In unit 5, you added some new features to allow users to log in to your application securely. This addition allows you to start distinguishing content that you’d like to show only to logged-in users, not the general public. After all, you probably want users to be able to delete only their own content, not that of others. These improvements increase the possibilities of browser interaction by your users. Internet browsers, however, are only one of many types of clients that may want to interact with your data.
In this lesson, I discuss how to make better use of your application programming interfaces (APIs). An API is the method through which clients can interact with your application data. Currently, that interaction is through rendered HTML pages, available to only web clients, though you may want to modify your controller actions to respond to different types of requests with various formats of the same data. You can use other data formats through XML or JSON. You may want to access the course listings from within a user’s edit page without switching views, for example. Maybe you have unsaved content in the edit form, and you’d like to look quickly at the list of courses without having to update your user data.
In the first lesson, you set up a basic API with RESTful routes to respond with course listings in JSON format. Then you use client-side JavaScript to display the data on the screen. At the end of the unit, you’ll apply some security barriers to your API to prevent unwanted requests from getting access to your database.
This unit covers the following topics:
Lesson 29 wraps up the unit by providing the steps you need to make AJAX requests to load Confetti Cuisine course data from the user’s profile page. Then you can enroll a user without leaving the profile page.
3.145.107.100