Unit 6. Building an API

In unit 5, you added some new features to allow users to log in to your application securely. This addition allows you to start distinguishing content that you’d like to show only to logged-in users, not the general public. After all, you probably want users to be able to delete only their own content, not that of others. These improvements increase the possibilities of browser interaction by your users. Internet browsers, however, are only one of many types of clients that may want to interact with your data.

In this lesson, I discuss how to make better use of your application programming interfaces (APIs). An API is the method through which clients can interact with your application data. Currently, that interaction is through rendered HTML pages, available to only web clients, though you may want to modify your controller actions to respond to different types of requests with various formats of the same data. You can use other data formats through XML or JSON. You may want to access the course listings from within a user’s edit page without switching views, for example. Maybe you have unsaved content in the edit form, and you’d like to look quickly at the list of courses without having to update your user data.

In the first lesson, you set up a basic API with RESTful routes to respond with course listings in JSON format. Then you use client-side JavaScript to display the data on the screen. At the end of the unit, you’ll apply some security barriers to your API to prevent unwanted requests from getting access to your database.

This unit covers the following topics:

  • Lesson 26 introduces you to the way APIs are used in the tech industry and ways of responding with different data formats. In this lesson, you organize your routes for a more maintainable API and use query params to determine the type of data with which you respond.
  • Lesson 27 shows how to use AJAX through the client-side JavaScript to load data in a view without refreshing the page. In this lesson, you create a new route and handle incoming requests to a /api namespace.
  • Lesson 28 guides you through basic approaches you can take to secure your API when there’s no way to sign in users visually.

Lesson 29 wraps up the unit by providing the steps you need to make AJAX requests to load Confetti Cuisine course data from the user’s profile page. Then you can enroll a user without leaving the profile page.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.19.30.232