PHPackages seiger/sapi - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [API Development](/categories/api) 4. / 5. seiger/sapi ActiveEvolutioncms-module[API Development](/categories/api) seiger/sapi =========== API tools package for Evolution CMS. v1.0.2(2mo ago)039↑233.3%GPL-3.0PHPPHP ^8.3 Since Jan 12Pushed 2mo agoCompare [ Source](https://github.com/Seiger/sApi)[ Packagist](https://packagist.org/packages/seiger/sapi)[ Fund](https://ko-fi.com/seigerkornelyuk)[ RSS](/packages/seiger-sapi/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (3)Dependencies (2)Versions (4)Used By (0) sApi ==== [](#sapi) **sApi** is a lightweight, framework-agnostic API core for **Evolution CMS**, designed to build modern, versioned JSON APIs with Laravel-style routing and JWT authentication. The package provides only the essential infrastructure: - routing - middleware - authentication - extensibility for other packages Business logic, CRUD scaffolding, GraphQL, and API documentation are intentionally **out of scope** of the core and should be implemented via separate modules. --- Key Features ------------ [](#key-features) - ✅ Single front controller (`/api/index.php`, `/rest/index.php`, etc.) - ✅ Laravel-style routing (based on `illuminate/routing`) - ✅ API versioning via URL (`/v1/...`) - ✅ JWT authentication (Bearer tokens) - ✅ Middleware with scope-based authorization - ✅ JSON-only responses (no XML, no GraphQL) - ✅ Automatic discovery of API routes from other packages - ✅ Designed for Evolution CMS ecosystem --- Requirements ------------ [](#requirements) - PHP **8.4+** - Evolution CMS 3.5+ - Composer --- Installation ------------ [](#installation) ``` composer require seiger/sapi ``` --- Environment Variables --------------------- [](#environment-variables) Recommended location: `core/custom/.env` (EvolutionCMS loads it in `core/bootstrap.php`). VariableDefaultDescription`SAPI_BASE_PATH``api`Base prefix for all sApi routes (e.g. `rest` → `/rest/token`).`SAPI_VERSION``v1`Optional API version prefix (e.g. `v1` → `/rest/v1/token`). Leave empty to use unversioned routes.`SAPI_JWT_SECRET`*(empty)*HS256 secret used to sign/verify JWTs. **Required** to issue tokens.`SAPI_JWT_TTL``3600`Token TTL in seconds.`SAPI_JWT_SCOPES``*`Default token scopes (comma-separated).`SAPI_JWT_ISS`*(empty)*Optional `iss` claim.`SAPI_ALLOWED_USER_ROLES``1`Allowed Evo manager roles for `/token` (comma-separated).`SAPI_LOGGING_ENABLED``1`Enable/disable all sApi logging.`SAPI_LOG_ACCESS_ENABLED``1`Enable/disable access log entries.`SAPI_LOG_EXCLUDE_PATHS`*(empty)*Comma-separated paths to skip from access logging (e.g. `/rest/health`).`SAPI_LOG_BODY_ON_ERROR``1`Log request body for `4xx/5xx`.`SAPI_LOG_MAX_BODY_BYTES``4096`Max request body bytes to log.`SAPI_LOG_AUDIT_ENABLED``1`Enable/disable audit events logging.`SAPI_AUDIT_EXCLUDE_EVENTS`*(empty)*Comma-separated event patterns to skip (supports `*` via `fnmatch`).`SAPI_AUDIT_MAX_CONTEXT_BYTES``8192`Max audit context size.`SAPI_REDACT_BODY_KEYS``password,token,refresh_token,jwt,secret`Keys to redact in logged bodies/contexts.`APP_NAME``evo`Used as Monolog channel `name` for the `sapi` logger.`LOG_LEVEL``debug`Log level for the `sapi` logger.`LOG_DAILY_DAYS``14`Retention days for daily logs.--- Basic Concept ------------- [](#basic-concept) `sApi` acts as an **API kernel**, not a full framework. You create a single front controller file (for example `/api/index.php`), bootstrap Evolution CMS, and let `sApi` handle: - routing - authentication - middleware execution - request dispatching All API endpoints are defined via route providers. --- Front Controller Example ------------------------ [](#front-controller-example) ```