Merken

What it's really like building RESTful APIs with Django

Zitierlink des Filmsegments
Embed Code

Automatisierte Medienanalyse

Beta
Erkannte Entitäten
Sprachtranskript
however everyone the aim of this great
opportunity for me to be here this is my 1st year of life in that of the spoken at and said thank you for taking the time to come and see me and a 10 year old
out my experience is about building a RESTful API is with Django and I promise you won't just be ranting about wrestling PIC will be hopefully some cultures to do it and arrest framework that you might not realize that could probably help you as well and before I dive in
and it's a little bit about myself my name is Paul I look great like this analogy and modeling software for a few years like 21 complete code list which I'll tell you a little bit about in a 2nd I can't but they have a fanatic comes to web API development and there's a lot of people who develop really good API is is a lot of people who developed really bad the eyes and try to push towards more the really good API side by educating goods API practices and what it really means to develop an HTTP RESTful service and a couple years ago I saw some examples of mine that were pretty bad it was they who they were and but we use every day you probably tweeting about it right now and is like an and I thought hey I got to do this weekend all through together and demonstrating good wrestle practices and I found this online and to do this way than it was the Pokémon
1 dataset I made a apparent 1 API and I wanted to demonstrate good wrestle practices turns out a lot developers really liked data and it's got quite popular they go into gradient deductive guarantees the used for a lot of like what's been teaching p-values RESTful API
is is just about to take over 30 million if your request and that was that was quite interesting and then and then more recently I developed styles API and this was the
fun because I like star and the stores the was coming out and i'm not dating as this and characters have been there and you can check this out online that open source they're intended to be an hopefully get examples of how to develop the rest weight RESTful services we have all these these relations and so they say that all serious now and I I work for a
company called list to be you don't know were London-based company we aggregate's or the clothes on the web so every single piece of clothing you can find on the web is on a platform and we use a lot of a data science magic to find relations between these products such as their uh their brand occurrence of like this and we let you put small for website and we don't just have a website we also have a
mobile application and then this mobile application needs to provide the same type of experience as the web does
this is a very common use case for mobile applications and it has a mobile API and when I started working at
list my 1st as task was to look at the existing API see what was bad about it and see how we can improve it because we want to start moving towards markers service architecture and the existing API and translating that into a more modern ready I have seemed like a very good way to test the waters with some frameworks that could develop these RESTful API services and I
wanna share with you will build a of light and and to point out some of the problems discovered and has 2 and the reasons why we changed it and so this is a call request and for getting information about their products and we're using
post to this end and to this end point is is an RPC study the our API and immediately you probably know is something I know straight away as well as this is we just we just want to read some data here but we using this this post method why we doing that well the world the sending data to the end point you can't really do that you can send all the data in a GET request that you shouldn't really and and this this was clearly and say from http standards because we we we want information that we don't want change in the state on the server so why are we saying why we using an unsafe method for and another thing I've noticed as well was that there was very and little difference between various endpoints and this is how you get a product initially how you register a user very different use cases it's pretty much the same right there's almost no difference between the 2 and in fact all you really all we're doing is changing the face body that was to it and then again and it's never never problem which was this year and this is the exact same your every single 1 has the exact same neuro and for those of you who are familiar with http this is bad because you can't really catch it is not really addressing and a different point and we also found whenever we tried to add to block these M points or we would see in our city was there's been error this standpoint that those that we can really see exactly what it was about diving and and and investing in so we can say Conclusion based off of this uh that obviously
is not really good for HTTP and by the recommends is my presentation that you don't use RPC for up at http there's many of our protocols that will work with RPC nicely such as WebSockets but if using HTTP I think you should be aware of the standards of HTTP and just avoid using ontologies what use instead what we decided that we rebuild are and the this noble API using gender rest framework how many of you here views tenderest framework why all right so many this OK and for those of you in the audience you are allowed and arrest framework and the a few people like to us is as well and why should we use gender reference as well everyone knows
that Django is often called a batteries included where framework it gives you lots of stuff for free some people argue that it's too bloated and that you'd rather have more granular control of is that we can argue that Django is so helpful and in the way that gives you use authentication handles you HTTP requests it doesn't your database interaction for you and I like to like enjoying arresting like in the exact same way it's the batteries included API
framework it gives you everything you need to develop good RESTful API services as but 1 thing is already do is it doesn't really and encourage you to think about what rest full-service is our and they regard as of that date these 2 go hand in hand written nicely fact I know people who install Janga rest framework and then even build a services they wanna use various components in the DAG arrest framework library to do various the flight by swapping outperforms the serializes and things like it
certainly what we learned that so I want share you the things that we learned and you may disagree that's called the 1 of the European on these things and you may agree you may learn some new hopefully yourself I think the 1st thing we realized that we we really realized about this was that it was a really good opportunity rebuilding the service for us to rethink and read old and change how we talked about of all services and this is a five-year-old company where we're at London's starts up and we've been developing very fast and among the Johnny we collected a lot of technical debt what we originally had in the original idea was was in fact had a complete from name isn't what is now and the technical debt reflects that in our internal data structure and and that was always reflected directly and in our old RPC API like you could see and the internal workings of how this worked through the API for the massacre was used we didn't want do that we wanted to try and rebuild the service based on what we know now and it's abstract away from our internal service and this design is really nice API layer on top and so we took this probably right approach for engineers because and as an engineer I wanna dive into starring carried I I kind of set myself now we need to sit down and we need to think about how we designed the service think about it from a consumer and and which I took the approach of basically writing documentation for an API service that didn't exist yet how would this look as documentation complete agnostic the internal services and my mother that wants to get users it wants to foreign product it wants to keep track of stuff Howard Anderson I think there's a big temptation for engineers to dive straight in the and but the trade off spend designing 1st is is much there is so much more beneficial than having to develop an API iterated and if you put baby online and then you have to then version and versioning is a mess for anyone who does versioning and designing at 1st make sure you're you're very close to the not the 1st time you push the API service out into the real world and following on from this like 1 of the things we really want to think about was what resources we had in our service 1 of these things if you're building a guy from the ground up and you'll find this in the examples this will be in the public API things and these are actually the resources or direct mappings to the models we have that's because it's a service that was developed as a character you're likely to have a bunch of models entirely on what you really wanna represent and I think this is a mistake people make is that they think resources should be just the models and I want to say that that's not true your resources should not be exactly what you haven't and they should be more or they should be less than 1 show you an example right now all of how a we had this exact problem and and how we became so we know this
is not all all this is somewhat of a model that we have internally called the cops is a shopping cart not items to the carts United being addressed in shipping address and then you can check out this and that counts up straight away and about you but I can definitely see a separation of concerns here between various different groups we've got sifting information we got bidding information we've got cart information if I expose this as a resource I would have all this junk and I don't always want to use my behind it to be that I don't always want it How can I this out and logically developed different resources Alsub resources for this thing and and gender comes in some industries for doing this which is serialised so as to
whether is making my not aggressive since realizes like a set area is something that a lot of people use without even using I went API isn't a reference they they basically works similarly to gender forms accepted and deviation of form component they do validation they take some external data the a they did they do some sterilization magic in the method to some sort of internal representation and an issue in example of taking that cults and just exposing the court actually so we have this metaclass in our can't serializer that defines a model and uh a set of actually so we wanna share that you can just have go much it's 1 thing I think is really powerful that is reached by about in the documentation is a serializer method filters has anyone use serializer methods yield the floor no OK so this is why I really like this and a basic allows you to stick a method in that serializer and do that time whenever you requesting and you can return back to data for instance the number of items I haven't talked to so we we define failed we have a method in the conventions to be get underscore in the field name and then you can return whatever you want you can compute and the total cost of all the items in culture you can compute how many items you have new colonists I would recommend doing any huge database queries just like you should reduce use database queries in a thunder repr things and but for adding those little extra actually that you might wanna using your resources that you don't want from the databases to be useful in serializes so with this we can take that 1 can't model and
we can watch respect into 3 different resources that we can then that
and you know your eyes scheme and we can address those independently and you can even take a step further and rename actually as well that serializes keep keep keep in mind the other method fails a really really powerful really useful to do we use them all the time at this
and it's a little bit about trying to restrain riches in our experiences with them how many people use riches in generous framework on a surprising I spent is less necessary routes for those of you that they also generate your your eye configuration for these models you have it's really great if I again you build your rate your service from the ground up and you have a direct mappings between models of resources is not very useful if you have a an and slightly bespoke API service and my personal opinion is to just throw them away you don't need to use regions right in Europe configurations you been doing this tango you may as well continue being explicit about what you're addressing and you have much greater control over and what they say the last 2 things on talk about specifically related to genderist framework is permissions and authentication and permissions on interesting component arrest framework that again we had some experiences with and so permissions differ from authentication by commissions basically says forever not a user is a stop user or they have permission there from the UK can access this this view as opposed to identifying user which is for authentication down of intervention in a 2nd and I think in 24 on and the the fall or or like I I had to change the default agenda when I was messing around on my that missing and I saved it
and to allow an my position and points online and I
realize that I don't know like a goal these like right and points where you can write stuff and this point organ idea especially if you're providing some sort of a service that's related to money or some that which we were saved my my advice is to set your people Commission class in your 2nd and in your settings to admin only I mean this this kind of makes sense but you'd be surprised how many people forget about the constraint frame what would just abstract this away from you and when the break specific about things and so if you're using having only how do you define the Commission's purview as the bases of this this attribute to your class this is uh check out PID and the provided topple all of permission classes and you can write your names you can save list admin user on the street and user or something like this and you can extend that on which 1 this is also how you would handle and authentication as well so if you wanna have most authentication again you just say authentication classes with the temple of this class so that emissions and do use admin only I really recommend that you'll you'll be surprised how did you how to how easy it is to the endpoints online and some have people spanning them thing your databases with junk data you wanna go so authentication and I I like making the rules for their hands up how many people use token authentication generous framework how did we use a loss to the yeah OK said
type of annotations really get especially if you wanna be use agnostic if you don't care about users you just wanna give people access to the API it's a technical way of doing things and but if you're providing an API but you need to have much more granular control over you gonna have to use all of 2 units of his plays a power applications and the Django rest frame but doesn't will come with a built-in you have already used it suggests you install something else it tells you to install this thing called gender of toolkit
and you know it's inferring restore that's a new change of I can't use this to authentication and again I I like the trade off the error of the using off to a lot of people don't like using because it's tricky to set up and if you get used to it is written tricky and gender off to get as a really good set of top on how to and how to provide those tokens you can have much greater control and if you during worried about this axis in which end points if you don't have to basically destroyed token you can just destroy a user's tokens and and keep everyone else had happened at that I want have access so do so all financial mice and wire I think the last thing here is that a rhetorical generous framework is obviously makes your request objects the user actually is the logged in user so that it does that for you get for free you get your authentication again so so have been talking about
things related directly to Tang arrest framework out when when developing roughly but this there's a lot of stuff that is really specifically related Django it I wanna come in now by the late you need to take into consideration and I think the big 1 here is that
uh we we have to be aware that HTTP is giving us so much like http is real we have is almost all of my and and it's weird we kind of like don't teach it to work for the Web today plate with like even things like e-commerce 1 really thought of when we developed http and I think this is the root of all evil when you see bad EPI services is that people basically think hey you know http doesn't give us what i want so i'm gonna like like bits and do whatever I want with it and this a standard and as everyone in this room uses the Python and things like it's even standards on false you should probably try and stick to them because it's is a good convention and that way we can all standard formats I think this enterprise http and I wanna give you a real example here said we were trying to think of a way that we kids and take take
a shopping cart in the example i gave earlier and then check out so check it out name means stop processing the items we have in this cannot take the user's money and ship it to the no my immediate thought was how RESTful can I be about this can I be a real Rastafarian basically pose and like actually like a cult status equals it processing and to that can't complain and how begins but I I felt like that was a little bit implicit even though it's it's not very restful we'll you changing match be on the comic art statement have something in the black box of your API searching for those states when the change in and checking out and I thought that's really not a good idea so what I make my own HTTP
methods and I thought you know what that's already validators and when you use patch should be patch yeah like said about pageviews again and already used very much sums of a student support roaring out where HTTP method is a really stupid idea and I'm not ready to do so and so the
solution I came up with was to do this and we have a caller results and we have this some results which we call check out we're still using post so we're performing an unsafe operation the server but it is very explicit 1 trying to do here and try a check out the Scots and it's very different from what they naturally color and in this particular case is a very dangerous thing some hunting people's money so we're I wanted to move away from the rest of the API and having an isolated area uh what FIL to doing this because I am quite strict on like what makes a good RESTful API but I think sometimes you have to be you have to accept that have to bend the rules and little that you can still stick to the HTTP standard spread eventually you have to change something until some comes up with http 3 . area in 20 years or something like that and then we can actually start to become a slightly better online and that's what
is inconsistent with HTTP services and you're probably thinking this is about identities WebSockets I probably agree with you but if you wanted to stick with an HTTP and service and you want to handle asynchronous actions as such as the checkout methods it's fantastic this thing gave me so much trouble and we we
dump all these check out into a key and these cues can take an indeterminate amount of time it take seconds it could take hours we don't wanna keep an HTTP connection open for that long waiting for a response to how we deal with this and we can use an called web puts and why don't we like to use that word will introduce the subject because it's a very vague time you have to really know what it means and what source so we we ended up using this Asynchronous callback framework with HTTP here and I couldn't find anything good for dynamic does this myself there's some stuff but it's just already being developed now assume we rolled around we had we cynical back euro
along when we post this uh which is now and we can also send a I wish token for i in a pianist confer on iris and as well and we need to get back into it to accept a response this is a really short turn-around we close the connection we ultimately the status I had to go to accept sounds like what it means that
we've accepted as responses the from with there with accepted this request sorry there's nothing wrong with that we can go ahead and we're gonna stop processing that for you and when finished process we then Eva push out push notifications to that I went actually get this lovely little pop up in happen it's like it's friendly and user experience funds of the and and you can e-mail you also if we have a collec we then actually sending data we we we pay states to it saying that check out you just wanted to go to process we well we finish still the on your being details wrong we can ship them also consider and and yes so this is a really good way of prisoners connections and handling http asynchronously and
and so I just wanna wrap up by talking that documentation earlier dimensions we're designing guys you should try and
design your your 1st draft was like stocks and the reason for this is because that's documentation which has to be a living document that you're updating and changing which again it becomes a really good basis for acceptance testing and becomes a really good basis for your monitoring services as well as a also basically means you've always got documentation for free and after that if you're not documenting your API and encourages domestic and what it is is about API you really need to make sure you document the service well even if the person's sits opposite you like a with many of the people using the service I build the Cyc directly opposite me but they're always asking how do I use it so we be writing and documentation and explicitly stating how they do everything in the 2 things we found that help the most with documentation and online for you to have is a copy and paste it will example of every n point you have selected job terminal I could do something with it I can see it like most people he could figure out what calories in their language of choice like they can translate that Objective-C your
Python or Ruby whatever and then a 2nd thing you really should consider having is there is there is a gain Start again and you'll be surprised how many internal company Dockstader even have these how like in my authentication tokens guides you have to go and find some with the knowledge in the head and the received that perspective 1 you can use the service because there and Lori say having a step-by-step guide on how to get authentication tokens and cut examples is definitely something you should have and I really really want to do that
so that things are commonly takeaways here and there's so many cool stuff summer schools available and there framework and I disagree about the whole bloated argument made just does so much feedback is what the trade off even if you're using 1 dependent they're like serializes always testing classes before you dive into the carriage please resist the urge to do that and actually think about how this is gonna work I think about it from a consumer point you imagine is an A. guards were interested how Jesus and take the opportunity here redesign services talk to people in your business like how would you want use the service and how can it benefit you and if you really need to bend the rules a little bit to what we've RESTful style that's totally cool so as you documented exceptionally well some of his breaks pressing care about what this is doing that so find my opinion and funny if you are using HTTP please try and avoid using an RPC because it does not bring to set thank you very much for
your time and money for highlights again I'm on twitter if you want run with me right guys also known wrong you we're finding there isn't much time left and and so on uh I don't really like taking questions in this kind of environment because is already conducive to knowledge sharing some of the outside so if you want to ask me questions we can have a chat about out there and other than that thank you very much
Managementinformationssystem
Videospiel
REST <Informatik>
Baum <Mathematik>
Framework <Informatik>
Computeranimation
Bit
Vervollständigung <Mathematik>
p-Wert
REST <Informatik>
Güte der Anpassung
Mailing-Liste
Ausgleichsrechnung
Code
Computeranimation
Data Mining
Metropolitan area network
Dienst <Informatik>
Benutzerbeteiligung
Informationsmodellierung
Software
Prozessfähigkeit <Qualitätsmanagement>
Softwareentwickler
Analogieschluss
Dienst <Informatik>
Gewicht <Mathematik>
Open Source
REST <Informatik>
Speicher <Informatik>
Baum <Mathematik>
Computeranimation
Metropolitan area network
App <Programm>
Web Site
Benutzerbeteiligung
Datentyp
Relativitätstheorie
Besprechung/Interview
Einfache Genauigkeit
Mailing-Liste
Systemplattform
Baum <Mathematik>
Computeranimation
Task
App <Programm>
Dienst <Informatik>
Wasserdampftafel
REST <Informatik>
Vorlesung/Konferenz
Mailing-Liste
Computerarchitektur
Framework <Informatik>
Beobachtungsstudie
Subtraktion
Punkt
Gemeinsamer Speicher
Mathematisierung
Systemaufruf
Biprodukt
Computeranimation
Metropolitan area network
Server
Information
Baum <Mathematik>
Aggregatzustand
Standardabweichung
Fehlermeldung
Ontologie <Wissensverarbeitung>
Protokoll <Datenverarbeitungssystem>
Geschlecht <Mathematik>
Datenhaltung
REST <Informatik>
Gamecontroller
Interaktives Fernsehen
Authentifikation
Kombinatorische Gruppentheorie
Framework <Informatik>
Computeranimation
Standardabweichung
Vervollständigung <Mathematik>
Gemeinsamer Speicher
REST <Informatik>
Güte der Anpassung
Gebäude <Mathematik>
Versionsverwaltung
Biprodukt
Framework <Informatik>
Computeranimation
Richtung
Mapping <Computergraphik>
Informationsmodellierung
Weg <Topologie>
Dienst <Informatik>
Rechter Winkel
Programmbibliothek
Zusammenhängender Graph
Serielle Schnittstelle
Modelltheorie
Datenstruktur
Softwareentwickler
Subtraktion
Gemeinsamer Speicher
Adressraum
Selbstrepräsentation
Datenbank
Entscheidungsmodell
Gruppenkeim
Zahlenbereich
Computeranimation
Metropolitan area network
Informationsmodellierung
Bildschirmmaske
Zusammenhängender Graph
Inklusion <Mathematik>
Trennungsaxiom
Filter <Stochastik>
Datenhaltung
Validität
Ordnungsreduktion
Quick-Sort
Datenfeld
Flächeninhalt
Menge
Geschlecht <Mathematik>
Serielle Schnittstelle
Information
Data Mining
Standardabweichung
Instantiierung
Inklusion <Mathematik>
Metropolitan area network
Uniforme Struktur
Singularität <Mathematik>
Nummerung
E-Mail
Extrempunkt
Gravitationsgesetz
Systemaufruf
Computeranimation
Informationssystem
URL
Router
Bit
Punkt
Sichtenkonzept
Ortsoperator
Routing
Bitrate
Dialekt
Framework <Informatik>
Computeranimation
Richtung
Mapping <Computergraphik>
Informationsmodellierung
Dienst <Informatik>
Authentifikation
Zusammenhängender Graph
Default
Konfigurationsraum
Baum <Mathematik>
Nebenbedingung
Einfügungsdämpfung
Punkt
Rahmenproblem
Selbst organisierendes System
Klasse <Mathematik>
Kartesische Koordinaten
Framework <Informatik>
Computeranimation
Einheit <Mathematik>
Hauptidealring
Datentyp
Kontrollstruktur
Stützpunkt <Mathematik>
Leistung <Physik>
Attributierte Grammatik
Umwandlungsenthalpie
REST <Informatik>
Datenhaltung
Systemverwaltung
Mailing-Liste
Schlussregel
Token-Ring
Quick-Sort
Dienst <Informatik>
Menge
Geschlecht <Mathematik>
Rechter Winkel
Gamecontroller
Authentifikation
Baum <Mathematik>
Güte der Anpassung
Mathematisierung
Token-Ring
Kartesische Koordinaten
Framework <Informatik>
Computeranimation
Objekt <Kategorie>
Metropolitan area network
Menge
Authentifikation
Baum <Mathematik>
Fehlermeldung
Informationssystem
Bit
Befehl <Informatik>
Prozess <Physik>
Blackbox
REST <Informatik>
Computeranimation
Dienst <Informatik>
Benutzerbeteiligung
Dateiformat
Wurzel <Mathematik>
Unternehmensarchitektur
Baum <Mathematik>
Standardabweichung
Aggregatzustand
Resultante
Nichtlinearer Operator
Gewichtete Summe
REST <Informatik>
Güte der Anpassung
t-Test
Validität
Computeranimation
Patch <Software>
Flächeninhalt
Server
Standardabweichung
Gammafunktion
Einfach zusammenhängender Raum
Benutzerbeteiligung
Dienst <Informatik>
Offene Menge
Zwei
Endogene Variable
Nichtunterscheidbarkeit
Wort <Informatik>
Quellcode
Schlüsselverwaltung
Framework <Informatik>
Computeranimation
Gefangenendilemma
Einfach zusammenhängender Raum
Prozess <Physik>
Güte der Anpassung
Endogene Variable
Computeranimation
Aggregatzustand
IRIS-T
Softwaretest
Punkt
Hausdorff-Dimension
Formale Sprache
Güte der Anpassung
Computeranimation
Teilmenge
Energiedichte
Dienst <Informatik>
Prozess <Informatik>
Basisvektor
Radikal <Mathematik>
Baum <Mathematik>
Auswahlaxiom
Rückkopplung
Parametersystem
Bit
Punkt
Klasse <Mathematik>
Schlussregel
Token-Ring
Framework <Informatik>
Computeranimation
REST <Informatik>
Dienst <Informatik>
Perspektive
Authentifikation
Kontrollstruktur
Serielle Schnittstelle
Elektronischer Programmführer
Schnitt <Graphentheorie>
Schreib-Lese-Kopf
Twitter <Softwareplattform>
Vorlesung/Konferenz
Programmierumgebung

Metadaten

Formale Metadaten

Titel What it's really like building RESTful APIs with Django
Serientitel EuroPython 2015
Teil 110
Anzahl der Teile 173
Autor Hallett, Paul
Lizenz CC-Namensnennung - keine kommerzielle Nutzung - Weitergabe unter gleichen Bedingungen 3.0 Unported:
Sie dürfen das Werk bzw. den Inhalt zu jedem legalen und nicht-kommerziellen Zweck nutzen, verändern und in unveränderter oder veränderter Form vervielfältigen, verbreiten und öffentlich zugänglich machen, sofern Sie den Namen des Autors/Rechteinhabers in der von ihm festgelegten Weise nennen und das Werk bzw. diesen Inhalt auch in veränderter Form nur unter den Bedingungen dieser Lizenz weitergeben
DOI 10.5446/20182
Herausgeber EuroPython
Erscheinungsjahr 2015
Sprache Englisch
Produktionsort Bilbao, Euskadi, Spain

Inhaltliche Metadaten

Fachgebiet Informatik
Abstract Paul Hallett - What it's really like building RESTful APIs with Django At the beginning of this year I started working at Lyst and I was tasked with helping to replace their old and outdated web API with a modern RESTful replacement. Along the way we encountered some interesting design decisions and now I’m going to share what we learned about building a real RESTful API with Django and Django REST framework. I've been talking about how to build great RESTful APIs for the past year at various Python and Django conferences in Europe. Now I'd like to take some real world experiences from creating Lyst's new web API and share what I've learned along the way.
Schlagwörter EuroPython Conference
EP 2015
EuroPython 2015

Ähnliche Filme

Loading...