I am looking for a good resource which will show me the right way for building a restful API. Interesting topics: Authentication in particular and security in general, performance, scalability, best practices and other useful things.
I am going to build it in PHP (Slim or Silex) and before I begin I would like to think about the whole design so I can go the right way from the beginning.
There are a lot of info and posts all around the web but all of them adopt different practices and approaches.
Is there something which seems like a "standard" in the restful world?
Is there something which seems like a "standard" in the restful world?
Not beyond the level of using HTTP. There's a bunch of media types for encoding of API data (see hypermedia below), a lot of different best practices and a good amount of RFC's that covers various aspects of working with HTTP (like for instance authorization using OAuth2).
Here's a compilation of resources worth reading ... I think you will get the most out of reading through one or two of the books.
Authorative resources
Books
Authentication
Error handling
Hypermedia
URL structures
Partial updates
Some consideration about PHP for building rest APIs
PHP is a widely used technology since many years.
But during this long period it has shown some relevant problems: it became a monstrous technology and its usage has shown some security vulnerability like SQL injection, lack of a centralized packaging registry, inconsistent API and subpar performance. For building REST apis there are more modern technologies, like Ruby on Rails and Django, or Node.js, which is easily approachable.
Using PHP for building Rest APIS
You can of course build your apis in php also if better technologies have born in last years. Many companies still uses it in production environments. You can choose two different approach to build your infrastructure:
The second approach lets you save time and focus more on your business logic, by delegating some common operations to trusted third party written code.
For example you can check these libraries that are commonly used in PHP applications to get the job done faster:
https://github.com/PHPAuth/PHPAuth help you with authentication process (check also https://github.com/firebase/php-jwt for stateless authentication).
https://github.com/mongodb/mongo-php-driver (mongodb) or https://github.com/cagartner/sql-anywhere-client (SQL) You will need to interface with a database and this links are examples of some clients libraries that helps you with the job
Using something like node.js
Node.js is a modern technologies built to allow people do what you are going to do. It's fast, scalable (php is less), easy to use and has a very frenetic community that write code and share open source.
For example, using http://expressjs.com/ you can manage the whole routing of your application in minutes. You write your application in javascript so you will have to worry about physiological javascript's problems (closures, async calls etc.), but after have solved this quite tricky part, with node.js you will build a more efficient rest APIs, and your server will need less CPU and power to accepting and answering requests.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With