restfulness | Because REST APIs are all about resources | REST library
kandi X-RAY | restfulness Summary
kandi X-RAY | restfulness Summary
Restfulness is a simple Ruby library for creating REST APIs. Each endpoint defined in the routing configuration refers to a resource class containing HTTP actions and callbacks. When an HTTP request is received, the callbacks are checked, and the appropriate action is called to provide a response.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
- Run the request .
- Logs information about the request
- Check that the callbacks are defined .
- Sets the payload .
- The params hash .
- Get the body of the body
- Determines if the given path is a valid path
- Update the content of the response headers .
- Parse a route
- Build the Rack application .
restfulness Key Features
restfulness Examples and Code Snippets
Community Discussions
Trending Discussions on restfulness
QUESTION
A microservice I develop exposes a single endpoint, PUT /deployments/{uuid} . The endpoint is used to initiate a potentially expensive deployment operation, so we only ever want it to happen once, which is why we chose PUT + UUID over POST (for uniqueness). The deployment is immutable, so it can never be updated, so we currently raise an exception if the PUT is called more than once with the same uuid.
As a person who loves bikeshedding and therefore cares deeply about restfulness, this grinds my gears. PUT is supposed to be idempotent, so raising an exception after making the same request multiple times is an antipattern. However, we have a requirement to not allow sequential identical requests to generate new deployments, so the usual POST is out.
While the best solution is one that works, I'd like ours to be a little more elegant, if possible. I've posited a POST with the UUID in the payload, but my team seems to think that's worse than the current solution. I'm considering just returning a 200 OK from a PUT to the same UUID rather than a 201 CREATED, but I'm not sure if that has the same problem as non-idempotent-put in not semantically conveying the information I want.
Is there a "best solution" here? Or am I doomed to be "that guy" on my team if I pursue this further (joke's on you i'm already that guy).
tl;dr What is the correct RESTful API signature for a /deployments endpoint that is immutable, and required to not allow the same request to be processed twice?
...ANSWER
Answered 2021-Feb-17 at 21:03Based on the docs here, PUT
is the best method to use. The response should be 201
when it triggers the deployment, and either 200
or 204
when nothing is changed. It shouldn't be POST
because calling a POST
endpoint twice should trigger the effect both times.
QUESTION
I'm creating an ecomerce store using react and laravel. User authentication is theough passport and jwt tokens, yet I was wondering What is the best practice to save the information of the guest users such as cart items, and... LocalStorage is an option, but what if we need to analyze the data Another option would be to use cookies and sessions, which in this case violates the restfulness...
...ANSWER
Answered 2021-Jan-09 at 22:56As you said; keeping guest shopping cart items and maybe things like favorites(if you have) in LocalStorage is good solution; that way you wont keep your backend busy, and wont lose client's data, lets say, if you want guest to be registered to finalize their purchase.
For analytics part; you can run seperate analytics logic and send it to Google Analytics(If writing your own is too much work). Check out react-ga package. You can track events like scroll positions on items page, how many times an item added to shopping cart etc.
https://www.freecodecamp.org/news/performance-and-user-tracking-in-react-with-google-analytics/
QUESTION
I have read that, session is against the concept of RESTfulness.
Do sessions really violate RESTfulness?
Session Management in microservices
Since Microservices inevitably use REST
, does the same apply here as well? If so, then why do we have Spring session? It even lists 'Spring Session allows providing session ids in headers to work with RESTful
APIs' as one of its features.
ANSWER
Answered 2020-May-19 at 00:24Apart from Scaling as an advantage of micro-services, it also provides you with the flexibility to choose polyglot architecture i.e (using the right programming language, framework, database for the right job).
If you use spring sessions(which off-course provides session replication across nodes), internally it uses Redis/gemfire/hazelcast as a replicated session store, but you will have to stick to one programming language & framework for all your services i.e Java & Spring resp.(You can off course write your own implementation in other languages to read from session store, but its re-inventing the wheels) And this will take away Benefit of Polyglot Architecture.
So typically in microservices architecture, you have a token-service(and it should be able to scale individually) implementation to generate tokens(aka sessionIds) which are used for Authentication & Authorization in each service and you should try to avoid storing the session information. It will also help to avoid "Single point of Failure".
QUESTION
I am writing a report about an application I have designed that includes, what I believe to be, a REST API on the backend.
The way the application authorises users to request resources from the database is by using session cookies. I understand there is a lot of debate about whether or not session cookies server-side violate REST, but I have not found any specific clarification that the way I am using them breaks REST rules.
I am using the node Express
framework with the express-session
package. The way the cookies are created and stored is through a middleware that saves the session data to my mongodb
instance with connect-mongodb-session
like so:
app.js
...ANSWER
Answered 2020-May-02 at 13:25it is based on the nature of the front end
if you use mobile application deployed in a public store where anyone downloads it and auto register using social ID, then your technology is not good
Usually for a enterprise mobile application, the session Data should be encrypted and sent back and forth in the request response and maintained in the mobile code
if this is simply a web page and the REST also available in the same sever where the HTML is deployed then session can be stored in DB
If the REST is separated in another computer and you invoke it from the front end server side code via internal ip/host address which is not exposed to public, then your logic is not good
front end server side code - means you can have a dedicated server which responsible for react js execution which does not contains the database access code - only AJAX service it will have which is obviously REST, there can be another server which will again receive another REST call which will talk to another computer where MySQL or Oracle is installed
means 1 web server 1 app server and 1 database server - like real world enterprise applications
if your DB is not configured in the same computer then storing session in DB is not a good idea, create a cache DB server like redis
or couchbase
in the first computer and store the session there, leave the business DB alone separated from your UI logic and needs
QUESTION
Lets say you have a typical C# .netcore webapi you are wanting to use in a microservices architecture environment. It uses entity framework connects to a SQL database, has models and DTOs.
If you want to separate the 'restfulness', the actions of actually responding to the individual GET/PUT/PATCH/POST/DELETE/ETC methods, from the data models (and into microservices) what approach would you take?
IE instead of having to create 100 microservices that each expose the same exact RESTful functionality within the APIs but each have their own specific data models and DTOs, id want to create 1 API that exposes restful GET/PUT/PATCH/POST/DELETE/ETC and separate it from static models, dtos and entitybuilder configurations. So i'd have 100 microservices concerned with passing data to the 1 REST microservice to get whatever job I need to do done in a dynamic fashion.
I am not super experienced with object oriented programming methods and I thought maybe it would be possible to have my CRUD microservice that my child microservice talks to (through an API gateway or some other method that I haven't worked out yet) pass a set of models, DTOs and entity framework entitybuilder parameters into the CRUD microservices Program.cs's Main method?
I am on the right path here?
Thank you in advance for any advise or helpful examples!!!
...ANSWER
Answered 2018-Jun-11 at 07:43You don't. What you describe is still having a single monolith and putting 100 microservices as a facade. That makes about as much sense as ordering a large pizza and a dozen small salads as dessert because you were told that having a small salad for a meal would help you lose weight. That's not how that works.
Either look into microservices and what you gain by using that architecture, or go with your single service that does it all. Both might be valid choices, just don't pretend you are doing the other one too.
QUESTION
I've read many many articles saying that sessions violate statelessness regards to REST
.
If user logins the server, server gives session cookie(ssid) to the client, and stores the session data (user data) in the server, in this case memory.
It makes sense that it violates statelessness.
But how about session store in the database?
If user logins the server, server gives session cookie(ssid
) to the client, and stores the session data in the mysql database, not in the memory.
Is this also violating statelessness?
If it is true, what is the difference between "session storing in the database" and "user request that is making query to database data?"
Both of them are extracting some data from the database when the client request is made.
It is obvious that the latter does not violate statelessness otherwise REST
architecture would have never been that so popular.
my previous question, RESTfulness violation regards to the database the answerer says "it is not violating"
Vice versa, Do sessions really violate RESTfulness? the answerer says "yes it is violating". but that answer may bound to the only server-side(memory).
So confused.
...ANSWER
Answered 2019-Apr-09 at 08:36Statelessness in REST specifically refers to the self-descriptiveness of messages.
That means each request must contain all the information necessary for the server to process the message. The request can not refer to previous requests for context. The linked document (Fielding's dissertation, the origin of REST) details quite well why that restriction is useful for distributed systems.
So in the end it does not matter whether something is in the database or in memory on the server, the client must not rely on previously established conversation state for followup requests.
Think of it this way: The client may delay its next requests for days, or the client may execute a request from some form of bookmarks, or the request may go to a different server than all previous requests. Or it may be the first request the client makes. This all should work exactly the same way.
Another important point is that "session state" is different from business-related things stored in the databases (that you seem to refer to). Of course the server may store business-related things in its database, it may even store or cache (in memory) login data or conversational state if it wants to, that's all fine. What the client and server may not do however is "enrich" a request with context from previous requests.
So the client may request to execute a query against some database, which obviously has some "state". What it may not do is to say: execute this query with additional parameters (like login) specified in some previous request I've made.
This line may blur in certain cases, for example when the server allows to create "transactions" for clients as resources. But when in doubt, always know why you need this property and what value you want to have from it in your specific architecture.
QUESTION
From my point of view, session violates RESTfulness
either when it is stored in the memory or db.
In case of session stored in the memory, it is hard to scale up the server using like load-balancing since servers don't share the session data.
Likewise in case of session stored in database, the database will be over-loaded when many servers simultaneously make queries.
My issue is related with the second case.
For a long time, I had thought that the server and database are different.
My past-assumption)
When client make request to the server with specific data, then server stores that data in the database like mysql or mongo etc.
So server don't have to care about the client's state since database has all control over them.
Server can stand alone against the client's request since server can make query to the database whenever wants to know who the client is.
So my two questions are that,
- Whenever mentioning that "RESTful server stand alone against the client's request", is that 'server' includes database?
- If yes, and if there is a User model and a Post-model associated with one-to-many relation, isn't that also violates RESTfulness?
I am sure that the second question makes no sense, since if the second question's answer is true, then RESTapi would have never been that useful.
But I cannot understand the difference between session in the database violates RESTfulness and the User-Post does not violate Restfulness.
I think that both of them are following the same procedure, client-server-database.
How can I understand this issue easily?
...ANSWER
Answered 2019-Apr-09 at 03:31Restful server is separate from the database. Restful server, if there is such a thing, is just a web server. REST is just an architecture, say a methodology, that delivers information from server to client and vice versa over HTTP.
QUESTION
In a now famous blog post, Roy Fielding the inventor of the REST architecture criticized the misuse of the term RESTful. In particular, he made a distinction between RPC and REST interfaces.
My understanding of this is that in an RPC interface all the methods of state transition (including their location and meaning) are known a priori to the client, whereas in a REST interface the client and the server only need to speak a common language (have a shared media type with a priori syntax and semantics) that describes the application state and (location and meaning of) the methods of state transition, and that the actually available methods are discovered by the client at run-time.
I can see this being a non-trivial constraint when the client-server situation is something specialized like say a smart light bulb interfacing with its bridge, but when the client-server relation is that of a web browser and a web server, isn't the above RESTfulness constraint trivially satisfied?
This assumes that the JavaScript possibly delivered by the server is taken as being part of the representation (and hence can e.g. contain hard-coded links as it pleases without breaking RESTfulness). On the other hand, one could also take the view that the combination browser+js is the actual client, and then RESTfulness impose a non-trivial constraint on the design of the JS client. But isn't this view rather construed?
...ANSWER
Answered 2017-Sep-29 at 20:12It's a non-trivial constraint on JS code. JS should be thought of as a client rather than a resource representation. It's true that it's both, but only from 2 different points of view. When the JS is wearing it's "resource representation" hat, it's inert and doesn't do anything. When it's wearing it's "REST client" hat, it no longer matters that it came as part of a resource representation.
Hard coded links aren't the only problem: JS code concatenating strings to build links using inside information is a problem too. These violations of REST affect the property of "modifiability". This might not seem like a problem when you consider that the JS code and server implementation are typically developed as part of the same project. The URIs and the client URI-building logic can easily be kept in sync, right? But what if you have multiple apps with their own JS clients that share a single server API implementation? Any change to the URIs, you break lots of clients.
JS code should be bound by the same rules as any other client: the links should come from resources provided by the server, and the semantics should come from the common understanding of the media type.
A Concrete Example
Suppose we have a resource /readinglist/ which is defined as a collection of books, and looks like this:
QUESTION
How would one use Django DestroyAPIView
and DetailAPIView
and still maintain generally accepted practices of RESTfulness?
If I understand REST correctly it should work as follow (only one example)
...ANSWER
Answered 2017-May-29 at 03:45I not sure 'RESTFULness' affect what you are asking here. It is perfectly fine to have different matching pattern as long as it make sense.
In the example given, usually we do not have /api/game/222
as a generics.ListCreateAPIView
. This is because List
return a list of all game, we do not pass a id
in. Create
is trying to create a new Game
. You do not have id
yet because it is not in database, therefore both of the matching pattern should usually be /api/game/
instead.
/api/game/222
- such pattern, we usually use for generics.RetrieveUpdateDestroyAPIView
because with a given id
in url, we can get the correct Game
object to either retrieve, update or delete it.
Regarding the Restful API, the answers in this stack overflow question explain more about 'Restfulness'.
QUESTION
I'm pretty new to web development, so bear with me. I've also simplified the code to try to get the best answer.
...ANSWER
Answered 2017-Feb-18 at 22:32Use jquery ajax
Lets say
Method 1Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install restfulness
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page