REST Web Services API Design

后端 未结 5 1523
轻奢々
轻奢々 2021-02-01 23:13

Just wanted to get feedback on how I am planning to architect my API. Dummy methods below. Here\'s the structure:

GET http://api.domain.com/1/users/ <-- retur         


        
5条回答
  •  耶瑟儿~
    2021-02-01 23:57

    I did authentication based on headers. Something like

    X-Username:happy-hamster
    X-Password:notmyactualpassword
    

    If you're concerned about security - do it through SSL. Other implementations exist, of course. For instance, Amazon with their S3: http://docs.amazonwebservices.com/AmazonS3/2006-03-01/index.html?RESTAuthentication.html

    If you don't have ability to make PUT and DELETE requests, it's considered a good practice to tunnel them through POST. In this case the action is specified in URL. If I recall correctly, RoR does exactly this:

    POST http://example.com/foos/2.xml/delete
    

    or

    POST http://example.com/foos/3.xml/put
    
    ...
    
    
        newbar       
    
    

    It's a bit offtop, but in regards to versioning and REST overall you might want to take a look at CouchDB. Here is a good book available on-line

提交回复
热议问题