RESTful Node.js: A Structured Approach
  • Book Cover
  • About the Author
  • Links and Resources
  • Part I: The Why
    • Foreword
    • Preface
    • Chapter 1: Introduction
      • The Rise of REST and Distributed Systems
      • Problem #1: Structureless Design, Structureless REST
      • The Emergence of JavaScript and Node.js
      • Problem #2: Structureless JavaScript, Structureless Node.js
      • Behold, the Solution: A Structured Approach
      • Summary
  • Part 2: The Theory
    • Chapter 2: REST Origins
      • A Brief History of the Web and the Birth of REST
      • REST vs. HTTP
      • REST - The Abstract Web Architecture
      • HTTP - A Peak at REST's Concrete Implementation
      • What does it mean for an API to be RESTful?
      • Measuring "RESTfulness" with Richardson Maturity Model
      • Pragmatic REST vs Dogmatic REST
      • Summary
    • Chapter 3: RESTful API Design Guidelines and "Best Practices"
      • Theories vs. Principles vs. Guidelines
      • URI Design
      • Method Verbs
      • Status Codes
      • Representational Design
      • Metadata Design
      • Versioning Strategies
      • Security Considerations
      • Documentation
      • Case Study: GitHub
      • Summary
    • Chapter 4: Structured JavaScript Architecture
      • The Monstrous Monolith and Its Downfall
      • Layered/N-Tier Architecture: The Unpopular Proven Way
      • Microservices and Distributed Computing: A Popular Misdirection
      • Summary
    • Chapter 5: The 8 Step Recipe
      • Route Name (URI)
      • Input Request
      • Middleware
      • Validation
      • Domain
      • Events
      • Output Response
      • Test, Refactor, Document
      • Summary
  • Part 3: The Code
    • Chapter 6: Introduction to the Bookstore API
      • The Bookstore API Endpoint Specifications
      • API Design and Code Structure
      • Project Setup
      • Summary
    • Chapter 7: Retrieving Books from our API
      • Retrieving All Books - Planning
      • Retrieving All Books - Implementation
      • Retrieving A Book By ID - Planning
      • Retrieving A Book By ID - Implementation
      • Summary
    • Chapter 8: Adding Authentication to our API
      • Registering the User - Planning
      • Registering the User - Implementation
      • Logging the User In - Planning
      • Logging the User In - Implementation
      • Getting Authenticated User - Planning
      • Getting Authenticated User - Implementation
      • Summary
    • Chapter 9: Adding the Create, Update, and Delete Operations to our API
      • Creating A Book Listing - Planning
      • Creating A Book Listing - Implementation
      • Updating A Book Listing By ID - Planning
      • Updating A Book Listing By ID - Implementation
      • Deleting A Book Listing By ID - Planning
      • Deleting A Book Listing By ID - Implementation
      • Summary
    • Chapter 10: Testing our API
      • Testing the Request
      • Testing the Middleware
      • Testing the Validation
      • Testing the Domain
      • Testing the Event
      • Testing the Response
      • Testing the Controller
      • Integration Test
      • Summary
  • Conclusion
    • Final Words
  • Bonus!
    • Refactoring to HATEOAS
  • Appendix
    • Sources & References
Powered by GitBook
On this page
  • Use JSON as the Main Format
  • Deciding on the Versioning Strategy
  • Global Response Message (Success and Errors)
  • Being Pragmatic and Breaking (some) Rules
  • HATEOAS
  • Cookies-based Authentication
  • Keeping in mind of Guidelines over Principles and Theories
  • Overall Code Structure
Edit on GitHub
  1. Part 3: The Code
  2. Chapter 6: Introduction to the Bookstore API

API Design and Code Structure

PreviousThe Bookstore API Endpoint SpecificationsNextProject Setup

Last updated 3 years ago

Use JSON as the Main Format

By this point, if you've read chapter 3 of this book, it should be obvious that we will only be supporting JSON in our API. Not only does GitHub and various other companies only support JSON, it would also create additional and unnecessary work for us if we were to support another format like XML ourselves. Hence, we will no JSON, yay!

Deciding on the Versioning Strategy

As stated previously, we will be picking the most simple API versioning strategy and we will be going with the URI prefixing method of putting api/v1 in our routes.

Global Response Message (Success and Errors)

As mentioned in chapter 3 of Representational Design, we should be following a .

Being Pragmatic and Breaking (some) Rules

HATEOAS

In chapter 2 of , we stated that we will pragmatic with our approach as opposed to dogmatic. This means that we will not be purists and adhere to all of the guidelines that make our API RESTful. This means we will NOT be creating a hypermedia-friendly REST API, but if you want to do so, you may check out the .

Cookies-based Authentication

Fielding stated in his dissertation that using cookies actually "violates REST". Again, we are trying to be pragmatic, so we will be using cookie-based authentication in our application, you may use other forms of authentication, but for the purpose of this book, we will be using cookies.

Keeping in mind of Guidelines over Principles and Theories

As a general precaution, we will be applying as much of the guidelines from chapter 3, but we will not be enforcing every single guideline. Keep in mind that:

Guidelines provide a shared language to promote consistency among multiple people in terminology usage. It is simply a set of recommendations that are there to create reliability and consistencies among a group of individuals.

-Professor Naureen Nizam at the University of Toronto

Overall Code Structure

If you recall, in JavaScript/Node.js land, structure has become a big problem in our community. However, there are a ton of pre-made boilerplate starter kits available for our needs.

You can find a list of them here in this article:

We will be using my own custom setup, but feel free to change it up to your own accord, or pull in anything else as you see fit.

A good example of this is from chapter 3, . Why? Because it would be an overkill to submit your custom vendor data type to , because even a company such as GitHub has yet to be approved of their custom vendor data type.

These "Express Boilerplates" provide a nice foundation for starting a project in the right way. The best boilerplate start that I have seen is . It provides a bunch of pre-configured out-of-the-box features already baked into the repository. Features such as a global error handler, a validation library, a good authentication and authorization starter kit, and many more.

https://github.com/hagopj13/node-express-boilerplate
Pragmatic REST vs Dogmatic REST
bonus chapter of the book
Metadata Design
https://www.iana.org/assignments/media-types/media-types.xhtml
TOP 5 Node-Express Boilerplates For Building RESTful API's In 2021DEV Community
https://dev.to/huzaifa99/top-5-node-express-boilerplates-for-building-restful-api-s-1ehl
"Using a Consistently Wrapped Response"
Logo
https://www.ics.uci.edu/~fielding/pubs/dissertation/evaluation.htm
Guideline #1: Consider Using An Application-Specific Media Type