Designing & Building RESTful JSON APIs

Designing & Building
RESTful JSON APIs
Ahmed Omran
@this_ahmed
github.com/aomra015

View Slide

1.What is an API and why build one?
2.How to design & build an API
3.Misc things to consider

View Slide

User Interface

View Slide

Application Programming Interface

View Slide

API
“Outside” “Inside”

View Slide

API
“Outside”
Server,!
Device,!
Software
library, etc.
“Inside”

View Slide

API
“Outside”
Server
“Inside”
Web APIs
HTTP
Client

View Slide

Outside
Client

View Slide

Multiple Clients

View Slide

Programmer == Customer

View Slide

Goal: happy & productive
programmer

View Slide

API Happiness
• Shared Solution (REST)
• Flexible

View Slide

Shared Solution

View Slide

Shared Solution Uniform

View Slide

Shared Solution Uniform Consistent

View Slide

Predictable

View Slide

Representational State Transfer
Predictable

View Slide

Server
Client
Request
Response

View Slide

Resources
Client
API
Representations
Server

View Slide

!
Contact data
in database
Client
!
!
API
Contact Data !
JSON over HTTP
for our example…

View Slide

How does client ﬁnd resource?

View Slide

URL = HTTP, hostname, URI
e.g. http://www.easycontacts.com/contacts

View Slide

Uniform
Resource
Identiﬁer

View Slide

Nouns
identify
resources

View Slide

collection: /contacts!
item: /contacts/:id
Two URIs per resource

View Slide

Building the API
$ gem install rails-api
$ rails-api new easycontacts
It’s rails without the stuff you don’t need…

View Slide

Respond to
• What: Uniform Resource Identiﬁer (URI)
• How: HTTP Verb to specify action

View Slide

Rails.application.routes.draw do
get "/contacts"
end

View Slide

get "/contacts"
end
URIs
HTTP
Verb

View Slide

get "/contacts"
get "/contacts/:id"
end
Read
Read

View Slide

get "/contacts"
post "/contacts"
get "/contacts/:id"
end
Read
Read
Create

View Slide

get "/contacts"
post "/contacts"
get "/contacts/:id"
put "/contacts/:id"
end
Read
Read
Create
Update

View Slide

get "/contacts"
post "/contacts"
get "/contacts/:id"
put "/contacts/:id"
delete "/contacts/:id"
end
Read
Read
Create
Update
Delete

View Slide

Response =
Status Code + JSON

View Slide

JSON

View Slide

namespace :api, :defaults => {:format => :json} do
get "/contacts"
post "/contacts"
get "/contacts/:id"
put "/contacts/:id"
end
end

View Slide

get "/contacts"
post "/contacts"
get "/contacts/:id"
put "/contacts/:id"
end
end
/api/URI

View Slide

get "/contacts", to: "contacts#index"
post "/contacts", to: "contacts#create"
get "/contacts/:id", to: "contacts#show"
put "/contacts/:id", to: "contacts#update"
delete "/contacts/:id", to: "contacts#destroy"
end
end

View Slide

JSON Response Formatting
gem “active_model_serializers”
!
Implementation of JSON-API.org standard

View Slide

Response =
Status Code + JSON

View Slide

Status Codes
• 200, Ok => Successful GET
• 204, No Content => Successful DELETE or PUT
• 201, Created => Successful POST
• 422, Unprocessable Entity => Well formed request but there’s a
semantic error. i.e. problem creating or updating a resource.
• 401, Unauthorized => Authentication credentials missing or
incorrect

View Slide

Respond with JSON & Status Code
class ContactsController < ApplicationController
def index
@contacts = Contact.all
render json: @contacts, status: :ok
end
end
200

View Slide

def show
render json: @contact
end
end
200

View Slide

def destroy
@contact.destroy
!
head :no_content
end
end
204

View Slide

def update
if @contact.update(contact_params)
head :no_content
else
render json: @contact.errors, status: :unprocessable_entity
end
end
end
204
422

View Slide

def create
@contact = Contact.new(params[:contact])
!
if @contact.save
render json: @contact, status: :created
else
end
end
201
422

View Slide

def create
@contact = Contact.new(params[:contact])
!
if @contact.save
render json: @contact, status: :created
else
end
end
Verbose errors
Tell
client
what
went wrong

View Slide

Verbose Errors

View Slide

Consume APIs w/ REST Clients
• Front-end: ngResource, Ember Data
• Gems: ActiveResource, Rest-Client

View Slide

Flexible
sweep complexity in the query string

View Slide

Flexible
/contacts?key1=value1&key2=value2

View Slide

Filtering
/contacts?relationship=friend

View Slide

Sorting
/contacts?order=created_at:desc

View Slide

Search
/contacts?q=ahmed

View Slide

Pagination
/contacts?limit=25&offset=50
gem 'kaminari'

View Slide

Side-load Associated
Resources
/contacts/25?include=notes

View Slide

Misc.

View Slide

Non-resource responses
• /calculate, /translate, /convert ??
• use verbs & make it clear in API docs
• or POST /calculations, /translations, /conversions

View Slide

Use HTTPS.
# config/environments/production.rb
MyApp::Application.configure do
config.force_ssl = true
end

View Slide

Versioning
namespace :v1 do
… routes …
end
end
end

View Slide

Caching
Set etag and last_modiﬁed response Headers

View Slide

Caching
When
was the
resource
Last-
Modiﬁed?

View Slide

Caching
Identiﬁes
a speciﬁc
version of a
resource

View Slide

Caching
If both haven’t changed — 304 Not Modiﬁed

View Slide

def show
render json: @contact if stale?(@contact)
end
end

View Slide

gzip compression
class Application < Rails::Application
config.middleware.use Rack::Deflater
end

View Slide

CORS
Same-Origin Policy Problem
gem 'rack-cors'

View Slide

Authentication
• Basic (username & password)
• Token (Api Key)
• OAuth (like Valet key)

View Slide

Documentation
gem ‘rspec_api_documentation’
gem 'apipie-rails'

View Slide

Test your APIs …
• Command line: cURL or httpie
• Browser: Postman, JSON-formatter
• RSpec: Request Specs
• Rails Minitest: Integration tests

View Slide

Thank you!
Ahmed Omran
@this_ahmed
https://github.com/aomra015/api-presentation

View Slide

Designing & Building RESTful JSON APIs

Designing & Building RESTful JSON APIs

Ahmed Omran

More Decks by Ahmed Omran

Other Decks in Programming

Featured

Transcript