API Engine Class
The Api class is the central nervous system for GeniXCMS RESTful API. It provides a robust framework for handling incoming requests, enforcing security through API key validation, and delivering consistent JSON responses to client applications.
🛡️ Authentication Architecture
The API engine supports multi-layered authentication to ensure secure data access.
| Method |
Key / Header |
Description |
| Header |
GX-API-KEY |
Recommended. Pass the key in the HTTP_GX_API_KEY header. |
| Query |
api_key |
Optional. Pass as a URL parameter for simple GET requests. |
| Session |
logged_in |
Fallback. Uses the current admin session if available. |
🏗️ Core Methods
static Api::dispatch($resource, $id, $action)
The entry point for all API requests. It automatically routes the request to the corresponding Resource Controller.
- Workflow:
- Inits: Sets headers to
application/json.
- Auth: Validates access permissions.
- Route: Discovers the
{Resource}Api class.
- Execute: Maps HTTP verbs (
GET, POST, PUT, DELETE) to class methods.
static Api::success($data, $message)
Generates a standardized success payload. Use this for all successful operations to maintain a consistent frontend consumption experience.
{
"status": "success",
"message": "Operation successful",
"data": { "id": 101, "title": "Example Post" }
}
static Api::error($code, $message)
Generates a structured error response. Automatically sets the correct HTTP response code (e.g., 404, 401, 500).
{
"status": "error",
"code": 401,
"message": "Unauthorized access [API Key Invalid]"
}
🛠️ Internal Request Flow
The Api class is tightly integrated with the Router system. When a URL prefix matches api/v1/, the router hands off the execution to this class.
// Internal Routing Example
'api/v1/(.*)/(.*)' => [
'api' => 'v1',
'resource' => 1,
'identifier' => 2
]
priority_highImportantExtending the API: To create a new endpoint, simply add a new class in inc/lib/Control/Api/ following the ResourceApi naming convention. The engine will handle the rest!
See Also
