Pro REST API Development with Node.js Fernando Doglio Pro REST API Development with Node.js Fernando Doglio La Paz, Canelones Uruguay ISBN-13 (pbk): 978-1-4842-0918-9 ISBN-13 (electronic): 978-1-4842-0917-2 DOI 10.1007/978-1-4842-0917-2 Library of Congress Control Number: 2015941272 Copyright © 2015 by Fernando Doglio This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Exempted from this legal reservation are brief excerpts in connection with reviews or scholarly analysis or material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. Duplication of this publication or parts thereof is permitted only under the provisions of the Copyright Law of the Publisher’s location, in its current version, and permission for use must always be obtained from Springer. Permissions for use may be obtained through RightsLink at the Copyright Clearance Center. Violations are liable to prosecution under the respective Copyright Law. Trademarked names, logos, and images may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, logo, or image we use the names, logos, and images only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights. While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made. The publisher makes no warranty, express or implied, with respect to the material contained herein. Managing Director: Welmoed Spahr Lead Editor: Louise Corrigan Technical Reviewer: Jose Dieguez Castro Editorial Board: Steve Anglin, Mark Beckner, Gary Cornell, Louise Corrigan, Jim DeWolf, Jonathan Gennick, Robert Hutchinson, Michelle Lowman, James Markham, Susan McDermott, Matthew Moodie, Jeffrey Pepper, Douglas Pundick, Ben Renow-Clarke, Gwenan Spearing, Matt Wade, Steve Weiss Coordinating Editor: Christine Ricketts Copy Editor: Kimberly Burton-Weisman Compositor: SPi Global Indexer: SPi Global Artist: SPi Global Distributed to the book trade worldwide by Springer Science+Business Media New York, 233 Spring Street, 6th Floor, New York, NY 10013. Phone 1-800-SPRINGER, fax (201) 348-4505, e-mail o [email protected] , or visit w ww.springeronline.com . Apress Media, LLC is a California LLC and the sole member (owner) is Springer Science + Business Media Finance Inc (SSBM Finance Inc). SSBM Finance Inc is a Delaware corporation. For information on translations, please e-mail [email protected] , or visit w ww.apress.com . Apress and friends of ED books may be purchased in bulk for academic, corporate, or promotional use. eBook versions and licenses are also available for most titles. For more information, reference our Special Bulk Sales–eBook Licensing web page at w ww.apress.com/bulk-sales . Any source code or other supplementary material referenced by the author in this text is available to readers at w ww.apress.com . For detailed information about how to locate your book’s source code, go to www.apress.com/source-code/ . Printed on acid-free paper To my loving wife, without whom this book would’ve never happened… Th ank you! Contents at a Glance About the Author .....................................................................................................xi About the Technical Reviewer ...............................................................................xiii Acknowledgments ...................................................................................................xv Introduction ...........................................................................................................xvii ■ Chapter 1: Rest 101 ...............................................................................................1 ■ Chapter 2: API Design Best Practices ..................................................................25 ■ Chapter 3: Node.js and REST ...............................................................................47 ■ Chapter 4: Architecting a REST API .....................................................................65 ■ Chapter 5: Working with Modules .......................................................................79 ■ Chapter 6: Planning Your REST API ...................................................................111 ■ Chapter 7: Developing Your REST API ................................................................123 ■ Chapter 8: Troubleshooting ...............................................................................167 Index .....................................................................................................................175 v Contents About the Author .....................................................................................................xi About the Technical Reviewer ...............................................................................xiii Acknowledgments ...................................................................................................xv Introduction ...........................................................................................................xvii ■ Chapter 1: Rest 101 ...............................................................................................1 Where Did It All Start? ......................................................................................................1 REST Constraints ..............................................................................................................3 Client-Server ..........................................................................................................................................3 Stateless .................................................................................................................................................3 Cacheable ...............................................................................................................................................4 Uniform Interface ....................................................................................................................................5 Layered System ......................................................................................................................................6 Code-on-Demand ...................................................................................................................................7 Resources, Resources, Resources ...................................................................................8 Representations ......................................................................................................................................9 Resource Identifi er ...............................................................................................................................10 Actions ..................................................................................................................................................11 Hypermedia in the Response and Main Entry Point .............................................................................12 Status Codes ..................................................................................................................16 REST vs. the Past ...........................................................................................................18 Summary ........................................................................................................................24 vii ■ CONTENTS ■ Chapter 2: API Design Best Practices ..................................................................25 What Defi nes a Good API? ..............................................................................................25 Developer Friendly .........................................................................................................25 Communication’s Protocol ....................................................................................................................26 Easy-to-Remember Access Points .......................................................................................................26 Uniform Interface ..................................................................................................................................27 Extensibility ....................................................................................................................29 How Is Extensibility Managed? .............................................................................................................30 Up-to-Date Documentation ............................................................................................32 Proper Error Handling .....................................................................................................34 Phase 1: Development of the Client ......................................................................................................34 Phase 2: The Client Is Implemented and Being Used by End Users ......................................................36 Multiple SDK/Libraries ....................................................................................................36 Security ..........................................................................................................................37 Accessing the System ..........................................................................................................................37 Scalability .......................................................................................................................42 Summary ........................................................................................................................45 ■ Chapter 3: Node.js and REST ...............................................................................47 Asynchronous Programming ..........................................................................................48 Async Advanced....................................................................................................................................51 Asynchronous I/O ...........................................................................................................54 Async I/O vs. Sync I/O ...........................................................................................................................54 Simplicity........................................................................................................................56 Dynamic Typing ....................................................................................................................................56 Object-Oriented Programming Simplifi ed .............................................................................................57 Prototypal Inheritance ..........................................................................................................................58 Functional Programming Support .........................................................................................................59 Duck Typing ..........................................................................................................................................60 Native Support for JSON .......................................................................................................................60 viii ■ CONTENTS npm: The Node Package Manager ..................................................................................61 Who’s Using Node.js? .....................................................................................................63 Summary ........................................................................................................................63 ■ Chapter 4: Architecting a REST API .....................................................................65 The Request Handler, the Pre-Process Chain, and the Routes Handler ..................................................................................................66 MVC: a.k.a. Model–View–Controller ...............................................................................69 Alternatives to MVC ..............................................................................................................................72 Response Handler ..........................................................................................................76 Summary ........................................................................................................................78 ■ Chapter 5: Working with Modules .......................................................................79 Our Alternatives ..............................................................................................................79 Request/Response Handling .................................................................................................................79 Routes Handling ...................................................................................................................................80 Middleware ...........................................................................................................................................80 Up-to-Date Documentation ...................................................................................................................81 Hypermedia on the Response ...............................................................................................................81 Response and Request validation.........................................................................................................81 The List of Modules ..............................................................................................................................82 Summary ......................................................................................................................109 ■ Chapter 6: Planning Your REST API ...................................................................111 The Problem .................................................................................................................111 The Specifi cations ..............................................................................................................................113 Choosing the Right Modules for the Job.............................................................................................120 Summary ......................................................................................................................121 ix