analysis and reflection - tharindu326/PWP GitHub Wiki
📑 Chapter summary
In this section we would like that you reflect about the work you have done during the course.- Reflect about own learning
- Feedback on course instruction
✔️ Chapter evaluation (max 5 points)
You can get a maximum of 5 points after completing the Analysis and Reflection section. More information in Lovelace return box for Final deadline.📑 Content that must be included in the section
Explain how you would improve your RESTful API and your client application. Try to develop the ideas, and explain why each improvement is needed✏️
To enhance our API service, we can start by implementing rate limiting to control the number of requests a user can make in a certain period. This will protect the API from overuse and ensure fair access for all users. By limiting the number of requests, we can prevent server overloads and improve the overall performance and reliability of our service.
Improving our logging and monitoring capabilities will provide valuable insights into how the API is used. This will help us track performance, understand usage patterns, and quickly identify any issues that arise. Better logging and monitoring will make it easier to debug problems and keep the API running smoothly.
We can also add webhook support, which will allow our system to send real-time notifications to clients when certain events occur. This makes the service more interactive and responsive, as clients can get immediate updates about changes or important actions. Webhooks can improve user experience by keeping clients informed without needing to constantly check for updates.
Implementing role-based access control (RBAC) will enable us to manage user permissions more effectively. Different users can have different levels of access based on their roles, enhancing both security and usability. RBAC ensures that users only have access to the information and actions they are authorized for, which protects sensitive data and functionality.
Incorporating JSON schema for validation is another critical improvement. JSON schema allows us to validate the structure and content of JSON data, ensuring that the API receives well-formed requests and returns correctly structured responses. This helps in catching errors early and ensures data consistency across the API. Implementing JSON schema will simplify error handling and improve the overall reliability of the API.
Centralizing error handling is essential for maintaining consistent error responses. By creating a single place to manage all errors, we ensure that error messages are clear and standardized, making it easier for developers to debug issues. This approach reduces code duplication and ensures that all errors are handled uniformly across the API.
Improving API security is crucial for protecting our data and services. Implementing security measures such as OAuth2 for authentication and input validation helps prevent unauthorized access and potential attacks. Ensuring that only authorized users can access the API enhances its security and reliability.
📑 Content that must be included in the section
Discuss in this section the things that you would have done differently if you started the project after this course ends.✏️
Initially, our API routes were not defined in a very RESTful way, so we had to make several changes to improve them. If we were to do it again, we would definitely define them more RESTfully from the beginning.
We also included many supportive functions directly within the app context, which made the code very lengthy and hard to understand. To improve this, we should have cleaned up the code with pylint and moved many of the supportive functions out of app.py and into a utility module. This would make the code clearer and more understandable. If we were to do it again, we would avoid putting all the supportive functions directly in app.py.
Additionally, we should have documented the functions as we implemented them. Doing this would save us time in the end, as we wouldn't need to spend extra time documenting everything later. In future projects, we will prioritize documenting functions during implementation.
📑 Content that must be included in the section
Comment where you encountered the main difficulties while doing your project work. Discuss about the easiest/most difficult parts of the project. Provide convincing statements.✏️
I had experience with REST APIs, but during this project, I realized that my knowledge was limited to implementing simple APIs. I didn't fully understand the concepts and principles of RESTfulness earlier.
Throughout this project, I learned a lot about various methods and details related to REST API implementation, documentation, and usage.
The most challenging part for me was implementing hypermedia. Understanding the underlying concept and purpose of hypermedia took some time. Conversely, the easiest part was implementing endpoints and application-related functions, as they dont require specific API domain knowledge. It was more about learning and implementing rather than applying pre-existing knowledge.
Additionally, I found that there are limited resources available on hypermedia and API documentation. Despite this, I found it interesting and valuable to learn these aspects.
📑 Content that must be included in the section
Make sincere comments about the course. How this course could be improved? What should be changed? What should not be changed?✏️
Regarding database usage, I've worked on multiple projects over the past three years and have noticed that none of them used SQLAlchemy. However, SQLAlchemy is a powerful and widely-used ORM in production environments. It is suitable for managing database interactions in Python applications. While SQLAlchemy is excellent for learning and understanding database concepts, directly using databases like MySQL or MongoDB can also be beneficial for students, as these technologies are commonly used in the industry.
The course did not cover API deployment in detail, including deploying APIs on servers, using Docker or other containerization services, and setting up API gateways. Including these topics with some practical exercises would be very helpful.
Additionally, it would be better to have more content on API security and versioning.
While learning about REST APIs, it would be useful to explore alternatives like GraphQL to understand the different methods available beyond REST.
| Task | Student | Estimated time |
|---|---|---|
| plan the future improvements and update in wiki | Tharindu Muthukuda Walawwe ([email protected]) | 1 |
| document lessons leant and comments about the course | Tharindu Muthukuda Walawwe ([email protected]) | 1 |