Front end applications have become increasingly powerful over the years and there’s been a shift in the approach of application architecture. As more single page frontend applications are being built, there is even more reliance on an API to power the logic of the entire application.
This talk covered the common practices, guidelines and tips to building a REST API that can be secure and easily accessible for Single Page Applications. We'd be going over using the right status codes, structure of endpoints and much more.
The presentation was made for a live talk on nomadphp.com
2. ABATI “ACEKYD” ADEWALE
Web Engineer
Community Manager &
Developer Advocate @
Ingressive
Open source Enthusiast
YouTuber
Gamer & Basketballer
WHO AM I?
@acekyd @ace_kyd
3. BUILDING REST APIS THAT DON’T SUCK FOR MODERN DAY SPAS
WHAT WE WOULD BE TALKING ABOUT
What are Single Page Applications
How do REST APIs come in
Common Practices for REST API structures.
API Accessibility tips
Documentation tips
Error handling and status codes tips
Differences in building private APIs from experience.
4. WHAT ARE SINGLE PAGE APPLICATIONS?
A single page application also known as SPA is a web
application or website that interacts with the user by
dynamically rewriting the current page rather than
loading entire new pages from a server.
It does not require page reloading during use by relying on the features
and capabilities of modern web browsers.
5. WHAT ARE SINGLE PAGE APPLICATIONS?
SINGLE PAGE APPLICATIONS ARE AS A RESULT OF
Modern browsers
JavaScript becoming increasingly powerful
HTML5 capabilities
Heightened focus on user interfaces and experience
6. COMMON FRAMEWORKS FOR BUILDING SINGLE PAGE APPLICATIONS
COMMON FRAMEWORKS FOR BUILDING SINGLE PAGE APPS
…and many more…
7. HOW DO REST APIS
COME IN?
A RESTful API is a standard pattern for APIs
that use HTTP requests to GET, PUT, POST
and DELETE data.
8. HOW DO REST APIS COME IN?
Source:https://msdn.microsoft.com/en-us/magazine/dn463786.aspx
9. API ACCESSIBILITY TIPS
BUILDING AN ACCESSIBLE API
Users should be able to get up and running with a basic
implementation of your API in about 15 minutes
Think in resources for endpoints.
Think nouns not verbs. Leave verbs to request methods.
Same endpoint structure (plural endpoints) - Be consistent
Avoid breaking changes to existing endpoints.
Performance and speed are important.
13. DOCUMENTATION BEST PRACTICES
First entry point for users
Include a tutorial or summary of what can be done with
the API
Include example requests and responses
Use generators or tools to create nice documentation.
Provide information on each endpoint.
DOCUMENTATION BEST PRACTICES
14. DOCUMENTATION BEST PRACTICES
INCLUDE SUMMARY FOR API
The Twilio REST API quickly highlights all the things you
can do with their API. Giving you an idea of the features
available to you at a glance.
18. COMMON TOOLS FOR MAKING API DOCUMENTATION
DOCUMENTATION BEST PRACTICES
APIDOCjs.com
19. COMMON TOOLS FOR MAKING API DOCUMENTATION
DOCUMENTATION BEST PRACTICES
swagger.io
20. COMMON TOOLS FOR MAKING API DOCUMENTATION
DOCUMENTATION BEST PRACTICES
https://spectrum.chat/slate
21. HANDLING ERRORS, RESPONSES & STATUS CODES
HANDLING ERRORS, RESPONSES & STATUS CODES
Validation - Validate everything
Be consistent with your response format.
Use common status codes with responses
2xx (Success category) - 200 Ok, 201 Created, 204 No content
3xx (Redirection category) - 304 Not Modified
4xx (Client Error category) - 400 Bad Request, 401 Unauthorized, 403
Forbidden, 404 Not Found
5xx (Server Error category) - 500 Internal Server Error, 503 Service
Unavailable.
22. PRIVATE API
BUILDING A PRIVATE API
Look at UI designs before implementing API
Recommended to have an understanding of how the
frontend app works to better know how to present data
Start with authentication before going deep into the API
features when necessary.
Maintain good documentation.