Slim 4 - Cheatsheet and FAQ

09 Sep 2019

Table of Contents

Documentation

Slim 4 Changes

Installation

Skeletons

Error 404

In the beginning many people have an issue with the error message: Error 404 (Not found)

First, make sure that you added the RoutingMiddleware:

$app = AppFactory::create();

// Add Routing Middleware
$app->addRoutingMiddleware();

// ...

$app->run();

Second, make sure that the correct base path is set:

$app->setBasePath('/my-base-path');

Run Slim 4 From a Sub-Directory

This library can be used as a helper to determine the correct base path:

Retrieving the current route

$route = \Slim\Routing\RouteContext::fromRequest($request)->getRoute();

Retrieving the current route arguments

$routeArguments = \Slim\Routing\RouteContext::fromRequest($request)->getRoute()->getArguments();

Accessing the RouteParser

$routeParser = \Slim\Routing\RouteContext::fromRequest($request)->getRouteParser();

Retrieving the base path

$basePath = \Slim\Routing\RouteContext::fromRequest($request)->getBasePath(),

Reading the response body

$body = (string)$request->getBody();

If the request body is still empty, it could be an bug or an issue with chunked requests:

Receiving input

To receive the submitted JSON / XML data you have to add the BodyParsingMiddleware:

$app = AppFactory::create();

$app->addBodyParsingMiddleware(); // <--- here

// ...

$app->run();

Notice: The BodyParsingMiddleware will only parse the body if the request header Content-Type contains a supported value. Supported values are:

The BodyParsingMiddleware also suports PUT requests.

More details: https://akrabat.com/receiving-input-into-a-slim-4-application/

CSRF protection

Take a look a the “official” Slim-CSRF package.

SameSite cookies

With SameSite Cookies (available since PHP 7.3) you may no longer need CSRF protection:

Dependency Injection

As a general rule:

Your entire app should be unaware of the container.

Injecting the container is an anti-pattern. Please declare all class dependencies in your constructor explicitly instead.

Why is injecting the container (in the most cases) an anti-pattern?

In Slim 3 the Service Locator (anti-pattern) was the default “style” to inject the whole (Pimple) container and fetch the dependencies from it. Please don’t do this anymore!

Q: How can I make it better?

A: Use Composition over inheritance and constructor dependency injection. Dependency injection is a programming practice of passing into an object it’s collaborators, rather the object itself creating them.

Since Slim 4 you can use modern Dependency Injection Container (DIC) like PHP-DI and league/container with the awesome autowire feature. This means: Now you can declare all dependencies explicitly in your constructor and let the DIC inject these dependencies for you.

To be more clear: “Composition” has nothing to do with the “Autowire” feature of the DIC. You can use composition with pure classes and without a container or anything else. The autowire feature just uses the PHP Reflection classes to resolve and inject the dependencies automatically for you.