Book Image

Designing Web APIs with Strapi

By : Khalid Elshafie, Mozafar Haider
4 (1)
Book Image

Designing Web APIs with Strapi

4 (1)
By: Khalid Elshafie, Mozafar Haider

Overview of this book

Strapi is a Node.js-based, flexible, open-source headless CMS with an integrated admin panel that anyone can use and helps save API development time. APIs built with Strapi can be consumed using REST or GraphQL from any client. With this book, you'll take a hands-on approach to exploring the capabilities of the Strapi platform and creating a custom API from scratch. This book will help JavaScript developers to put their knowledge to work by guiding them through building powerful backend APIs. You'll see how to effortlessly create content structures that can be customized according to your needs, and gain insights into how to write, edit, and manage your content seamlessly with Strapi. As you progress through the chapters, you'll discover a wide range of Strapi features, as well as understand how to add complex features to the API such as user authentication, data sorting, and pagination. You'll not only learn how to find and use existing plugins from the open-source community but also build your own plugins with custom functionality with the Strapi plugin API and add them to the admin panel. Finally, you'll learn how to deploy the API to Heroku and AWS. By the end of this book, you'll be able to build powerful, scalable, and secure APIs using Strapi.

Related Content you might be interested in

Current Title:

Small book image
Designing Web APIs with Strapi
Khalid Elshafie | Mozafar Haider
Feb, 2022 | 310 pages
Small book image
Architecting Vue.js 3 Enterprise-Ready Web Applications
Solomon Eseme
Apr, 2023 | 272 pages
Table of Contents (17 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Share your thoughts
1
Section 1: Understanding Strapi
Section 1: Understanding Strapi
Free Chapter
2
Chapter 1: An Introduction to Strapi
Chapter 1: An Introduction to Strapi
What is Strapi?
Why use Strapi? (The benefits of Strapi)
Preparing the development environment
Creating a Strapi application
Understanding server scripts
Summary
3
Chapter 2: Building Our First API
Chapter 2: Building Our First API
Exploring the project structure of a Strapi application
Defining the API requirements
Creating our first content-type – a classroom
Clarifying Strapi terminology
Interacting with the Strapi API
Understanding the makeup of a Strapi API
Summary
4
Chapter 3: Strapi Content-Types
Chapter 3: Strapi Content-Types
What is the Content-Type Builder plugin?
Creating and managing content-types
Understanding relations in Strapi
Interacting with the API endpoints from Postman
Differences between SINGLE TYPES and COMPONENTS
Summary
5
Chapter 4: An Overview of the Strapi Admin Panel
Chapter 4: An Overview of the Strapi Admin Panel
Navigating around the admin panel
Managing admin users
Managing content effectively
Using the Media Library
Summary
6
Section 2: Diving Deeper into Strapi
Section 2: Diving Deeper into Strapi
7
Chapter 5: Customizing Our API
Chapter 5: Customizing Our API
The routes – where it all starts
Handling routes with controllers
Reusing logic with Strapi services
Tweaking database queries and responses with life cycle hooks
Summary
8
Chapter 6: Dealing with Content
Chapter 6: Dealing with Content
Creating sample data
Sorting API content
Filtering API content
Paginating API content
Under the hood – how it works
Summary
9
Chapter 7: Authentication and Authorization in Strapi
Chapter 7: Authentication and Authorization in Strapi
Understanding the difference between admin users and API users
API login and sign-up
Securing API routes
Using Strapi roles and permissions
Working with policies
Honorable mention – OAuth providers
Summary
10
Chapter 8: Using and Building Plugins
Chapter 8: Using and Building Plugins
Exploring the Strapi plugin ecosystem
Installing and using plugins from the Marketplace
Use case – Enabling GraphQL for our API
Use case – Sending an email from Strapi
Creating our own plugins
Summary
11
Section 3: Running Strapi in Production
Section 3: Running Strapi in Production
12
Chapter 9: Production-Ready Applications
Chapter 9: Production-Ready Applications
Seeding the database
Keeping permissions in sync
Serving media from an S3 bucket
Using PostgreSQL
Summary
13
Chapter 10: Deploying Strapi
Chapter 10: Deploying Strapi
Deploying to Heroku
Deploying to AWS Fargate
Summary
14
Chapter 11: Testing the Strapi API
Chapter 11: Testing the Strapi API
An overview of software testing
Configuring test tools
Setting up the test environment
Writing and running tests
Summary
15
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Appendix: Connecting a React App to Strapi
Appendix: Connecting a React App to Strapi
About the React app
Understanding the React app folder structure
Running the app
Why subscribe?

Working with policies

A common use case in API development is to allow users to manage their own information and contents. While the Users & Permissions plugin works great for providing us with role-based authentication, it does not provide an out-of-the-box strategy for allowing users to manage their own content. Instead, the decision is left to developers to handle this case according to the business requirements. Luckily, we do not need to reinvent the wheel to implement such logic in the API authentication flow. We can use Strapi's policies to customize the authentication and authorization flow.

A policy in Strapi is a function that can be executed before a request reaches a controller. Policies are mostly used for securing business logic easily. Policies are applied to a route using the policies array in the {content-type}/routes/{content-type}.js router file or the {content-type}/routes/{custom-file}.js custom router file:

// Example of policy in Core Router file...
Previous Section
End of Section 6
Next Section