Skip to content
Snippets Groups Projects

==== REST

General Concept

  • There is one PHP file to handle all REST calls:

    typo3conf/ext/qfq/Classes/Api/rest.php

  • All further endpoints are appended after rest.php, seperated by '/'. Example:

    http://localhost/qfq/typo3conf/ext/qfq/Classes/Api/rest.php/restPerson/1/restAddress/123?myEmail=jonni@miller.com

    The argument 'myEmail' is just to show how GET variables will be submitted.

  • Each level is a QFQ form. In the above example: restPerson and restAddress

  • A QFQ form will be enabled for REST calls via field 'Permit REST'. Possible options: get, insert (post), update (put), delete

  • An optional HTML header token based 'authorization' is supported.

  • At least one level (= form name) has to be given.

  • Multiple level/id tuple are possible.

  • Only the last level will be used. The last level becomes automatically form in STORE_TYPO3.

  • The last id becomes automatically r in STORE_TYPO3.

  • Previous level and id are accessible via {{_id1:C}}, {{_form1:C:alnumx}},{{_id2:C}}, {{_form2:C:alnumx}}, ...

  • Import/Export data has to be/is JSON encoded.

  • The following settings has no impact to QFQ forms called via REST: form.Permit New, form.Permit Edit

HTML Requests

GET - export

Example:

curl -X GET "http://localhost/qfq/typo3conf/ext/qfq/Classes/Api/rest.php/restPerson"

Details:

  • no id or id=0 (example: 1, 123): The result of Form.parameter.restSqlList will be generated.
  • id>0 (example: 1, 123): the result of Form.parameter.restSqlData will be generated.
  • The whole resultset will be JSON encoded.
  • It's not possible to render subrecords. This has to be done via a sub level (next form).
  • Future: If this is not sufficient, a possible solution might be a report-notation (special FormElement), which do not implode all output, but leave the rows/cells intact as an array - the json_encode will then to the rest.

POST - insert

Example:

curl -X POST "http://localhost/qfq/typo3conf/ext/qfq/Classes/Api/rest.php/restPerson" -d '{"name":"Miller","firstname":"Jonni"}'

Details:

  • The data has to be JSON encoded transferred to the REST API.
  • The JSON stream will be decoded to an array and copied to $_POST.
  • The further process is identically to a standard 'form submit'.
  • There should be no id given or id=0.

PUT - update

Example:

curl -X PUT "http://localhost/qfq/typo3conf/ext/qfq/Classes/Api/rest.php/restPerson/1" -d '{"name":"Miller","firstname":"Jonni"}'

Details:

  • The data has to be JSON encoded transferred to the REST API.
  • The JSON stream will be decoded to an array and copied to $_POST.
  • The further process is identically to a standard 'form submit'.
  • There have to be an id>0.

Delete

Example:

curl -X DELETE "http://localhost/qfq/typo3conf/ext/qfq/Classes/Api/rest.php/restPerson/1"

Details:

  • The data has to be JSON encoded transferred to the REST API.
  • The JSON stream will be decoded to an array and copied to $_POST.
  • The further process is identically to a standard 'form submit'.
  • There have to be an id>0.

Header Token Authorization

Example:

curl -X GET -H 'Authorization: Token token="mySuperSecretToken"' "http://localhost/qfq/typo3conf/ext/qfq/Classes/Api/rest.php/restPerson/"

Static token

Per form configure form.parameter.restToken=mySuperSecretToken.

Dynamic token

The client supplied authorization token is available via the client store: {{Authorization:C:alnumx}}.

Take the Client token and check if it saved in a table with all user token:

form.parameter.restToken={{SELECT a.token FROM Auth AS a WHERE a.token='{{Authorization:C:alnumx}}' }}

DEBUG

Append the GET variable ?XDEBUG_SESSION_START=1

Example:

curl -X POST "http://localhost/qfq/typo3conf/ext/qfq/Classes/Api/rest.php/restPerson?XDEBUG_SESSION_START=1" -d '{"name":"Miller","firstname":"Jonni"}'

PhpStorm with activated debugger will stop at any breakpoint and 'stepping' through the code is possible.