REST API

From Coder Merlin
Revision as of 13:51, 20 August 2021 by Aidan-kollar (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Within these castle walls be forged Mavens of Computer Science ...
— Merlin, The Coder
If an API slept, would it be a REST API?

Intro[edit]

A REST, or RESTful API is an architectural style used for API (Application Programming Interface). In a REST API, a client sends a request to the server, and the server responds with a representation (such as a JSON file), of the current state of the resource requested by the client that is stored on the server.

What is an API[edit]

An API on websites is made of code that enables two different applications to communicate with each other. They allow developers to access something from one application, even if they may be using a separate application. In summary, APIs are a form of communication between two applications, allowing their functionality to be used somewhere else.

The RESTful Criteria[edit]

REST stands for Representational State Transfer, and is a set of constraints that an API should comply with.

These constraints are that the RESTful API must:

  • Be a client-server model and use HTTP to communicate between the two
  • Have stateless communication, meaning that information from client requests are not stored on the server
  • Have cacheable data
  • Transfer data in a standard, easy-to-use form
  • Use a hierarchical system of servers

Essential Principals[edit]

  1. Uniform Interface - A client should be able to query a resource, which will allow them to partake in further requests with the information that they receive. One way this may manifest itself is with similar structured URI, in that there is a uniform way in which they can be discovered without prior knowledge of their existence.
  2. Cacheable - It should be clear whether or not data within a response can be saved for re-use (cached), or if an equivalent request should be made in the future for similar data.
  3. Stateless - The client should be able to operate based solely on the data from a response, without needing prior context from stored data on the server. This means that storage of data is the responsibility of the client.
  4. Client-server - A REST API implements the use of a client-server architecture style to separate the interface which can take the form of different types of user interfaces from the data storage and functions on the back-end.
  5. Layered system - A layered system architecture allows for different functions of the back-end to be seperated/sandboxed so that components only have access to resources that they need

Benefits of REST[edit]

REST is preferred over other methods because it:

  • Uses less bandwidth, meaning they are typically faster than similar frameworks. Speed is especially important when dealing with internet traffic, as transferring large amounts of data over the internet takes a lot of time.
  • Can be built using popular programming languages such as JavaScript and Python.
  • Lets you feel rejuvenated and un-tired in the morning.

Types of Requests[edit]

An example of an HTTP GET request.

The HTTP protocol defines certain functions to interact with a resource. These functions are not specific to REST APIs, yet are integral in the process of creating and using a REST API. These requests are typically sent from a client to a web server or API. Four of the most common requests are outlined below.

  • GET: used to retrieve a resource from the web server or API.
  • PUT: used to update a resource from the web server or API, often a file or object.
  • POST: used to create a resource on the web server or API.
  • DELETE: used to remove a resource from the web server or API.

The most common of these requests are GET and POST. These requests have a few different parts. An example GET request is shown below.

Notice that HTTP requests contain lots of headers. Think of these headers like the metadata of the HTTP request. These headers can contain information about the client that the web server or API can use, such as cookies. HTTP requests can also have data following the headers, such as an HTML file that your web browser will load.

Going DeeperGoingDeeperIcon.png
Use a tool such as BurpSuite, Postman, or Wireshark to view network traffic and evaluate these different requests.

Possible Data Formats[edit]

An example of a JSON file.

REST APIs can use a variety of data types to fulfill their purpose, some of which include but are not limited to:

  • .json (JavaScript Object Notation)
  • .xml (Extensible Markup Language)
  • .html (Hypertext Markup Language)
  • .xlt (Same as .xml)
  • .php (Hypertext Preprocessor)
  • .py (Python)

They may also use plain text, but out of all these options .json is the most popular choice because it’s easily readable by both humans and computers, but is also language-agnostic.

Key ConceptsKeyConceptsIcon.png
  • In a REST API, a client sends a request to the server, and the server responds with a representation (such as a JSON file), of the current state of the resource requested by the client that is stored on the server.
  • REST stands for REpresentational State Transfer, and is a set of constraints that an API should comply with. These constraints are that the RESTful API must: Be a client-server model, Have stateless communication, have cacheable data, transfer data in a standard, easy-to-use form, use a hierarchical system of servers
  • REST is preferred over other methods because it: use less bandwidth, and can be built using popular programming languages such as JavaScript and Python
  • Four of the most common http requests are GET (used to retrieve a resource from the web server or API), PUT (used to update a resource from the web server or API, often a file or object), POST (used to create a resource on the web server or API), and DELETE (used to remove a resource from the web server or API).

References[edit]

By: Mark, Aidan, and Reese