Home PC Games Linux Windows Database Network Programming Server Mobile  
  Home \ Linux \ Create the best introductory tutorial REST API     - SQL Server memory Misunderstanding (Database)

- Using LLVM Clang and Blocks under Linux (Programming)

- Git Installation and Configuration (Network Agent settings) (Linux)

- MySQL tmpdir parameter modification (Database)

- Install Git on CentOS (Linux)

- cat command uses the Linux redirection merge files (Linux)

- Ubuntu configuration SVN and http mode access (Server)

- Laravel 4.2 Laravel5 comprehensive upgrade Raiders (Server)

- Linux System Getting Started Learning: The Linux anacron command (Linux)

- Gentoo: existing preserved libs problem solving (Linux)

- Use the vi text editor and copy and paste Linux tips (Linux)

- Use Tmux and Vim to make IDE (Linux)

- Linux common commands: nslookup, ls md5sum, uname, history, etc. (Linux)

- RPM package creation Getting Started (Linux)

- Java string concatenation techniques (StringBuilder tips) (Programming)

- How do you prevent other users from accessing your home directory in Linux (Linux)

- Nginx log cutting and MySQL script regular backup script (Server)

- Android screen rotation processing and ProgressDialog the best AsyncTask (Programming)

- MySQL view (Database)

- The wrong in Linux: too many open files (Linux)

  Create the best introductory tutorial REST API
  Add Date : 2018-11-21      
  If you see here, you've probably heard of API and REST, and you'll think: "What are these things?." Perhaps you already know some of this knowledge, but do not know where to start. In this tutorial, I will interpret based REST and how to create an application API (including authentication and authorization).

What is an API?

API is an Application Programming Interface (Application Program Interface) acronym, it is used to describe a library feature or how to use it. Your personal collection libraries may contain features that are available "API documentation," those necessary parameters how can we call them? And so on and so forth.

Today, however, when a lot of people refer to the API documentation, they often refer to a possible will share your data applications over a network HTTP API, for example, Twitter provides an API that allows users to request tweets in a particular format in order to facilitate the user to import own applications. This is the HTTP API's real power. It can mix and match from a plurality of application data into a hybrid application, or create an application can enhance the use of other people's experience of the application.

Put it this way, for example, we can allow us to have a view (view), create (create), edit (edit) and delete the application (delete) part. We can create one that will allow us to perform these functions in the HTTP API:

When people begin to implement their own API interface, the problem arises. There is not even a standard way to name the URL, people always refer to the API learned how it works. An API may be named as a URL / view_widgets, but may be named as another API / widgets / all.

do not worry! REST seal the deal this confusion!

What is REST it?

REST is Representational State Transfer abbreviation, it is by Roy Fielding (Roy Fielding) proposed to create HTTP API is used to describe the standard methods, he found four common behavior (see (view), Create (create), edit (edit) and delete (delete)) can be mapped directly to GET, POST, PUT and dELETE HTTP methods that have been implemented.

The HTTP 8 different methods:


In most cases, when you use your browser to see the little bit of time, in fact, only use the HTTP GET method. GET method is when you request the resources to the Internet will be used. When you submit a form, you will often use the POST method of data transmission back and forth to the site. As for the other in several ways, some browsers may simply not go fully implement them. However, if it is for us to use it, no problem. The problem is that we have a lot to choose to help describe the behavior of the four HTTP methods, we will use those who already know how to use these different methods of HTTP client library.

REST examples

Let's look at a few make API Representational State Transfer of examples to explain our said before that several components:

If we want to see all the parts, URL will look something like this:

GET http://example.com/widgets
Using the POST method to request a new data elements:

POST http://example.com/widgets
name = Foobar
Use the GET method to view a simple component, we get the id from the specified components:

GET http://example.com/widgets/123
PUT method to send new data to update the components:

PUT http://example.com/widgets/123
name = New name
color = blue
Use DELETE method to delete parts:

DELETE http://example.com/widgets/123

Anatomy REST URL

Several previous examples you may have noted, REST URL using a set of consistent naming methods. When you interact with the API, you almost always operate some objects. In our case, we are talking about is a member. In REST, we call Resource. The first part of the URL is often the plural form of resources:

/ Widgets
When we refer to the collection of resources (list all: Lists all and add one: a new), which will be frequently used. When you use some special resource, you'll add a URL to the id, the URL you want to "view", "edit" and "delete" when special resources will be used.

Nested Resources

If we say that we have a lot of member users, but also the structure of the URL will be like?

List all users

GET / widgets / 123 / users
Add a user

POST / widgets / 123 / users
name = Andrew
Nested resource in the URL is completely compatible, but more than two nesting is not a good way to go. In fact, this does not need to, because you can refer to in the form of ID to those nested resources, better than nested in the parent class. E.g:

/ Widgets / 123 / users / 456 / sports / 789
This can be replaced by:

/ Users / 456 / sports / 789
You can even replace this:

/ Sports / 789
HTTP status codes

Another important part of REST is good for a given type of request to respond to the correct code. If you are familiar with HTTP status codes, the following is a simple summary. When you request HTTP, the server responds with a status code to determine whether your request is successful, then the client how to proceed. There are four different levels of status code:

2xx = Success (success)
3xx = Redirect (redirect)
4xx = User error (client error)
5xx = Server error (server side error)
The following are some of the most important status codes:


Successful request status code:

200 - OK (default)
201 - Created (created)
202 - Accepted (Accepted: phrasebook delete request)

Client Error status code:

400-- request error (syntax error or the server can not understand this request)
401 - Unauthorized (login required)
404 - (can not find the file or script requested)
405 - This method is not allowed (error HTTP methods)
409-- conflict (IE try to PUT request to create the same resource)

API response format

When you request HTTP, you can request the format you want to receive. For example, request a Web page you want to request an HTML format, or if you want to download a picture, return the format should be the format of the picture. However, in response to the request format is the responsibility of the server.

Today, JSON REST API has quickly become the format of choice, it has a lightweight, high readability and syntax, so it is very easy to operate. So, when a user of our API issued in the format they want and specify when requesting JSON.

GET / widgets
Accept: application / json
Our API in JSON format will return a number of components:

id: 123,
name: 'Simple Widget'
id: 456,
name: 'My other widget'
If the user requests a format we do not implement the method, the how should we do it? You could throw some type of error. But I suggest you JSON format as your standard response format, as this is the format developers want. No reason to support other formats, unless you already have a supported API.

Create a REST API

In fact, to create a REST API is beyond the scope of this tutorial, because it is a specific language. But I will Ruby (one for quick and easy object-oriented programming and scripting languages invasive) given by way of a simple example, it uses a library called Sinatra (do not know how you can own Baidu).

require'sinatra '
require'JSON '
require'widget '# our imaginary widget model
#list all
get '/ widgets'do
# View one
get '/ widgets /: id'do
widget = Widget.find (params [: id])
# Create
post '/ widgets'do
widget = Widget.new (params [ 'widget'])
# Update
put '/ widgets /: id'do
widget = Widget.find (params [: id])
widget.update (params [: widget])
delete '/ widgets /: id'do
widget = Widget.find (params [: id])

API certification authority

In a typical web application, an authentication operation is often to receive a user name and password, and then save the user ID in the session. The user's browser will save the session ID in the cookie. When a user needs to access the authentication and authorization of the pages on the site, the browser will send the cookie, the application will look seesion session ID (if it does not fail, then), since the user ID stored in the seesion, the user can browse the pages.

With this API, you can use the saved user session seesion record, but after all, not the best approach. Sometimes, users want direct access to the API, the user would like to own or authorize other applications to access the API.

The workaround is to use the secret key in the certification basis. Enter the user name and password to log in, the application to a special secret key back to the user for subsequent needs. The secret key can access the application, so that if the user wants to select reject further applications access the secret key can be withdrawn.

In fact, the Internet has to do above it a very popular standard mode, called OAuth (Open Authorization: is an open standard that allows users to allow third-party applications to access private resources stored on the user of a site (such as photos, videos, contact list), the conventional approach to licensing the difference is authorized OAUTH does not make third-party touch to the user's account information (such as user name and password), that a third party without the user's user name and password you can apply for the authorized user resource, so OAUTH is safe.), in particular, the second edition of the standard OAuth. There are many online resources OAuth achieve very good, so I said it was beyond the scope of this tutorial. If you are using Ruby, here are a few to help you solve most of the work of a good library, such as OmniAuth.
- Ubuntu 14.10 splash screen brightness settings (Linux)
- How open source code libraries hosted on Github (Linux)
- Oracle SDE and maintain common commands - Display space (Database)
- Python interview must look at 15 questions (Programming)
- VMware Workstation virtual machine Ubuntu achieve shared with the host (Linux)
- xCAT Installation Kit (Linux)
- Ubuntu 12.04 64bit Install Source Insight 3.5 and create desktop icons (Linux)
- Analysis: Little Notebook facing a major security threat secure online (Linux)
- To install MySQL on Linux (Database)
- CentOS 6.6 shortcut command execution (Linux)
- MongoDB query timeout exception SocketTimeoutException (Database)
- Security basics: simple analytical framework for Linux system firewall (Linux)
- Linux delete duplicate files Artifact: dupeGuru (Linux)
- OpenSSL: implementation creates a private CA, certificate signing request Explanation (Server)
- Ubuntu 14.04 solved using MyEclipse 10.7 flash back (Linux)
- AngularJS application unit testing started (Programming)
- Ubuntu configuration SVN and http mode access (Server)
- redis main building and disaster recovery from a cluster deployment (Database)
- How to understand the difference between synchronous and asynchronous non-blocking blocking (Programming)
- Mhddfs: multiple smaller partitions into one large virtual storage (Linux)
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.