When I started with web development, I used Bootstrap Studio and some custom HTML, CSS and JS for the frontend, and a custom bare-bones PHP Apache backend.Image by Zine EOOD from bootstrapstudio.io/docs
the same old PHP backend. Instead of trying to find a more common or modern framework to switch to or even try,
I just decided to make my own light PHP framework. I called it zBack,
which was a stateless; file system based system where you would make a
routeName.php file in the
folder if you wanted to make a new HTTP GET route.
This worked pretty good for the most part, but it had really bad performance, for many reasons. So when I and some friends started a project with a more serious scope I wrote the API in the old PHP system, but I felt that I needed a better, faster and easier solution that would preferably also have a strong type system to avoid most common coding errors. After doing a lot of research, I ended up trying Actix Web.
Actix Web is a Rust web framework that lets you create fast and secure REST APIs with all the safety and speed of Rust, including a robust type system that simply won't let you compile a lot of common errors.
I started to learn Actix Web and rewrote the entire API. My old API used a MariaDB SQL database, witch I connected to with PHPs included functions. When I rewrote the API I chose SQLx to connect to my database. SQLx is absolutely amazing, and has a lot of features that seems almost like black magic to me. When I write an SQL query in SQLx, it will tell me at compile time wether or not it is a valid query by testing the query on a development instance!
I even did a lot of relatively easy improvements with Actix, especially with the authentication. In Actix Web I got a connection pool to the database, so when I get a request it won't have to create a new connection each time. In the old API, authentication was based on a session token that was stored in the database, and then the hashed token was stored on the client for authentication. The problem with that approach is that it may break with horizontal scaling, because the session token might not be synced to the clients server. The way I chose to implement authentication in the new rewrite to avoid the previous pitfalls was to base it on JWT tokens. JWT tokens are basically an encrypted JSON object that you can send to a client, and they can't decrypt or edit the object without the private key, so they can safely store it in their browsers and apps whilst the API can decrypt and read the JSON data.
After I was finished with the rewrite, I did some tests in my local development environment to compare the old PHP API versus the new Rust one.
Smaller numbers are better
I was expecting some improvements in speed with the Rust based rewrite, but the numbers absolutely blew me out of the water. In the best case scenario, the Rust API has a 96,7% increase in speed from the PHP API!
After getting comfortable with Actix Web and Rust, I don't think I am going to continue making backends in PHP any more. All the amazing features of Rust and Actix Web are simply too amazing for me to pass up, especially for something like PHP, who can't catch obvious compile time errors before a poor user or dev encounters it at runtime. So I don't have a problem with PHP and I won't hop on the PHP hate train any time soon, but I have found a great replacement that I don't think I will deviate from for a long time.