REST API
Resource, Endpoint and Actions ++
A resource is a piece of data, which usually comes out of a database (but doesn't have to!). Resources are gathered together into collections. Resources are usually available at endpoints that point to either individual resources or collections of resources. Endpoints don't represent actions that you take on those resources, though. Actions are determined by the data provided to an endpoint and the HTTP method used to access the endpoint. By combining endpoints and HTTP methods, we can build complete sentences with just HTTP and REST.
HTTP headers Fields
Accept: specifies the file format the requester wants (like json) Accept-Language: specifies the human readable language, like English Cache-Control: it specifies whether the response can be generated from a cache or a quick-to-access memory bank of data or not. https://en.wikipedia.org/wiki/List_of_HTTP_header_fields#Request_fields
In an HTTP request, what header identifies the kind of data the client is requesting?
Accepts
API
Application Programming Interface A programmatic interface.
In an HTTP request, what header identifies the kind of data that's being sent back
Content-Type
DDoS Attack
Distributed Denial of Service Attack. Typically a virus installed on many computers (thousands) activate at the same time and flood a target with traffic to the point the server becomes overwhelmed. We can prevent it with Rate limiting.
HTTP Methods supported by REST
GET, POST, PUT, DELETE
REST
Representational State Transfer
endpoints
URLs - represent either a single record or a collection of records. ex: /api/v1/games -> this is a collection of games [the games is the resource name] [the v1 is the version] /api/v1/games/1234 -> this is a single game. /api/v1/games?order=desc&sort=points >>>> everything after the ? mark is treated as a set of key and value pairs. here 2 keys: order, sort and 2 values: desc and points
How should you handle changes to the functionality of an API?
Versioning
PUT
a method to update a record. We wouldn't use PUT on collection or list URLs
resource
a model in an application
Rate limiting
each user is allowed a certain amount of request in a given time period.
GET
is used for fetching either a collection of resources or a single resource
DELETE
is used to send a DELETE request to a detail record, a URL for a single record, should delete just that record. Sending DELETE to an entire collection would delete the whole collection, but that's usually not implemented.
Cache
is usually a service that runs in memory to hold recently requested results - like a newly created record or a large dataset. APIs are probably implementing some sort of caching. A cache is a service that holds onto data that you need to be able to retrieve quickly. This is very useful when your data takes awhile to retrieve or calculate. awesome article: https://medium.com/ios-os-x-development/caching-anything-in-ios-102176e46eba
With rest API there are nouns and verbs, the nouns are called and the verbs are called...
resources, methods
What do we call the part of a URL after the question mark? For example: /api/v1/games?sort=points&order=desc
the query string
POST
used to add a new resource to the collection.
Authentication
ways to verify users The most common way is API Tokens. When setting up an API a user gets a token and a secret pair. The user will pass those credentials when making a request to the server. This allows the API's server to verify the communication. It checks the pairs. Most of the time the token and secret are included as keys in the JSON or XML data that a client will send. It is also possible to include it in the authentication headers in the HTTP request.