Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Move fast, don't break your API

8727f7875a079ff297d084a03ef1356e?s=47 Amber Feng
September 30, 2014
Programming
18
50k

Move fast, don't break your API

8727f7875a079ff297d084a03ef1356e?s=128

Amber Feng

September 30, 2014
Tweet

More Decks by Amber Feng

See All by Amber Feng
8727f7875a079ff297d084a03ef1356e?s=48 amfeng
1
8.5k
8727f7875a079ff297d084a03ef1356e?s=48 amfeng
36
49k

Other Decks in Programming

See All in Programming
2e8ff55bf441ac3101a36812010216c2?s=48 medup
0
180
924d7de2a5a7102a597728e5edbbff78?s=48 kekyo
PRO
1
130
2e0a66c86d35c1ef7ae20eae1de4ffda?s=48 jreznot
2
940
E26d0367de2bbb06bf3059c981aea719?s=48 wagnerfusca
2
220
922f51d458d6ffee8578b9d3ab0a52b6?s=48 ug
0
520
Bd593f2def2a91327c2845cb47dfd359?s=48 hiji
1
260
F8fc4ec35531ef9a285c1a84591cc16c?s=48 tosaka07
0
360
Df4978f14401325586e9e286b140ac4c?s=48 n1215
2
340
Ee974eb4dea26c2f17f42460366bb745?s=48 progate
1
680
102398563fd1bf878b35dc2d5ee67cbe?s=48 kamilahsantos
0
160
7c8a8c1fdd7ecbbd8ed01d2061f38a4c?s=48 orekyuu
2
1.3k
53c93eb80b5958590b18205dc5fd3634?s=48 smdmts
0
130

Featured

See All Featured
79acae287842acf29084005533a7fb3b?s=48 hursman
108
9.3k
1177e050db6bafe62885362edf6e3537?s=48 lauravandoore
12
1.9k
6804f1775cb4babfcc3851298566fbce?s=48 tanoku
86
8.7k
20bfe76b3d6105641f879fe45cfc9272?s=48 bkeepers
PRO
322
54k
8081b26e05bb4354f7d65ffc34cbbd67?s=48 chriscoyier
146
20k
E6c6e133e74c3b83f04d2861deaa1c20?s=48 searls
204
38k
0c6fd6a08d0f898159cda7cafcacf07f?s=48 afnizarnur
178
14k
C4de88ea47538e4594750e3861a341c8?s=48 brettharned
93
3.2k
Fde6c3a50ca518a909ef35c22c0ee0e4?s=48 destraynor
222
47k
E43f8dfd01057f8304f5f8fb9a294d7d?s=48 jeffersonlam
332
16k
D8fc2580cfaca035f666d9e4ee79a7f7?s=48 mongodb
23
4k
0bce06bd06ee7a2c4f5500f25dcf7f18?s=48 paulrobertlloyd
73
1.5k

Transcript

  1. MOVE FAST, DON'T BREAK YOUR API AMBER FENG @amfeng

  2. None

  3. LET'S BUILD AN API!

  4. post '/v1/charges' do card_number = params[:card_number] amount = params[:amount] charge

    = create_charge(card_number, amount) json { id: charge.id, amount: charge.amount card_number: charge.redacted_card_number, success: charge.success } end

  5. post '/v1/charges' do ... unless card_number.length == 16 return {error:

    "Invalid card number."} end unless amount > 0 and amount <= CHARGE_MAX return {error: "Invalid amount."} end ... end

  6. post '/v1/charges' do api_key = get_api_key user = User.find_by_key(api_key) unless

    user return {error: "Invalid API key."} end ... end

  7. curl https://stripe.com/v1/charges -u API_KEY -d card_number=4242424242424242 -d amount=100 => {

    id: "ch_xxx", amount: 100, card_number: "*4242", success: true }
  8. None

  9. WHAT NEXT?

  10. WHAT NEXT? MORE ENDPOINTS

  11. WHAT NEXT? MORE ENDPOINTS MORE FUNCTIONALITY

  12. WHAT NEXT? MORE ENDPOINTS MORE FUNCTIONALITY MORE CHANGES

  13. WHAT NEXT? MORE ENDPOINTS MORE FUNCTIONALITY MORE CHANGES MORE PROBLEMS

  14. LARGE, TANGLED CODEBASE

  15. COPY-PASTA

  16. ERROR-PRONE DEPENDENCIES

  17. "CRAP, I FORGOT TO UPDATE THE DOCS!" — Everyone ever

  18. HOW DO WE MAKE IT BETTER?

  19. DESIGN FOR YOURSELF, TOO

  20. SEPARATE DIFFERENT LAYERS OF LOGIC

  21. Authentication Validation Endpoint-specific logic Constructing the response Error handling

  22. Error handler Authenticator API logic

  23. use ErrorHandler use Authenticator get '/v1/charges/:id' do user = env.user

    id = params[:id] unless user.get_charge(id) raise UserError.new("No charge #{id}!") end end

  24. APIMethods & APIResources

  25. class ChargeCreateMethod < AbstractAPIMethod required :amount, :integer required :card_number, :string

    resource ChargeAPIResource def execute create_charge(amount, card_number) end end

  26. class ChargeAPIResource < AbstractAPIResource required :id, :string required :amount, :integer

    required :card_number, :string required :success, :boolean def describe_card_number charge.redacted_card_number end end

  27. post '/v1/charges' do APIMethod::ChargeCreateMethod.invoke end get '/v1/charges' do APIMethod::ChargeRetrieveMethod.invoke end

  28. MAKE IT HARD TO MESS UP

  29. class ChargeCreateMethod < AbstractAPIMethod required :amount, :integer required :card_number, :string

    document :amount, "Amount, in cents." document :card_number, "The card number." ... end

  30. HIDE BACKWARDS COMPATIBILITY

  31. <todo: tweet>

  32. def execute if !user.version_1? && params[:amount] raise UserError.new("Invalid param.") end

    ... if !user.version_1? response.delete(:amount) end end

  33. GATES

  34. - :version: 2014-09-24 :new_gates: - :gate: allows_amount :description: >- Sending

    amount is now deprecated.

  35. def execute if !user.gating(:allows_amount) && params[:amount] raise UserError.new("Invalid param.") end

    ... if !user.gating(:allows_amount) response.delete(:amount) end end

  36. COMPATIBILITY LAYERS

  37. Request compatibility API logic Construct API response Response compatibility

  38. IN THE REAL WORLD

  39. 106 ENDPOINTS 65 VERSIONS 6 API CLIENTS

  40. DESIGN FOR YOURSELF: SEPARATE LAYERS OF LOGIC MAKE IT HARD

    TO MESS UP HIDE BACKWARDS COMPAT

  41. WHAT ELSE?

  42. NOT SURE. (WE'RE STILL FIGURING IT OUT AS WE GO.)

  43. THANKS! (: @amfeng