Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Move fast, don't break your API

8727f7875a079ff297d084a03ef1356e?s=47 Amber Feng
September 30, 2014
Programming
18
50k

Move fast, don't break your API

8727f7875a079ff297d084a03ef1356e?s=128

Amber Feng

September 30, 2014
Tweet

More Decks by Amber Feng

See All by Amber Feng
8727f7875a079ff297d084a03ef1356e?s=48 amfeng
1
8.4k
8727f7875a079ff297d084a03ef1356e?s=48 amfeng
36
49k

Other Decks in Programming

See All in Programming
551a97bf567bea39c0550d3bbf2cc169?s=48 kawaji_scratch
0
110
16040fb086040d7a04dd40478786a4ce?s=48 mizotake
2
330
2c7f0a1020fbd01942166122190180f8?s=48 williln
0
230
2793f1fe246c9299c2416062d22bfb99?s=48 satoshun
0
100
Af64bc38c0ffcfcabdf430759ee491ce?s=48 lovee
2
220
73257f1de15fc7102c1f1a1eadd9dcb8?s=48 hanasuke
1
640
57623c5cef7c777c4bf3103cf06c2d6c?s=48 yoshinoriiiii
0
110
74253b7e85d0a315a23d74db50abd8e4?s=48 coa00
2
130
E0e036f89c14b3e59640318eedf9670b?s=48 bkuhlmann
2
310
C0e58802a4228552548bb8ca596ca966?s=48 mihyaeru21
0
370
6c3e7ef20801b4b967dc1643f63d6233?s=48 ianaya89
2
230
7975b9fd58c8945ae1c6b38747de7f28?s=48 line_developers_tw2
0
4.8k

Featured

See All Featured
5f83ef806155b403c3393160ce51f955?s=48 jlugia
217
16k
C51b39fa3c79ccb99dcb8a076bc98287?s=48 brianwarren
82
4.7k
D36d2c1821af9249b69ff7f5ed60529b?s=48 tammielis
237
23k
F383c6a4dc55e331bbe2987b622cee6b?s=48 stephaniewalter
260
11k
E43f8dfd01057f8304f5f8fb9a294d7d?s=48 jeffersonlam
329
15k
7c8469ee8c9e594c65c59b919626c08d?s=48 scottboms
251
11k
3d4519fd34b76fb265fc0237f3792bd4?s=48 danielanewman
1
520
8081b26e05bb4354f7d65ffc34cbbd67?s=48 chriscoyier
683
180k
2f5463832ccb768ccb4a1ca3607c27ef?s=48 jacobian
255
20k
32de0bd2ba869609d26fd052a4622778?s=48 cromwellryan
104
6.2k
56c4053438af8e8b90d6f53cbb7573be?s=48 jakevdp
775
200k
9cde37f47e4a800ea081ea42de8d749a?s=48 dougneiner
118
7.9k

Transcript

  1. MOVE FAST, DON'T BREAK YOUR API AMBER FENG @amfeng

  2. None

  3. LET'S BUILD AN API!

  4. post '/v1/charges' do card_number = params[:card_number] amount = params[:amount] charge

    = create_charge(card_number, amount) json { id: charge.id, amount: charge.amount card_number: charge.redacted_card_number, success: charge.success } end

  5. post '/v1/charges' do ... unless card_number.length == 16 return {error:

    "Invalid card number."} end unless amount > 0 and amount <= CHARGE_MAX return {error: "Invalid amount."} end ... end

  6. post '/v1/charges' do api_key = get_api_key user = User.find_by_key(api_key) unless

    user return {error: "Invalid API key."} end ... end

  7. curl https://stripe.com/v1/charges -u API_KEY -d card_number=4242424242424242 -d amount=100 => {

    id: "ch_xxx", amount: 100, card_number: "*4242", success: true }
  8. None

  9. WHAT NEXT?

  10. WHAT NEXT? MORE ENDPOINTS

  11. WHAT NEXT? MORE ENDPOINTS MORE FUNCTIONALITY

  12. WHAT NEXT? MORE ENDPOINTS MORE FUNCTIONALITY MORE CHANGES

  13. WHAT NEXT? MORE ENDPOINTS MORE FUNCTIONALITY MORE CHANGES MORE PROBLEMS

  14. LARGE, TANGLED CODEBASE

  15. COPY-PASTA

  16. ERROR-PRONE DEPENDENCIES

  17. "CRAP, I FORGOT TO UPDATE THE DOCS!" — Everyone ever

  18. HOW DO WE MAKE IT BETTER?

  19. DESIGN FOR YOURSELF, TOO

  20. SEPARATE DIFFERENT LAYERS OF LOGIC

  21. Authentication Validation Endpoint-specific logic Constructing the response Error handling

  22. Error handler Authenticator API logic

  23. use ErrorHandler use Authenticator get '/v1/charges/:id' do user = env.user

    id = params[:id] unless user.get_charge(id) raise UserError.new("No charge #{id}!") end end

  24. APIMethods & APIResources

  25. class ChargeCreateMethod < AbstractAPIMethod required :amount, :integer required :card_number, :string

    resource ChargeAPIResource def execute create_charge(amount, card_number) end end

  26. class ChargeAPIResource < AbstractAPIResource required :id, :string required :amount, :integer

    required :card_number, :string required :success, :boolean def describe_card_number charge.redacted_card_number end end

  27. post '/v1/charges' do APIMethod::ChargeCreateMethod.invoke end get '/v1/charges' do APIMethod::ChargeRetrieveMethod.invoke end

  28. MAKE IT HARD TO MESS UP

  29. class ChargeCreateMethod < AbstractAPIMethod required :amount, :integer required :card_number, :string

    document :amount, "Amount, in cents." document :card_number, "The card number." ... end

  30. HIDE BACKWARDS COMPATIBILITY

  31. <todo: tweet>

  32. def execute if !user.version_1? && params[:amount] raise UserError.new("Invalid param.") end

    ... if !user.version_1? response.delete(:amount) end end

  33. GATES

  34. - :version: 2014-09-24 :new_gates: - :gate: allows_amount :description: >- Sending

    amount is now deprecated.

  35. def execute if !user.gating(:allows_amount) && params[:amount] raise UserError.new("Invalid param.") end

    ... if !user.gating(:allows_amount) response.delete(:amount) end end

  36. COMPATIBILITY LAYERS

  37. Request compatibility API logic Construct API response Response compatibility

  38. IN THE REAL WORLD

  39. 106 ENDPOINTS 65 VERSIONS 6 API CLIENTS

  40. DESIGN FOR YOURSELF: SEPARATE LAYERS OF LOGIC MAKE IT HARD

    TO MESS UP HIDE BACKWARDS COMPAT

  41. WHAT ELSE?

  42. NOT SURE. (WE'RE STILL FIGURING IT OUT AS WE GO.)

  43. THANKS! (: @amfeng