Hello!

BrainTech - software solutions, web design and applications.

Contact

Contact

REST API Masterclass

REST API Masterclass – from HTTP basics to JWT, Swagger docs and deployment. 33 modules, 137 lessons, final employee information system project.

33 modules 137 lessons
Start course

Module 1 – Introduction to API and HTTP

Module 2 – HTTP methods

Module 3 – HTTP status codes

Register to access this module.

  • Status codes overview
  • Status 200, 201 and 204
  • Status 400, 401, 403 and 404
  • Status 409, 422 and 429
  • Status 500 and server errors
  • Exercise: status codes

Module 4 – JSON in REST APIs

Register to access this module.

  • JSON format
  • json_encode in PHP
  • json_decode in PHP
  • JSON and UTF-8
  • JSON and dates
  • JSON and decimal numbers
  • Standard JSON response

Module 5 – REST API design

Register to access this module.

  • Designing endpoints
  • REST philosophy
  • Resources and URLs
  • API path antipatterns

Module 6 – PHP API project structure

Register to access this module.

  • api/index.php entry point
  • API router
  • API controllers
  • API models
  • Response helper
  • Error handler

Module 7 – CRUD operations

Register to access this module.

  • GET /users
  • GET /users/{id}
  • POST /users
  • PUT /users/{id}
  • DELETE /users/{id}

Module 8 – Data validation

Register to access this module.

  • Required field validation
  • Email validation
  • Number and date validation
  • Enum validation
  • Duplicate validation
  • Validation error responses
  • Validation in practice

Module 9 – JWT authentication

Register to access this module.

  • What is JWT
  • JWT header
  • JWT payload
  • JWT signature
  • Login and JWT token flow
  • JWT verification and expiry

Module 10 – Authorization and roles

Register to access this module.

  • Role-based authorization
  • Permission-based authorization
  • Authorization middleware
  • Admin role
  • User role
  • Guest role

Module 11 – Tokens and sessions

Register to access this module.

  • Access token
  • Refresh token
  • Logout and token blacklist
  • Refresh token in practice

Module 12 – API security

Register to access this module.

  • HTTPS and TLS
  • SQL injection in APIs
  • XSS in API context
  • Rate limiting
  • Brute force protection
  • CORS in REST APIs
  • API keys

Module 13 – API versioning

Register to access this module.

  • Versioning v1 and v2
  • Backward compatibility
  • Versioning strategy

Module 14 – Swagger and OpenAPI

Register to access this module.

  • OpenAPI and Swagger
  • Automatic Swagger documentation
  • Testing endpoints in Swagger

Module 15 – API testing

Register to access this module.

  • Testing with Postman
  • Testing with Bruno
  • Testing with Insomnia
  • Testing with curl
  • Test collections
  • Automated API tests

Module 16 – File uploads

Register to access this module.

  • Image upload
  • PDF upload
  • Word document upload
  • Multipart upload

Module 17 – Pagination

Register to access this module.

  • Pagination: page and limit
  • Pagination: sort and order
  • Pagination meta response
  • Pagination best practices

Module 18 – Filters

Register to access this module.

  • Basic filters
  • Advanced filters
  • Filters with query builder

Module 19 – Search

Register to access this module.

  • Search: q parameter
  • Field-based search
  • Fulltext search

Module 20 – API performance

Register to access this module.

  • Response caching
  • Gzip compression
  • ETag and conditional requests
  • Payload compression
  • Lazy loading relations

Module 21 – Logging

Register to access this module.

  • Error logging
  • Request logging
  • Logging IP and time
  • User-based logging
  • Log file structure

Module 22 – Third-party integrations

Register to access this module.

  • Integration: Stripe
  • Integration: PayPal
  • Integration: Google Maps
  • Integration: OpenAI
  • Integration: SMTP
  • Integration: SMS
  • Integration: ERP
  • Integration: SAP

Module 23 – Mobile API

Register to access this module.

  • Mobile API overview
  • Mobile login and token
  • Mobile refresh token
  • Mobile offline mode
  • Mobile API best practices

Module 24 – Deploy and production

Register to access this module.

  • Deploy on Apache
  • Deploy on Nginx
  • Deploy with HTTPS
  • Reverse proxy
  • Docker basics for API
  • Deploy on VPS

Module 25 – Final project

Register to access this module.

  • Final project: REST API

Module 26 – Bonus: OAuth2

Register to access this module.

  • OAuth2: Google and Microsoft

Module 27 – Bonus: Webhooks

Register to access this module.

  • Webhooks: Stripe, GitHub, Slack

Module 28 – Bonus: API Gateway

Register to access this module.

  • API Gateway: when and why

Module 29 – Bonus: HATEOAS

Register to access this module.

  • HATEOAS: is it needed

Module 30 – Bonus: Idempotency

Register to access this module.

  • Idempotent requests and retry

Module 31 – Bonus: Rate limit (Redis)

Register to access this module.

  • Rate limit with Redis

Module 32 – Bonus: Database versioning

Register to access this module.

  • Database and API versioning

Module 33 – Bonus: Monitoring

Register to access this module.

  • Monitoring: latency and errors
Design Wireframe
High Fidelity Design
Design development
Design development
Design development
Research development