API boilerplate

Whether you are about to build an API-powered startup or simply want to provide your customers access for their automation, Business Class has you covered with a minimal API boilerplate.

Token-based auth

The premade APIController features a simple token-based authentication to protect your API routes. Tokens support a custom validity period and are compared in a time-constant manner which improves their security. Users can generate time-specific access tokens and token comparisson is protected from time-sensitive attacks.

Throttling

Since API abuse is not uncommon, APIController comes with straightforward and automatic throttling based on Redis. You just decide the number of requests and a time period or stick with the default of 60 requests in 15 minutes, and your API is set.