slender_env_prod.env.

//Set env to dev or prod, turn system error messages on and off
[environment]
environment.code = 0
environment.status = 1
environment.debug = true

//Configure your database connection
[database]
database.host = "localhost"
database.database = "yourdbname"
database.username = "username"
database.password = "password"

[cookie]
cookie.domain = yourdomain.com

[version]
version = "1.0.0"

Configure slender_settings_prod.settings.

[database]
database.date_format = "Y-m-d"
database.datetime_format = "Y-m-d G:i:s"

[cookie]
cookie.auth.name = access_token
cookie.user.name = user
cookie.expire = 6048000
cookie.path = "/"
cookie.secure = true
cookie.httponly = true
cookie.samesite = "none"

[token]
//JWT Custom Token Secret
token.secret = "100101110010100010011100101010010001010101"

[request]
//Add all controller/methods that do not require authentication here.
//For UsersController/Register you would put users.register.
request.unauthenticated_methods = "users.register,users.login,users.logout,users.users.forgotPassword,users.resetPassword,users.authenticate"
//Lock down your API so only certain domains can call it.
request.allowed_origins = "https://yourdomain.com/"
//If you have an admin domain, set it here, must have admin role to access it.
request.admin_origins = "https://admin.yourdomain.com/"

[resource]
//Leave this at 2.
resource.parent_resource_depth = 2

[error log]
//Configure error logs location.
error.log = "/home/logs/error_log"

[site url]
//Specify the URL to your API.
site.url = "api.yourdomain.com"

Step 3

Start programming with custom models and controller.

Create some of the initial tables besides users/roles/permissions you will need for your project.
Create a model for each table, only a few lines of code each.
Add any validation or custom queries to your models.
Write your custom libraries and helpers.
Add any 3rd party vendor libraries for payments, pdf generation, etc.
Import SlenderAPi.postman_collection and SlenderApi.postman_environment to Postman


.htaccess default

The .htaccess file that comes with SlenderApi will force everything through index.php. For example, if you call https://api.yoursite.com/users/select, it will call the Users controller, then call the select method. The htaccess and index.php will take care of formatting the url. Make sure and point the root of your website to slenderapi/index.php.


webc.config default

If you are using IIS, you will need to use the included web.config file. It will do the exact same thing as the htaccess file.