restful api implementation - talha469/PWPProject GitHub Wiki
📑 Chapter summary
In this section you must implement a RESTful API. The minimum requirements are summarized in the Minimum Requirements section of the Project Work Assignment. If you do not meet the minimum requirements this section WILL NOT be evaluated.- Implement a RESTful API
- Write tests for the API
✔️ Chapter evaluation (max 20 points)
You can get a maximum of 20 points after completing this section. More detailed evaluation is provided in the evaluation sheet in Lovelace.📑 Content that must be included in the section
A list of all resourcess. Each resource should include its URL, a short description and supported methods. You should mark also which is the name of the class implementing the resource (if you have implemented such resource) Consider that you do not need to implement every resource you initially planned. The minimum requirements are summarized in the Minimum requirements section from the Project work assignment.✏️ List your resources here. You can use the table below for listing resources. You can also list unimplemented resources if you think they are worth mentioning
| Resource name | Resource url | Resource description | Supported Methods | Implemented |
|---|---|---|---|---|
| Video | /video | Get a video by video Id | GET | /video/{Id} |
| /video | Update a video by video Id and request body schema | PUT | /videos/{Id} | |
| /video | Delete a video by video Id | DELETE | /videos/{Id} | |
| Videos | /videos | Posts a video | POST | /videos |
| /videos | Get all video from the system | DELETE | /videos/Delete/{id} | |
| /videos | Posts a bookmark for a video | GET | /videos | |
| User | /user | Get a user by id | GET | /user/{Id} |
| /user | Delete a user by id | DELETE | /user/{id} | |
| /user | Update user information by id | PUT | /user/{id} | |
| Users | /users | Get all users from the system | GET | /users |
| /users | Creates a new user in the system | POST | /users | |
| Bookmark | /Bookmark | Create a new entry of video bookmark in the system by user | POST | /bookmark |
| /user | Update user information by id | PUT | /user/{id} | |
| Vote | /Vote | Create a new entry of video vote in the system by user | POST | /Vote |
| Authentication | /authentication | Get JWT Token from the system if user is autheticated | POST | /authentication |
| Stats | /stats | Get system stats like total videos, total users etc | GET | /stats |
💻 TODO: SOFTWARE TO DELIVER IN THIS SECTION
The code repository must contain:- The source code for the RESTful API
- The external libraries that you have used
- We recommend to include a set of scripts to setup and run your server
- A database file or the necessary files and scripts to automatically populate your database.
- A README.md file containing:
- Dependencies (external libraries)
- How to setup the framework.
- How to populate and setup the database.
- How to setup (e.g. modifying any configuration files) and run your RESTful API.
- The URL to access your API (usually nameofapplication/api/version/)=> the path to your application.
NOTE: Your code MUST be clearly documented. For each public method/function you must provide: a short description of the method, input parameters, output parameters, exceptions (when the application can fail and how to handle such fail). In addition should be clear which is the code you have implemented yourself and which is the code that you have borrowed from other sources. Always provide a link to the original source. This includes links to the course material.
✏️ You do not need to write anything in this section, just complete the implementation.
💻 TODO: SOFTWARE TO DELIVER IN THIS SECTION
The code repository must contain:- The code to test your RESTful API (Functional test)
- The code of the test MUST be commented indicating what you are going to test in each test case.
- The test must include values that force error messages
- The external libraries that you have used
- We recommend to include a set of scripts to execute your tests.
- A database file or the necessary files and scripts to automatically populate your database.
- A README.md file containing:
- Dependencies (external libraries)
- Instructions on how to run the different tests for your application.
Remember that you MUST implement a functional testing suite. A detailed description of the input / output in the a REST client plugin.
In this section it is your responsibility that your API handles requests correctly. All of the supported methods for each resource should work. You also need to show that invalid requests are properly handled, and that the response codes are correct in each situation.
✏️ *Most important part of this section is completing the implementation. Write down here a short reflection on which are the main errors you have solved thanks to the functional tests
We have tried to cover most of the cases where data could be retrieved differently from the system for example JWT Token generation is a crucial task of the system after which any one could be able to use the API along with the returing of the correct user if the user is found in the system Beside that we have tried to cover end to end URL testings of every possible call of the system.
📑 Content that must be included in the section
Explain briefly how your API meets REST principles. Focus specially in these three principles: Addressability, Uniform interface, Statelessness. Provide examples (e.g. how does each HTTP method work in your API). Note that Connectedness will be addressed in more depth in Deadline 4.✏️ Addressability
Each endpoint is designed with addressability in mind, as they are accessed through unique URIs. For example:
POST /UserController/Login for user login,
POST /UserController/PostUser for creating a new user,
GET /UserController/GetAdmin for retrieving user data for admins,
GET /UserController/GetUser/{id} for retrieving user data by ID
Uniform Interface
API includes the use of standard HTTP methods (GET, POST, PUT, DELETE) and following conventions like meaningful URIs
Statelessness
API's each request from a client to the server must contain all the information necessary to understand and fulfill that request. We are using JWT tokens for authentication, which implies that some state is maintained on the client-side (the token). It's a common practice, but strictly speaking, it introduces some level of statefulness. However, JWT tokens are self-contained and stateless from the server's perspective, which aligns with REST principles to a certain extent.
📑 Details on extra features
This section lists the additional features that will be graded as part of the API but are not required. In addition to implementing the feature you are also asked to write a short description for each.📑 Fill this section if you used URL converters
Write a short rationale of how URL converters are used, including your thoughts on the possible trade-offs. Go through all URL parameters in your API and describe whether they use a converter, what property is used for converting, or why it's not using a converter.✏️ Write your text here
📑 Fill this section if you used JSON schema validation
Write a short description of your JSON schemas, including key decision making for choosing how to validate each field.✏️ In .NET, C#, we have used builtint class properties while defining business entities to ensure the schema of the call and we are validating it as required fileds or allowed datatypes
📑 Fill this section if you implemented server side caching
Explain your caching decisions here. Include an explanation for every GET method in your API, explaining what is cached (or why it is not cached), and how long is it cached (and why). If you are using manual cache clearing, also explain when it happens.✏️ We are caching these methods (GetHomePageVideos). In this method, we are caching all the videos that will be loading to home page of the application with related details like total votes casted and total book marks on each video since all these calculations will need time for indiviual video and on runtime it will make the API response slower otherwise if that is calculating on runtime
📑 Fill this section if you implemented authentication
Explain your authentication scheme here. Describe the authentication requirements for each resource in your API, and your reasoning for the decisions. In addition, provide a plan for how API keys will be distributed, even if the distribution is not currently implemented.✏️ We are using JWT berear token as an authentication token. On Login, if user exists, a JWT token is returned to the user for next API calls. We have implemented two type of roles for the demonstration i.e. Admin and User. Some methods are allowed for both e.g GetHomePageVideos, GetVideo/{id}, PostVideo, PostVideoVote etc but some methods are only allowed to the Admin e.g GetUser/{id}
| Task | Student | Estimated time |
|---|---|---|
| Documentation and Research | Muhammad Ahmed | 40 hr |
| API Implementation | Muhammad Talha Arshad | 40 hr |