Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Building Better Web APIs (PyCon AU 2014)

Amber Brown (HawkOwl)
August 03, 2014
Technology
3
120

Building Better Web APIs (PyCon AU 2014)

Web APIs are how much of the modern web speaks - services speaking HTTP and JSON are ubiquitous, and nearly everything from your phone to your TV interacts with one of them. We'll go over how APIs are structured and versioned, why you should validate your data, and why you should have them in the first place -- and what other best practices are when creating them.

Amber Brown (HawkOwl)

August 03, 2014
Tweet

More Decks by Amber Brown (HawkOwl)

See All by Amber Brown (HawkOwl)
Batteries Included, But They're Leaking (Python Language Summit, 2019)
hawkowl
0
380
Why Twisted Is The Best (WOOTConf @ LCA 2017)
hawkowl
0
130
Releasing Calendar Versioned Software (PyCon AU 2016)
hawkowl
1
120
Falsehoods Developers Have About Identity (PyCon AU 2016 Lightning Talk)
hawkowl
1
670
The Report of Twisted's Death; or Twisted & Tornado in the Asyncio Age (EuroPython 2016)
hawkowl
0
130
An Asynchronous, Scalable Django with Twisted (PyCon TW 2016 Keynote)
hawkowl
0
150
The Report of Twisted's Death; or Twisted & Tornado in the Asyncio Age (PyCon US 2016)
hawkowl
0
120
Twisted & Python 3 (Python Language Summit, 2016)
hawkowl
0
150
The Report of Twisted's Death; or Twisted & Tornado in the Asyncio Age (Perth Django Meetup)
hawkowl
0
130

Other Decks in Technology

See All in Technology
LangSmith入門―トレース/評価/プロンプト管理などを担うLLMアプリ開発プラットフォーム
os1ma
3
300
AWSに詳しくない人でも始められるコスト最適化ガイド
yuhta28
1
240
GrafanaMeetup_AmazonManagedGrafanaのアクセス制御機能とマルチテナント環境下でのアクセス制御について
daitak
0
240
web-application-security
matsuihidetoshi
0
170
データベース02: データベースの概念
trycycle
0
160
20240418_Google ColabにLLMが搭載されたようなのでPython x データ分析の勉強方法を考えてみる
doradora09
0
140
Vertex AI を中心に 生成AIのアップデートを共有します
kaz1437
0
310
ゼロから始めるVue.jsコミュニティ貢献 / first-vuejs-community-contribution-link-and-motivation
lmi
1
130
DevOpsメトリクスとアウトカムの接続にトライ!開発プロセスを通して計測できるメトリクスの活用方法
ham0215
2
240
非同期推論システムによるコスト削減と信頼性向上
koki_nishihara
0
260
Gitlab本から学んだこと - そーだいなるプレイバック / gitlab-book
soudai
4
440
LayerXにおけるLLMプロダクト開発の今までとこれから
layerx
PRO
1
360

Featured

See All Featured
Six Lessons from altMBA
skipperchong
21
3k
Product Roadmaps are Hard
iamctodd
44
9.7k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
121
39k
Documentation Writing (for coders)
carmenintech
60
3.9k
How STYLIGHT went responsive
nonsquared
92
4.8k
10 Git Anti Patterns You Should be Aware of
lemiorhan
648
58k
Navigating Team Friction
lara
178
13k
How GitHub (no longer) Works
holman
304
140k
GitHub's CSS Performance
jonrohan
1025
450k
Creatively Recalculating Your Daily Design Routine
revolveconf
210
11k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
78
42k
Designing Experiences People Love
moore
136
23k

Transcript

  1. [email protected] @hawkieowl

  2. None

  3. technicals.atleastfornow.net

  4. Building Better Web APIs

  5. Why do we need Web APIs?

  6. APIs are how applications talk

  7. Implement once, access anywhere

  8. Break open the silo!

  9. And it’s two way!

  10. And can be automated!

  11. The applications are massive

  12. Web 3.0 The Internet Of Things

  13. Web 3.0 The Internet Of Things

  14. The Programmable Internet

  15. None

  16. Rich APIs == Automation Wins

  17. The Benefits

  18. Implementing Web APIs

  19. Who are our users?

  20. Design for the End User • Expose all the data

    that the user might need • Provide encrypted endpoints

  21. Design for the Implementor • Design to the principal of

    least surprise and lay your resources out in a consistent way • Provide a platform which will cause little need for modification down the line • Provide documentation which adequately and completely explains your API and its semantics - provide examples!!!!

  22. Versioning

  23. Explicit versions are essential for stability

  24. Provide API Pinning

  25. Pinning Methods • URI • route53.amazonaws.com/2013-04-01/hostedzone • Header • ‘Stripe-Version:

    2014-06-17’ • ‘Accept: application/vnd.heroku +json; version=3’

  26. Your version should be in your API’s URI

  27. For example: v1.api.example.com (better)
 api.example.com/v1/ (best)

  28. –Tim Berners-Lee (http://www.w3.org/Provider/Style/URI.html) “Cool URIs don't change.”

  29. /v1/resource == /v2/resource ?

  30. Different versions have different responses and resource layout

  31. Layout

  32. Resources, not functions

  33. /cakes/1 is better than /get_cake?id=1

  34. /cakes is better than /get_all_cakes

  35. POST to /cakes is better than POST to /make_cake

  36. /cakes/1/layers/1 is better than /get_cake_layer?cake_id=1&layer_id=1

  37. /cakes/1/layers/1/icing is better than /get_cake_layer_icing?cake_id=1&layer_id=1

  38. REST

  39. REST is best

  40. REST maps state transforms to HTTP methods

  41. REST in 2014 • GET fetches (RFC 7231) • POST

    is resource specific (RFC 7231) • PUT replaces or creates (RFC 7231) • PATCH updates (RFC 5789) • DELETE removes (RFC 7231)

  42. Do what makes sense, be pragmatic!

  43. But just in case, document it anyway

  44. Documentation

  45. Document side-effects

  46. Don’t be afraid to copy good documentation styles

  47. Stripe: Good!

  48. Mailgun: Good!

  49. Mailgun: Good!

  50. Linode… not so good

  51. Validation

  52. Validation is great

  53. On output, as well!

  54. Django REST Framework: Use typed fields

  55. JSON Schema is framework-agnostic

  56. Speed

  57. 100 Continue can save time & bandwidth

  58. …but you can’t use it with WSGI

  59. Stateless workers for better scaling

  60. My Research

  61. Haddock https://github.com/hawkowl/haddock

  62. Saratoga https://github.com/hawkowl/saratoga

  63. Tool Improvements

  64. Better tools mean better result for the same effort

  65. Versioning

  66. Validation

  67. Documentation

  68. Other things I couldn’t fit inside 20 minutes…

  69. Testing

  70. RPC over REST

  71. Authentication Methods

  72. …but do fit on a website

  73. HawkOwl’s Technicals technicals.atleastfornow.net

  74. Questions! Twitter: @hawkieowl