Book Image

Designing Web APIs with Strapi

By : Khalid Elshafie, Mozafar Haider
4 (1)
Book Image

Designing Web APIs with Strapi

4 (1)
By: Khalid Elshafie, Mozafar Haider

Overview of this book

Strapi is a Node.js-based, flexible, open-source headless CMS with an integrated admin panel that anyone can use and helps save API development time. APIs built with Strapi can be consumed using REST or GraphQL from any client. With this book, you'll take a hands-on approach to exploring the capabilities of the Strapi platform and creating a custom API from scratch. This book will help JavaScript developers to put their knowledge to work by guiding them through building powerful backend APIs. You'll see how to effortlessly create content structures that can be customized according to your needs, and gain insights into how to write, edit, and manage your content seamlessly with Strapi. As you progress through the chapters, you'll discover a wide range of Strapi features, as well as understand how to add complex features to the API such as user authentication, data sorting, and pagination. You'll not only learn how to find and use existing plugins from the open-source community but also build your own plugins with custom functionality with the Strapi plugin API and add them to the admin panel. Finally, you'll learn how to deploy the API to Heroku and AWS. By the end of this book, you'll be able to build powerful, scalable, and secure APIs using Strapi.

Related Content you might be interested in

Current Title:

Small book image
Designing Web APIs with Strapi
Khalid Elshafie | Mozafar Haider
Feb, 2022 | 310 pages
Small book image
Architecting Vue.js 3 Enterprise-Ready Web Applications
Solomon Eseme
Apr, 2023 | 272 pages
Table of Contents (17 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Share your thoughts
1
Section 1: Understanding Strapi
Section 1: Understanding Strapi
Free Chapter
2
Chapter 1: An Introduction to Strapi
Chapter 1: An Introduction to Strapi
What is Strapi?
Why use Strapi? (The benefits of Strapi)
Preparing the development environment
Creating a Strapi application
Understanding server scripts
Summary
3
Chapter 2: Building Our First API
Chapter 2: Building Our First API
Exploring the project structure of a Strapi application
Defining the API requirements
Creating our first content-type – a classroom
Clarifying Strapi terminology
Interacting with the Strapi API
Understanding the makeup of a Strapi API
Summary
4
Chapter 3: Strapi Content-Types
Chapter 3: Strapi Content-Types
What is the Content-Type Builder plugin?
Creating and managing content-types
Understanding relations in Strapi
Interacting with the API endpoints from Postman
Differences between SINGLE TYPES and COMPONENTS
Summary
5
Chapter 4: An Overview of the Strapi Admin Panel
Chapter 4: An Overview of the Strapi Admin Panel
Navigating around the admin panel
Managing admin users
Managing content effectively
Using the Media Library
Summary
6
Section 2: Diving Deeper into Strapi
Section 2: Diving Deeper into Strapi
7
Chapter 5: Customizing Our API
Chapter 5: Customizing Our API
The routes – where it all starts
Handling routes with controllers
Reusing logic with Strapi services
Tweaking database queries and responses with life cycle hooks
Summary
8
Chapter 6: Dealing with Content
Chapter 6: Dealing with Content
Creating sample data
Sorting API content
Filtering API content
Paginating API content
Under the hood – how it works
Summary
9
Chapter 7: Authentication and Authorization in Strapi
Chapter 7: Authentication and Authorization in Strapi
Understanding the difference between admin users and API users
API login and sign-up
Securing API routes
Using Strapi roles and permissions
Working with policies
Honorable mention – OAuth providers
Summary
10
Chapter 8: Using and Building Plugins
Chapter 8: Using and Building Plugins
Exploring the Strapi plugin ecosystem
Installing and using plugins from the Marketplace
Use case – Enabling GraphQL for our API
Use case – Sending an email from Strapi
Creating our own plugins
Summary
11
Section 3: Running Strapi in Production
Section 3: Running Strapi in Production
12
Chapter 9: Production-Ready Applications
Chapter 9: Production-Ready Applications
Seeding the database
Keeping permissions in sync
Serving media from an S3 bucket
Using PostgreSQL
Summary
13
Chapter 10: Deploying Strapi
Chapter 10: Deploying Strapi
Deploying to Heroku
Deploying to AWS Fargate
Summary
14
Chapter 11: Testing the Strapi API
Chapter 11: Testing the Strapi API
An overview of software testing
Configuring test tools
Setting up the test environment
Writing and running tests
Summary
15
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Appendix: Connecting a React App to Strapi
Appendix: Connecting a React App to Strapi
About the React app
Understanding the React app folder structure
Running the app
Why subscribe?

Securing API routes

All the API endpoints we have so far are publicly accessible. We will need to add a layer of security to our API so that only authorized users can perform certain actions, such as creating, editing, and deleting content.

Strapi makes it easier for us developers to add security to our API. By default, there are two roles in Strapi that we can use to manage permission and access. Those roles are as follows:

  • Public role: This role is intended to be used by everyone to access the public endpoint of the system, for example, the get all classrooms or get tutorials endpoints.
  • Authenticated role: This is the default role for all authenticated users. It is intended to manage access to protected areas of the API.

As we have seen so far, Strapi is very flexible and easily customized. We can alter those roles as we see fit, and we will do so later on in this chapter. But first, let's see how we can use the Authenticated role and protect certain...

Previous Section
End of Section 4
Next Section