Drupal 8 Routing
- 3. Drupal 7 routing
● based on path only (menu_get_item($path))
● tied up with menu links (tables menu_router,
menu_links)
- 4. menu_rebuild()
● This function will clear and populate the
{menu_router} table, add entries to {menu_links}
for new router items, and then remove stale
items from {menu_links}. If called from
update.php or install.php, it will also schedule a
call to itself on the first real page load from
menu_execute_active_handler(), because the
maintenance page environment is different and
leaves stale data in the menu tables.
- 8. Drupal 8 routing
● mymodule.routing.yml
●
●
●
{router} database table, route_set =
<modulename>
- 10. Drupal 8 meets Symfony routing
● RouterListener subscriber (core.services.yml)
● RouterListener::onKernelRequest() sets
attributes to request object using matcher
- 13. router.dynamic internals
● RouteProvider – fetch all records from {router}
table filtering by pattern_outline,
● NestedMatcher:
– MimeTypeMatcher
– UrlMatcher:
● prefix
● regex (example #^/node$#s)
● host regex
● http method
● http scheme (http or https)
- 16. REST in core
● New Entity API with field metadata
● REST API support can be enabled for any
entity known to the system
● Access control on the entity level
● Access control on the field level
- 24. CSRF protection
● Each non-safe REST call (not GET, HEAD,
OPTIONS, TRACE methods) should be done
with 'X-CSRF-Token' header with token.
● Drupal 7 Services got SA on 6 June 13.
- 25. Services in Drupal 8 (plans)
● Own plugin (extends Resource from REST)
● Each method as own route (not tied with http
method names)
● Use annotations to describe your routes
● Validation of arguments
- 27. Authentication (in progress)
● https://drupal.org/node/1890878
● No more dependent on Cookie Session
● Authentication Providers
● Multiple authentication providers – 400 Bad
Request
● Access check if authenticaion provider allowed