This guide provides comprehensive instructions for interacting with RESTify APIs. RESTify dynamically generates RESTful APIs for data management, making it easy to perform CRUD operations, filtering, sorting, pagination, and association handling.
The /admin/rest/<model>
endpoint provides essential metadata about a model, including its fields, their types, relationships, and available operations.
GET /admin/rest/<model>
{
"data": {
"name": "Product",
"id": "product",
"fields": [
{ "label": "ProductID", "name": "product_id", "type": "int", "pk": true },
{ "label": "Name", "name": "name", "type": "string" },
{ "label": "UnitPrice", "name": "unit_price", "type": "int" },
{ "label": "CreatedAt", "name": "created_at", "type": "Time" },
{ "label": "UpdatedAt", "name": "updated_at", "type": "Time" },
{ "label": "Deleted", "name": "deleted", "type": "bool" },
{ "label": "DeletedAt", "name": "deleted_at", "type": "Time" }
],
"endpoints": [
{ "name": "ModelInfo", "method": "GET", "url": "/admin/rest/product", "description": "Returns model metadata" },
{ "name": "All", "method": "GET", "url": "/admin/rest/product/all", "description": "Retrieve all objects" },
{ "name": "Paginate", "method": "GET", "url": "/admin/rest/product/paginate", "description": "Retrieve paginated data" },
{ "name": "Get", "method": "GET", "url": "/admin/rest/product/:product_id", "description": "Retrieve an object by ID" },
{ "name": "Create", "method": "PUT", "url": "/admin/rest/product", "description": "Create a new object" },
{ "name": "BatchCreate", "method": "PUT", "url": "/admin/rest/product/batch", "description": "Create multiple objects" },
{ "name": "Update", "method": "PATCH", "url": "/admin/rest/product/:product_id", "description": "Update an object by ID" },
{ "name": "BatchUpdate", "method": "PATCH", "url": "/admin/rest/product/batch", "description": "Update multiple objects" },
{ "name": "Delete", "method": "DELETE", "url": "/admin/rest/product/:product_id", "description": "Delete an object by ID" },
{ "name": "BatchDelete", "method": "DELETE", "url": "/admin/rest/product/batch", "description": "Delete multiple objects" }
]
}
}
-
Fields:
- Each field includes:
label
: Human-readable name of the field.name
: The field's technical name in the database.type
: Data type (int
,string
,Time
,bool
,relation
).pk: true
: Indicates the field is a primary key.
- Relation Fields:
- Relation fields link models. For example, a
User
model may have aOrders
relation to fetch associated orders. - Example:
This indicates the model has a relationship with another model, such as fetching all orders belonging to a user.
{ "label": "Orders", "name": "orders", "type": "relation" }
- Relation fields link models. For example, a
- Each field includes:
-
Endpoints:
- Describe available operations (CRUD, pagination, etc.) for the model.
-
Composite Primary Keys:
- If a model has composite primary keys, endpoints like
Get
,Update
, andDelete
use URLs like:The order of/admin/rest/<model>/:pk1/:pk2
pk1
andpk2
matches the column order in thefields
array.
- If a model has composite primary keys, endpoints like
curl --location 'http://<your-server>/admin/rest/product/all'
curl --location --request PUT 'http://<your-server>/admin/rest/product' \
--header 'Content-Type: application/json' \
--data '{
"name": "Milk",
"unit_price": 50
}'
curl --location --request PATCH 'http://<your-server>/admin/rest/product/1' \
--header 'Content-Type: application/json' \
--data '{
"unit_price": 55
}'
curl --location --request DELETE 'http://<your-server>/admin/rest/product/1'
curl --location --request PUT 'http://<your-server>/admin/rest/product/batch' \
--header 'Content-Type: application/json' \
--data '[
{ "name": "Bread", "unit_price": 30 },
{ "name": "Eggs", "unit_price": 60 }
]'
curl --location --request PATCH 'http://<your-server>/admin/rest/product/batch?unit_price[gt]=50' \
--header 'Content-Type: application/json' \
--data '{
"unit_price": 100
}'
RESTify supports advanced querying to refine data retrieval.
curl --location 'http://<your-server>/admin/rest/product/paginate?page=2&size=10'
Sort by one or more fields:
curl --location 'http://<your-server>/admin/rest/product/all?order=name.asc,unit_price.desc'
RESTify provides flexible filters. Supported operators:
Operator | Description | Example |
---|---|---|
eq |
Equals | name[eq]=Milk |
neq |
Not Equals | name[neq]=Milk |
gt |
Greater Than | unit_price[gt]=50 |
gte |
Greater Than or Equal To | unit_price[gte]=50 |
lt |
Less Than | unit_price[lt]=100 |
lte |
Less Than or Equal To | unit_price[lte]=100 |
contains |
Contains | name[contains]=Mil |
search |
Fulltext Search | name[search]=milk |
in |
In List | name[in]=Milk,Bread |
between |
Between | name[between]=2006-01-02 10:15:06,2006-02-02 00:00:00 |
notnull |
Is Not Null | deleted_at[notnull]=1 |
isnull |
Is Null | deleted_at[isnull]=1 |
curl --location 'http://<your-server>/admin/rest/product/all?unit_price[gte]=50&name[contains]=Milk'
Load related data using the associations
query parameter.
curl --location 'http://<your-server>/admin/rest/user/1?associations=Orders'
curl --location 'http://<your-server>/admin/rest/user/1?associations=Orders,Payments'
curl --location 'http://<your-server>/admin/rest/user/paginate?page=1&size=5&associations=Orders,Payments'
Backend may require authentication for API calls, depending on your application logic. Check with your backend team for specific authentication methods.
Include the API key in the request header:
x-api-key: <your-api-key>
Include the token in the Authorization
header:
Authorization: Bearer <token>
RESTify automatically validates input data based on the validation rules specified in the model's structure. If the input data fails validation, the API returns an error response with details about the failed validations.
When a validation error occurs, the response includes a validation_error
field containing details about the fields that failed validation and the specific error messages.
Request:
curl --location --request PUT 'http://<your-server>/admin/rest/user' \
--header 'Content-Type: application/json' \
--data-raw '{
"username": "",
"name": "john",
"email": "[email protected]"
}'
Response:
{
"data": 0,
"total": 0,
"offset": 0,
"total_pages": 0,
"current_page": 0,
"size": 0,
"success": false,
"error": "validation failed",
"type": "",
"validation_error": [
{ "field": "username", "error": "is required" },
{ "field": "email", "error": "invalid email" }
]
}
If any field violates the validation rules during the creation of a single record, the API returns a 400 Bad Request
with the validation errors.
When creating multiple records in a batch, the validation errors for each individual record are returned. The API proceeds with valid records and skips invalid ones.
Request:
curl --location --request PUT 'http://<your-server>/admin/rest/user/batch' \
--header 'Content-Type: application/json' \
--data '[
{ "username": "user1", "name": "John", "email": "[email protected]" },
{ "username": "", "name": "Reza", "email": "[email protected]" }
]'
Response:
{
"data": [
{ "username": "user1", "name": "John", "email": "[email protected]" }
],
"success": false,
"error": "validation failed for some records",
"validation_error": [
{
"record": 2,
"errors": [
{ "field": "username", "error": "is required" },
{ "field": "email", "error": "invalid email" }
]
}
]
}
For update operations, the API ensures that the new values meet the validation criteria. Errors are returned for any invalid fields.
Request:
curl --location --request PATCH 'http://<your-server>/admin/rest/user/1' \
--header 'Content-Type: application/json' \
--data-raw '{
"email": "invalid-email"
}'
Response:
{
"data": 0,
"success": false,
"error": "validation failed",
"validation_error": [
{ "field": "email", "error": "invalid email" }
]
}
Similar to batch create, validation errors are returned for each invalid record during batch updates.
Request:
curl --location --request PATCH 'http://<your-server>/admin/rest/user/batch?name[eq]=John' \
--header 'Content-Type: application/json' \
--data-raw '{
"email": "not-an-email"
}'
Response:
{
"data": 0,
"success": false,
"error": "validation failed for some records",
"validation_error": [
{
"field": "email",
"error": "invalid email"
}
]
}
RESTify supports a wide range of built-in validators leveraging Validation Library. Below is a table of possible validators and their corresponding error messages:
These validators operate on input data without interacting with the database.
Validator | Description | Possible Error Message |
---|---|---|
text |
Ensures string contains no HTML tags. | the text cannot contains html fields |
name |
Checks if the value is a valid name. | is not valid name |
alpha |
Only alphabetical characters allowed. | is not alpha |
latin |
Only Unicode letters allowed. | is not latin |
digit |
Only digits [0-9] allowed. | invalid digit value |
alphanumeric |
Letters, digits, and spaces allowed. | is not alpha |
required |
Value cannot be empty. | is required |
email |
Checks for valid email format. | invalid email |
regex(...) |
Matches value against a regex pattern. | format is not valid |
len<, len>, ... |
Ensures string length within constraints. | is too short / is too long / is not equal to <length> |
Numeric comparisons | Compares numeric values (> , < , etc.). |
is bigger than ... / is smaller than ... |
int , +int , -int |
Checks if the value is integer. | invalid integer |
float , +float , -float |
Checks if the value is float. | invalid integer |
password(...) |
Checks password complexity. | password is not complex enough |
domain |
Valid domain format. | invalid domain |
url |
Valid URL format. | invalid URL |
ip , ip4 , ip6 |
Valid IP address (IPv4 or IPv6). | value must be valid IPv4/IPv6 address |
cidr |
Valid CIDR notation. | value must be valid CIDR notation |
mac |
Valid MAC address. | value must be valid MAC address |
date |
Valid RFC3339 date. | invalid date, date expected be in RFC3339 format |
longitude |
Valid longitude. | value must be valid longitude |
latitude |
Valid latitude. | value must be valid latitude |
port |
Valid port number. | value must be valid port number |
json |
Valid JSON format. | value must be valid JSON format |
ISBN , ISBN10 , ISBN13 |
Valid ISBN format. | value must be ISBN-10 format / value must be ISBN-13 format |
creditcard |
Valid credit card number. | value must be credit card number |
uuid |
Valid UUID. | value must be valid uuid |
uppercase |
Ensures string is uppercase. | value must be in upper case |
lowercase |
Ensures string is lowercase. | value must be in lower case |
rgbcolor , rgba , hexcolor , hex |
Validates color formats. | value must be HEX color / value must be RGB color |
countryalpha2 , countryalpha3 |
Valid ISO country codes. | value must be a valid ISO3166 Alpha 2/3 Format |
btcaddress |
Valid Bitcoin address. | value must be a valid Bitcoin address |
ethaddress |
Valid Ethereum address. | value must be a valid ETH address |
cron |
Valid CRON expression. | value must be a valid CRON format |
duration |
Valid Go duration format. | value must be a valid duration format |
time |
Valid RFC3339 timestamp. | value must be a valid RFC3339 timestamp |
unixTimestamp |
Valid Unix timestamp. | value must be a valid unix timestamp |
timezone |
Valid timezone string. | value must be a valid timezone |
e164 |
Valid E164 phone number. | value must be a valid E164 phone number |
safeHTML |
Ensures string does not contain XSS tokens. | value must not contain any possible XSS tokens |
noHTML |
Ensures string does not contain HTML tags. | value must not contain any html tags |
phone |
Valid phone number format. | value must be valid phone number |
These validators validate input against database constraints.
Validator | Description | Possible Error Message |
---|---|---|
unique |
Ensures the field value is unique in the table. | duplicate entry |
unique:col1|col2 |
Ensures a combination of columns is unique. | duplicate value for <columns> |
fk |
Validates foreign key references another table. | value does not match foreign key |
enum |
Ensures value matches an allowed ENUM value. | invalid value, expected values are: ... |
before(field) |
Ensures timestamp is before another field’s value. | <field> must be before <other field> |
after(field) |
Ensures timestamp is after another field’s value. | <field> must be after <other field> |
-
Display Validation Messages:
- Parse the
validation_error
array in the response. - Show user-friendly messages for each invalid field.
- Parse the
-
Highlight Invalid Fields:
- Use the
field
name from thevalidation_error
to identify and highlight the input.
- Use the
-
Retry with Valid Data:
- Correct the invalid fields and retry the API request.
By leveraging RESTify's validation capabilities, you can ensure robust data integrity and provide meaningful feedback to users during API interactions.
This documentation provides a comprehensive guide for interacting with RESTify APIs. For further customization, consult your backend team.