Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Creating a RESTful API for mobile applications
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Paul McMahon
March 25, 2013
Technology
310
6
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Creating a RESTful API for mobile applications
Presented at
http://www.tokyorubyistmeetup.org/events/2814
Paul McMahon
March 25, 2013
More Decks by Paul McMahon
See All by Paul McMahon
Why Ember.js?
pwim
0
1.1k
JSON API
pwim
0
140
A developer's perspective on entrepreneurship
pwim
1
390
Using GitHub to get a better job
pwim
11
2.3k
Using Analytics to Improve UX
pwim
0
3.4k
Event Organizers Co-Edo edition
pwim
0
2.9k
勉強会を開催する大まかな流れ
pwim
2
10k
Creating International Communities in Japan
pwim
0
220
英語でコミットを書こう
pwim
52
28k
Other Decks in Technology
See All in Technology
[AWS Summit Japan 2026]迷っているあなたへ_小さな一歩が、やがて自分を助けてくれる
sh_fk2
2
420
週末にループ・エンジニアリングの理解を深めるためのスライド
nagatsu
0
290
飲食店もAIで。レジ締めやハンディシステムをつくってる話 / Using AI for restaurant management
vtryo
0
180
LayerX コーポレートエンジニアリング室におけるサプライチェーンセキュリティへの取り組み / Supply Chain Security at LayerX Corporate Engineering
yuyatakeyama
3
840
入門!AWS Blocks
ysuzuki
1
190
Multi-Agent並列開発を 安全に回すための技術 / Technology for Safely Multi-Agent Parallel Development
tooppoo
0
180
脱SaaS!FDEを支えるプロビジョニングと分離設計
knih
0
300
「ビジネスがわかるエンジニア」とは何か?
ryooob
0
320
FPC(フレキシブル)基板にZephyr実装してみた。
iotengineer22
0
170
AIネイティブな開発のサプライチェーンリスク対策 〜激動の開発現場でリスクに立ち向かう〜【ZennFes】
cscengineer
PRO
2
160
ぼっちではじめた登壇が「51名」「241件」の発信に化けた
subroh0508
1
310
徹底討論!ECS vs EKS!
daitak
3
1.7k
Featured
See All Featured
A better future with KSS
kneath
240
18k
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
330
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
16
2k
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
aleyda
2
11k
Money Talks: Using Revenue to Get Sh*t Done
nikkihalliwell
0
260
Introduction to Domain-Driven Design and Collaborative software design
baasie
1
860
Code Reviewing Like a Champion
maltzj
528
40k
Navigating Algorithm Shifts & AI Overviews - #SMXNext
aleyda
1
1.3k
BBQ
matthewcrist
89
10k
sira's awesome portfolio website redesign presentation
elsirapls
0
280
The Curious Case for Waylosing
cassininazir
1
400
Bridging the Design Gap: How Collaborative Modelling removes blockers to flow between stakeholders and teams @FastFlow conf
baasie
0
590
Transcript
Creating a RESTful API for mobile applications Paul McMahon @pwim
My Company: My Product:
REST provides a convention for client/ server communication
The core idea in REST: everything is a resource
Example: https://community-board.herokuapp.com/communities/1 or /communities/1
Four methods: GET, POST, PUT, DELETE
5 standard actions in APIs GET /communities List communities POST
/communities Create a community GET /communities/1 Get a community PUT /communities/1 Update a community DELETE /communities/1 Delete a community
Nesting Example: GET /communities/1/posts
These actions are all you need!
The resources in your API are not the same as
in your application models
Example: Archive a community
POST /communities/1/archive
Example: Unarchive a community
DELETE /communities/1/archive
Significance of pluralization: Many communities, but only one archive per
community
Format of resource is independent of representation
So the body of a request / response could be
html, json, xml, image, etc
Practically speaking, we use json
Example { “community”: { “name”: “Tokyo iOS Meetup”, “post_count”: 5,
“members”: [ { “name”: “Paul” }, { “name”: “Matt” } ], “public”: true, }
Use HTTP Status to Indicate Status of Request
Important status codes 200 OK 201 Created 401 Not Authorized
404 Not Found 406 Not Acceptable 422 Unprocessable Entity
Authentication: Use OAuth 2.0
http://openam.forgerock.org/openam-documentation/openam-doc-source/doc/admin-guide/index/chap-oauth2.html#openam-oauth2-authz-server
API Practicalities
Version your api: /api/v1/communities
Kill Switch: Force clients to upgrade
Control Endpoint Domain: i.e, don’t use community-board.herokuapp.com in production
Don’t handcraft your json
Return complete URLs
Build your API to minimize requests for mobile client
So, what about Rails?
Anatomy of an API Controller class Api::V1::CommunitiesController respond_to :json def
index @communities = Community.all respond_with @communities end end
Generating JSON user.as_json(include: { posts: { include: { comments: {
only: :body } }, only: :title } })
RABL # app/views/posts/index.rabl collection @posts attributes :id, :title, :subject child(:user)
{ attributes :full_name } node(:read) { |post| post.read_by?(@user) } [{ "post" : { "id" : 5, title: "...", subject: "...", "user" : { full_name : "..." }, "read" : true } }]
ActiveModel Serializers class PostSerializer < ActiveModel::Serializer attributes :id, :title, :body
has_many :comments end class CommentSerializer < ActiveModel::Serializer attributes :id, :text end # /posts/1 { “post” : { “id”: 1, “title”: “Sample”, “body”: “Sample Body”, “comments”: [ {“id”: 1, “text”: “comment 1”}}, {“id”: 2, “text”: “comment 2”}] }
OAuth2 with Doorkeeper class Api::V1::CommunitiesController respond_to :json doorkeeper_for :index def
index @communities = Community.all respond_with @communities end end