Creating API services using NodeJS provides the infrastructure to develop it faster while providing the capabilities to handle concurrent connections and high-speed response time.
Dynamic Language, such as Javascript, provided us the abstraction we need to program an API services that structured properly, easy to maintain, and use.
As any languages, Javascript has good and bad parts. Proper bootstrapping and standards should be designed and acknowledged by all the developers involved in the projects. This document is a short of a guide on how to develop an RESTful API using NodeJS.
Often times, the backend systems of records are often complex to expose and coupled with legacy technologies that is not easy to integrate with well known protocols such as HTTP(S). To expose it to the developers, there is a need to hide these complexities to ensure better adaptation and usage.
RESTFul API provide the avenue for developers to use the services easily. Design of the API is important, however, to overcome the burden of domain knowledge.
Our application follows a coding style for consistency and readability. These standards may not be everyone's preference, but we have agreed to use these standards
When possible, use JSHint to check for obvious errors (mixed spaces, missing semicolons, etc). Many editors and IDEs have integration with JSHint or JSLint, so use it!
Based from the recommendation of blackhat we are following some programming methods:
a) Validate all inputs. Use a regular expression or tool like PEGS.js
b) Don't use eval. Use JSON.parse in parsing objects from different systems
c) Don't concatenate script with user's input
Aside from the above programming rules, the API needs to have an API Key to enable a kind of access control. With Restify there is a built-in way of not only the authorization but also the throttling. This enable the API to limit the number of requests a given users.
Any async language have a pitfall, for Javascript it is the callback. The mantra is make everything simple not only the structure but how many callback can a function uses. For simplicity and easy to understand module functions the number of callbacks should not go deeper than 3.
node/
documentation/
etl/ (Extract Transfer and Load)
src/
config/ (shared)
lib/
errors/ (Error Definition)
DAO/ (Database Access Abstractions)
test/
tools/
app.js (main application)
Here are few of the suggested libraries to used in developing the services more faster. There are over 9000 modules but only few of them are well tested and used.
Restify - For Restful API Creation
moment.js - For Date Time Manipulation
request - Use for sending HTTP request for testing
Express - For handling webservice call
Creating unit testing is very important for building a maintainable and expandable code. We used Behavior Driven Testing since the application handle a lot of Async
There are two options in bringing Unit Testing -
Always start with the test in a way you can articulate the requirements in code. This will save you a lot of development headache in the long run. Study says that it make development more efficient (http://www.youtube.com/watch?v=pqomi6W4AJ4)
As necessary to validate user inputs more particular the query strings, PEG (or Parser Expression Grammar ) and its generator have been used. It uses the EBNF syntax in defining the parameter types.
PEG provides the necessary javascript to validate all user input for a given URL or links.
In addition there is a diagram tools that can be used in producing a structured grammar diagrams. Very useful in creating your documentation