I'm working on a project that require API that does not exist yet (I thought I would never be in this situation... :D) - so I have decided to build my own.
I'm using MongoDB as a database, Node.js, Express.js as backend framework,and Mongoose as ODM tool.
It's very simple API, all I need is 3 get routes:
GET example/random-item
GET example/all-items
GET example/some-items/:limit/:skip?
And one more thing that I need is a way to post new items to the API:
POST example/add-item
How can I make sure, that I will be the only one, who can access this route?
I want to be te only person that fan maintain the API, users can only GET data, they cannot POST data.
How does it work in a real word, when someome is maintaining some bigger API with more routes and more data?
Kind regards,
Bartek
Related
I'm having a hard time finding information on simple straight forward process. I keep getting forwarded things like the "google cloud engine" and such.
I am attempting to start a new project to expand my knowledge. Previously, I developed a localhost web app which included; working frontend with react, express backend (REST api) and mongo database. I understood the concepts effectively of rest calls, state management and authentications and such.
The new setup is flutter, nodeJS (express), and firebase.
Looking at quick tutorials I have a simple flutter app working with a http post for a user sign up. Makes sense.
Normally in nodeJS, I'd have a route it hits e.g. router.post('/users', function (req, res, next) ... and then I'd have a model scheme to and if everything is correct it would post.
Exploring the relationship with firebase and nodeJS I'm slightly overwhelmed on how this works. I thought it would be something simple as an authentication key (which, btw I have sorted out with firebase-admin) and then proceed on my merry way with my models and routes/services.
Are the models defined within firebase, and my node just confirms the requests and talks through the firebase API? I haven't been able to locate any simple resources for this.
Since you didn't say which product within Firebase you're using (Firebase is a suite of products, not just one thing), I'm going to assume you mean Realtime Database or Cloud Firestore. They are both schemaless NoSQL databases -- they don't impose any structure on the data you put into them. There's no model, there's no validation. That's all stuff you have to do on your own, if you want. Or not, if you want flexibility.
Why should I use graphql if I setup a react frontend and mongo db backend?
And Why should i put graphql server between mongo db and react?
Since you didn't mention what is your alternative API style I will just assume it's REST. GraphQL gives you many features a plain old REST api won't have out of the box.
This is probably the best answer listing advantages and disadvantages of both.
You already have validation(via mongoose schemas), but using GQL you can get:
excellent documentation for your API generated for you
avoid underfetching/overfetching on frontend
ability to batch FE requests easily
you can tap into a very rich ecosystem of GraphQL tooling which only gets better as time passes
easier testing-you can just execute your graphql queries on backend even without sending them over the network saving a little bit of performance overhead
I believe you should use GraphQL for any non trivial API, because it adds ton of typesafety and the price you pay as a developer is very low.
In my Angular app, I want to display a table which contains the following
a) URL
b) Social share counts divided by different social networks
Using Sails.js, I already have the api created for the URL when the results show up, I can display the URL now I'm confused how to get the appropriate social counts showing right besides
Here's the API I'm using: https://docs.sharedcount.com/
by itself, I can see the JSON it produces
But here are my questions:
Should I create a new api (model/controller) for social count data or include it in my model where I have the 'url' action defined?
If I create a new api or include the social_counts as an action in the current, what would my JSON query look like? to retrieve the URL's, I'm using default API blueprint that Sails provides, so:
http://www.example.com/url/find?where={"title":{"contains":"mark"}}
Struggling a bit in terms of the thought process, would be great to get input on this
It depends on your app. is your app will store that data or just consume it? If it need to store, of course you need the API. In purpose for modification or aggregating the data for example.
No, you can't do that. That shortcut method only works if you have the data in your database and let the Sails Waterline ORM and Blueprint API served it.
Perhaps, if you only need to consume the data from that Sharedcount API, you didn't need to use Sails as a backend, in this context. Just use Angular as a client of that API. Except if you need to modify the data first and store it in your own database, so Sails will helps with it's Waterline ORM and Blueprint API.
I am developing a Nodejs application and my database is Postgres and I am using Sequelize as my ORM because of its excellent support for migrations.
I am on the lookout for a good REST API generator based on the schema I have defined. There are two main hurdles I am facing and they are that the generators don't do a good job of creating association API routes and lack of ACL support.
On the associations front, my schema has multiple levels of association i.e. for example..
Student.hasMany(Courses);
Courses.hasMany(Subjects);
So ideally the generated REST API should be something like
/student/:student_id/course/:course_id/subject/:subjectId
I found a few projects that are doing this, but are incomplete.
https://github.com/sequelize/sequelize-restful - is good but does not have ACL support
https://www.npmjs.org/package/restizr - is in alpha stage and does not generate API routes for associations.
Is there any module that supports this?
What you were doing here is writing a webservice without a domain model. https://en.wikipedia.org/wiki/Anemic_domain_model Ofc. you have every right to do it, but I wonder if you really understood what a webservice means. https://stackoverflow.com/a/1530607/607033 It is not a database with CRUD HTTP interface normally, though nowadays it is popular doing something this way and call it REST. A response to a REST HTTP request is a viewmodel https://softwareengineering.stackexchange.com/a/425001/65755 and it contains not just data, but a lot of metadata and hyperlinks. A REST API is a special type of webservice with many constraints. https://www.ics.uci.edu/~fielding/pubs/dissertation/fielding_dissertation.pdf http://www.markus-lanthaler.com/research/hydra-a-vocabulary-for-hypermedia-driven-web-apis.pdf Your ORM is used 2 layers deeper in the data layer and it has nothing to do with the presentation layer where your REST API should be. I really wonder why people are making applications, which are doing nothing except serving data directly from the database and use the most inconvenient technology to do it. I guess there are databases nowadays with ACL and REST API support, so all you need is just using them. https://learn.microsoft.com/en-us/rest/api/sql/ Or there was something for PgSQL and Nodejs too around the time you asked this. https://github.com/QBisConsult/psql-api
I'm researching BreezeJS for a big upcoming project.
Our goal is a offline first web app.
But here is what I can't fully understand (and would take to much time to test) - Does BreezeJS allow for the backend to be a REST API (built with NodeJS and Express)?
We need this because we don't want to simply sync to a remote DB (in our case Mongo), but use a remote REST API so that we can embed some business logic. Things like workflow triggering on a POST to a particular entity.
Is this possible with BreezeJS? If not what would be a good option?
Thanks in advance
It is certainly possible, simply take the breeze-mongo server implementation and strip out the mongo specific code. This should be fairly straight forward, express and mongo are pretty well separated in the code.
That said, you would lose or have to rewrite much of the server side code that converts an OData query string into a mongo query, but if you are going pure 'REST' you probably don't want that anyway.
You would have to do something similar on the save/POST side, but this is presumably something you are already familiar with.