Slide 1

Slide 1 text

REST APIs on Rails

Slide 2

Slide 2 text

Lucas André de Alencar Full Stack Developer, Resultados Digitais @lucasandre

Slide 3

Slide 3 text

gem 'rails-api'

Slide 4

Slide 4 text

# instead of class ApplicationController < ActionController::Base end # do class ApplicationController < ActionController::API include ActionController::HttpAuthentication::Token::ControllerMethods include ActionController::MimeResponds include AbstractController::Translation # Your beautiful code goes here! end

Slide 5

Slide 5 text

No content

Slide 6

Slide 6 text

$ rails new long-trains --api ... $ rails g scaffold train type:string wagons:integer invoke active_record create db/migrate/20150907193647_create_trains.rb create app/models/train.rb invoke test_unit create test/models/train_test.rb create test/fixtures/trains.yml invoke resource_route route resources :trains create app/serializers/train_serializer.rb invoke scaffold_controller create app/controllers/trains_controller.rb invoke test_unit create test/controllers/trains_controller_test.rb

Slide 7

Slide 7 text

Versioning

Slide 8

Slide 8 text

URL Request Params HTTP Header api.longtrains.com/v1/trains api.longtrains.com/trains?version=1 Accept: application/json; version=1

Slide 9

Slide 9 text

gem 'versionist'

Slide 10

Slide 10 text

LongTrains::Application.routes.draw do api_version(:module => "V1", :path => {:value => "v1"}) do resources :trains end end URL api.longtrains.com/v1/trains

Slide 11

Slide 11 text

LongTrains::Application.routes.draw do api_version(:module => "V1", :parameter => {:name => "version", :value => "1"}) do resources :trains end end Request Params api.longtrains.com/trains?version=1

Slide 12

Slide 12 text

LongTrains::Application.routes.draw do api_version(:module => "V1", :header => {:name => "Accept", :value => "application/json; version=1"}) do resources :trains end end HTTP Header Accept: application/json; version=1

Slide 13

Slide 13 text

Structure

Slide 14

Slide 14 text

Separate API controllers by version Keep models unified between versions

Slide 15

Slide 15 text

Serializers

Slide 16

Slide 16 text

gem 'active_model_serializers'

Slide 17

Slide 17 text

class PostSerializer < ActiveModel::Serializer attributes :title, :body has_many :comments end class CommentSerializer < ActiveModel::Serializer attributes :name, :body belongs_to :post end class PostPreviewSerializer < ActiveModel::Serializer attributes :title, :preview end

Slide 18

Slide 18 text

class PostsController < ApplicationController def show @post = Post.find(params[:id]) render json: @post end def index @posts = Post.all render json: @posts, each_serializer: PostPreviewSerializer end end

Slide 19

Slide 19 text

Security

Slide 20

Slide 20 text

Pure Rails ActionController::HttpAuthentication::Basic ActionController::HttpAuthentication::Digest ActionController::HttpAuthentication::Token

Slide 21

Slide 21 text

TDD

Slide 22

Slide 22 text

Which one to use? Functional Integration a.k.a ControllerTest

Slide 23

Slide 23 text

Integration tests ARE the right CHOICE

Slide 24

Slide 24 text

Summary rails-api versioning active_model_serializers respect HTTP response codes use integration tests

Slide 25

Slide 25 text

Lucas AndrĂ© de Alencar @lucasandre [email protected] Valeu!

Slide 26

Slide 26 text

Gems github.com/rails-api/rails-api github.com/bploetz/versionist github.com/rails-api/active_model_serializers Rails API api.rubyonrails.org/classes/ActionController/HttpAuthentication/Digest.html api.rubyonrails.org/classes/ActionController/HttpAuthentication/Basic.html api.rubyonrails.org/classes/ActionController/HttpAuthentication/Token.html Railscasts railscasts.com/episodes/350-rest-api-versioning railscasts.com/episodes/352-securing-an-api Links

Slide 27

Slide 27 text

Links Posts www.gotealeaf.com/blog/authentication-methods-in-rails www.emilsoman.com/blog/2013/05/18/building-a-tested blog.joshsoftware.com/2014/05/08/implementing-rails-apis-like-a-professional/ stackoverflow.com/questions/3297048/403-forbidden-vs-401-unauthorized-http-responses/6937030#6937030 wyeworks.com/blog/2015/6/30/how-to-build-a-rails-5-api-only-and-ember-application/ wyeworks.com/blog/2015/6/11/how-to-build-a-rails-5-api-only-and-backbone-application