Designing & Building RESTful JSON APIs

Designing & Building RESTful JSON APIs Ahmed Omran @this_ahmed github.com/aomra015

1.What is an API and why build one? 2.How to
design & build an API 3.Misc things to consider

User Interface

Application Programming Interface

API “Outside” “Inside”

API “Outside” Server,! Device,! Software library, etc. “Inside”

API “Outside” Server “Inside” Web APIs HTTP Client

Outside Client

Multiple Clients

Programmer == Customer

Goal: happy & productive programmer

API Happiness • Shared Solution (REST) • Flexible

Shared Solution

Shared Solution Uniform

Shared Solution Uniform Consistent

Shared Solution Uniform Consistent Predictable

Representational State Transfer Shared Solution Uniform Consistent Predictable

Server Client Request Response

Resources Client API Representations Server

! Contact data in database Client ! ! API Contact
Data ! JSON over HTTP for our example…

How does client ﬁnd resource?

URL = HTTP, hostname, URI e.g. http://www.easycontacts.com/contacts

URL = HTTP, hostname, URI e.g. http://www.easycontacts.com/contacts Uniform Resource Identiﬁer

URL = HTTP, hostname, URI e.g. http://www.easycontacts.com/contacts Nouns identify resources

collection: /contacts! item: /contacts/:id Two URIs per resource

Building the API $ gem install rails-api $ rails-api new
easycontacts It’s rails without the stuff you don’t need…

Respond to • What: Uniform Resource Identiﬁer (URI) • How:
HTTP Verb to specify action

Rails.application.routes.draw do get "/contacts" end

Rails.application.routes.draw do get "/contacts" end URIs HTTP Verb

Rails.application.routes.draw do get "/contacts" get "/contacts/:id" end Read Read

Rails.application.routes.draw do get "/contacts" post "/contacts" get "/contacts/:id" end Read
Read Create

Rails.application.routes.draw do get "/contacts" post "/contacts" get "/contacts/:id" put "/contacts/:id"
end Read Read Create Update

Rails.application.routes.draw do get "/contacts" post "/contacts" get "/contacts/:id" put "/contacts/:id"
delete "/contacts/:id" end Read Read Create Update Delete

Response = Status Code + JSON

Rails.application.routes.draw do namespace :api, :defaults => {:format => :json} do
get "/contacts" post "/contacts" get "/contacts/:id" put "/contacts/:id" delete "/contacts/:id" end end

get "/contacts" post "/contacts" get "/contacts/:id" put "/contacts/:id" delete "/contacts/:id" end end /api/URI

get "/contacts", to: "contacts#index" post "/contacts", to: "contacts#create" get "/contacts/:id", to: "contacts#show" put "/contacts/:id", to: "contacts#update" delete "/contacts/:id", to: "contacts#destroy" end end

JSON Response Formatting gem “active_model_serializers” ! Implementation of JSON-API.org standard

Response = Status Code + JSON

Status Codes • 200, Ok => Successful GET • 204,
No Content => Successful DELETE or PUT • 201, Created => Successful POST • 422, Unprocessable Entity => Well formed request but there’s a semantic error. i.e. problem creating or updating a resource. • 401, Unauthorized => Authentication credentials missing or incorrect

Respond with JSON & Status Code class ContactsController < ApplicationController
def index @contacts = Contact.all render json: @contacts, status: :ok end end 200

class ContactsController < ApplicationController def show render json: @contact end
end 200

class ContactsController < ApplicationController def destroy @contact.destroy ! head :no_content
end end 204

class ContactsController < ApplicationController def update if @contact.update(contact_params) head :no_content
else render json: @contact.errors, status: :unprocessable_entity end end end 204 422

def create @contact = Contact.new(params[:contact]) ! if @contact.save render json:
@contact, status: :created else render json: @contact.errors, status: :unprocessable_entity end end 201 422

def create @contact = Contact.new(params[:contact]) ! if @contact.save render json:
@contact, status: :created else render json: @contact.errors, status: :unprocessable_entity end end Verbose errors Tell client what went wrong

Verbose Errors

Consume APIs w/ REST Clients • Front-end: ngResource, Ember Data
• Gems: ActiveResource, Rest-Client

Flexible sweep complexity in the query string

Flexible /contacts?key1=value1&key2=value2

Filtering /contacts?relationship=friend

Sorting /contacts?order=created_at:desc

Search /contacts?q=ahmed

Pagination /contacts?limit=25&offset=50 gem 'kaminari'

Side-load Associated Resources /contacts/25?include=notes

Non-resource responses • /calculate, /translate, /convert ?? • use verbs
& make it clear in API docs • or POST /calculations, /translations, /conversions

Use HTTPS. # config/environments/production.rb MyApp::Application.configure do config.force_ssl = true end

Versioning Rails.application.routes.draw do namespace :api, :defaults => {:format => :json}
do namespace :v1 do … routes … end end end

Caching Set etag and last_modiﬁed response Headers

Caching Set etag and last_modiﬁed response Headers When was the
resource Last- Modiﬁed?

Caching Set etag and last_modified response Headers Identifies a specific
version of a resource

Caching If both haven’t changed — 304 Not Modiﬁed

class ContactsController < ApplicationController def show render json: @contact if
stale?(@contact) end end

gzip compression class Application < Rails::Application config.middleware.use Rack::Deflater end

CORS Same-Origin Policy Problem gem 'rack-cors'

Authentication • Basic (username & password) • Token (Api Key)
• OAuth (like Valet key)

Documentation gem ‘rspec_api_documentation’ gem 'apipie-rails'

Test your APIs … • Command line: cURL or httpie
• Browser: Postman, JSON-formatter • RSpec: Request Specs • Rails Minitest: Integration tests

Thank you! Ahmed Omran @this_ahmed https://github.com/aomra015/api-presentation

Designing & Building RESTful JSON APIs

Designing & Building RESTful JSON APIs

More Decks by Ahmed Omran

Other Decks in Programming

Featured

Transcript