REST API

REpresentational State Transfer (REST) is an architectural style that defines a set of constraints to be used for creating web services. A client requests some data from the server and the server returns the data(resource). There are 6 Constraints –

  1. Uniform Interface – It is a key constraint that differentiate between a REST API and Non-REST API. It suggests that there should be an uniform way of interacting with a given server irrespective of device or type of application (website, mobile app).
  2. Stateless – The server will not store anything about the latest HTTP request the client made. It will treat every request as new.
  3. Cacheable – Every response should include whether the response is cacheable or not and for how much duration responses can be cached at the client side.
    • Caching – Caching is the ability to store copies of frequently accessed data in several places along the request-response path. When a consumer requests a resource representation, the request goes through a cache or a series of caches (local cache, proxy cache, or reverse proxy) toward the service hosting the resource. If any of the caches along the request path has a fresh copy of the requested representation, it uses that copy to satisfy the request. If none of the caches can satisfy the request, the request travels all the way to the service (or origin server as it is formally known).
  4. Client-Server – A Client is someone who is requesting resources and are not concerned with data storage, which remains internal to each server, and server is someone who holds the resources and are not concerned with the user interface or user state.
  5. Layered system – REST allows you to use a layered system architecture where you deploy the APIs on server A, and store data on server B and authenticate requests in Server C.
  6. Code on demand (optional) – servers can also provide executable code to the client. The examples of code on demand may include the compiled components such as Java applets and client-side scripts such as JavaScript.

REST Resource naming guide

We can divide resource archetypes into four categories.

  • Document – A document resource is a singular concept that is akin to an object instance or database record.
    Use “singular” name to denote document resource archetype.
http://api.example.com/device-management/managed-devices/{device-id}
http://api.example.com/user-management/users/id
http://api.example.com/user-management/users/admin
  • Collection – A collection resource is a server-managed directory of resources. Clients may propose new resources to be added to a collection.
    Use “plural” name to denote collection resource archetype.
http://api.example.com/device-management/managed-devices
http://api.example.com/user-management/users
http://api.example.com/user-management/users/{id}/accounts
  1. Store – A store is a client-managed resource repository. A store resource lets an API client put resources in, get them back out, and decide when to delete them. A store never generates new URIs.
    Use “plural” name to denote store resource archetype.
http://api.example.com/cart-management/users/{id}/carts
http://api.example.com/song-management/users/{id}/playlists
  1. Controller –  A controller resource models a procedural concept. Controller resources are like executable functions, with parameters and return values; inputs and outputs.
    Use “verb” to denote controller archetype.
http://api.example.com/cart-management/users/{id}/cart/checkout
http://api.example.com/song-management/users/{id}/playlist/play

Best practices & rules

There are some best practices and rules which will be very useful. 

  • Use (/) to indicate hierarchical relationships.
http://api.example.com/device-management/managed-devices/{id}/scripts
http://api.example.com/device-management/managed-devices/{id}/scripts/{id}
  • Do not use trailing forward slash (/).
http://api.example.com/device-management/managed-devices/
http://api.example.com/device-management/managed-devices 	/*This is much better version*/
  • Use hyphens (-) instead of underscores (_).
http://api.example.com/inventory-management/managed-entities/{id}/install-script-location  //More readable
http://api.example.com/inventory-management/managedEntities/{id}/installScriptLocation  //Less readable

Not (_)

http://api.example.com/inventory-management/managed-entities/{id}/install-script-location  //More readable
http://api.example.com/inventory_management/managed_entities/{id}/install_script_location  //More error prone
  • Use lower case letters in URI.
http://api.example.org/my-folder/my-doc  //1
HTTP://API.EXAMPLE.ORG/my-folder/my-doc  //2
http://api.example.org/My-Folder/my-doc  //3
  • Don’t use file extensions.
http://api.example.com/device-management/managed-devices.xml  /*Do not use it*/
http://api.example.com/device-management/managed-devices 	/*This is correct URI*/

HATEOAS driven REST API

REST architectural style lets you use hypermedia links in the response contents so that the client can dynamically navigate to the appropriate resource by traversing the hypermedia links. Above is conceptually the same as a web user browsing through web pages by clicking the relevant hyperlinks to achieve a final goal.
For example HTTP GET http://api.domain.com/management/departments/10

{
    "departmentId": 10,
    "departmentName": "Administration",
    "locationId": 1700,
    "managerId": 200,
    "links": [
        {
            "href": "10/employees",
            "rel": "employees",
            "type" : "GET"
        }
    ]
}

In the preceding example, the response returned by the server contains hypermedia links to employee resources 10/employees, which can be traversed by the client to read employees belonging to the department.

Idempotent REST API

When making multiple identical requests has the same effect as making a single request – then that REST API is called idempotent. Except POST everything is idempotent, because POST will create a new resource N times if you invoke it N times.

Best practices to Secure REST API

  • Always use HTTPS.
  • Use password hash.
  • Never expose information on URL.
    Usernames, passwords, session tokens, and API keys should not appear in the URL, as this can be captured in web server logs, which makes them easily exploitable.
https://api.domain.com/user-management/users/{id}/someAction?apiKey=abcd123456789  //Very BAD !!
  • Use OAuth instead of basic auth.
  • Add timestamp in request it will prevent the basic reply attack from people who are trying brute force to your system.

Application state vs Resource state

  • Application state : Application state is server-side data which servers store to identify incoming client requests, their previous interaction details, and current context information.
  • Resource state : Resource state is the current state of a resource on a server at any point of time – and it has nothing to do with the interaction between client and server. It is what you get as a response from the server as API response. You refer to it as resource representation.

Advantages of statelessness

  • Statelessness helps in scaling the APIs to millions of concurrent users by deploying it to multiple servers. Any server can handle any request because there is no session related dependency.
  • No server side synchronization.
  • Easy to cache.
  • The server never loses track of “where” each client is in the application because the client sends all necessary information with each request.

PyCon India 2019

Yaaaaa!!!! it was my first PyCon India. One day I was chatting to Sayan and suddenly he told me that start saving some money from now and attend the pycon India this year. I had never been any kind of conference ever before so I was bit hesitated about this conference but Sayan and other folks from dgplug guided me a lot. I started my journey with my dad from Kolkata on 10th October and reached Chennai on 11th.

Day 0

On 12th October I left for the conference. When I reached the conference I saw sourabh, Pravar and Rayan there and talked with them. After that I got my attendee card then went for the breakfast and while eating I met some people and talked with them like Vijay, Noah later I proceeded to the conference. After that I attended the Jake VanderPlas’s keynote. After that I was going to various sponsors booth to collect the goodies :p. After that I went for Pradyun’s talk Python Packaging – where we are and where we’re headed. He described how packaging works with pip and how they are planning to move ahead.
I met many of the faces whom I used to know on IRC/Twitter only. Later me and Sayan explored the Poster Session. It was really exciting and my first day of the conference was over. After the conference me and some other folks went for visiting the Palavakkam Beach and spent some good time there.

goodies & swags 😉

Day 1

On 13th it started with keynote by Ines Montani. After that there was annual DGPLUG staircase meeting. Sayan conducted the meeting and we all introduced our self to each other and discussed about what went wrong to this year’s summer training. We also discussed about the tasks given by Sayan this year. After finishing the lunch we also solved some word puzzles and coding questions to get the t-shirts and swags. The conference ended with David Beazley keynote and he live coded a stack machine, wrote an interpreter for Web Assembly game that was initially written for Rust in Python and in the end added PyGame to make it into an actual game. I was amazed after seeing it. The keynote ended with standing ovation from all the people in the hall. After the conference we went for DGPLUG dinner and spent some good time with other folks and had our dinner there.

DGPLUG group

Day 2

On 14th(my birthday :p) morning I left for IIT Madras Research Park and in the morning there was my workshop on docker. After finishing the workshop I joined devsprint. There was lots of mentors conducting the devsprint and from that I choosed to join the Python Packaging Sprint which was conducted by Pradyun. It was my first devsprint and I didn’t even know anything about it but Pradyun helped me a lot understand the issue and what should be my approach to solve that. after the devsprint we went for dinner again. On that day most of my friends were returning so it was time to say goodbye to them 🙂

day 3

On 15th again there was devsprint happening there and I was solving an issue in pip and Pradyun was helping me regarding that issue. Besides devsprint me and Sourabh was discussing about some security stuff. After the devsprint I talked with other people.

After the devsprint

Summary

Pycon India has gave me the opportunity to communicate and meet people from all across the world as well as different background. I got to know about lots of new technologies and other technical stuff. I made lots of new friends there and I returned home with some great memories with me 🙂 . If I go next year then I would like to be a volunteer there.

Write your commit message in your favourite text editor

Most of us use git as their version control system and in day to day life while developing any application we commit our changes quite frequently. We follow the traditional way of committing changes like below –

$ git commit -m "Our commit message"

But we have another cool option to do this commit. We can use our favorite text editor for this commit. We have to first tell git that pop up the text editor every time you commit changes. For this execute below command in your terminal –

$ git config --global core.editor "vim"

Here it will pop up the vim text editor when you will execute git commit.

Thank you 🙂

Learned to Build a simple pascal interpreter using python

Photo by Max Duzij on Unsplash

Recently I was going through the series of ‘Let’s Build A Simple Interpreter‘ by Ruslan Spivak which was given by Sayan as an assignment of summer training. Here you can see the whole series codes. I have gone through all the parts and added what I have learned in the README.md file.

In this series the main focus was to build an simple pascal interpreter by python which can execute simple pascal codes like mathematical operations and procedure calling. This series introduced me lots of thing like scanner, token, parser, interpreter and grammar, etc. At first I was thinking that I will not be able to complete the series properly as I didn’t know anything about interpreter and compiler but as move forward in this series things get cleared because everything was elaborated properly. Whenever I stuck at any point I search it in the internet and try to find the proper solution. For me in this series the most interesting part was the grammar of any programming language and how they help.

In this series I also learned how to write better commits so people can understand my code and also learned how to reset my commit to previous commit when I commit wrong things or made any bad commit message. Here you can see my commits.

Thank you 🙂

Fun with python requests module

I was reading this part of the pym book and thought that I should change this code a little bit so that it can do some better thing like instead of storing the content in a text file it stores it in a HTML file and it also checks if there is any same named file exists in the directory or not. Here is the code –

import os.path
import requests

def download(url):
    """
    Download the given url and saves it to the current directory
    :arg url: URL of the file to be downloaded.
    """
    req = requests.get(url)
    if req.status_code == 404:
        print('No such file found at %s' % url)
        return
    fileName = url.split('/')[-1].split('.')[0] + '.html'
    print(fileName)
    if os.path.isfile(fileName):
        print('Same file name already exist')
    else:
        with open(fileName, 'wb') as fobj:
            fobj.write(req.content)
        print('Download over')

if __name__ == "__main__":
    url = input("Enter a URL: ")
    download(url)

Above we are getting the content of the content of the url by requests.get(url) method. Then checking if that url is valid or not. If valid then parsing the url by split() method like first we are splitting it by “/” and taking the last value of the list and then splitting it again with “.” and taking the first value of the list. Then checking if there is no same name file exist and if there is no same name file then we are creating a file then writing the content in the file.
Thank you 🙂

Study, day 3

I have started learning python 3 from pym book by Kushal.

Read about following topics and solved problems.

  • Strings
    • Strip the string.Finding text.palindrome checking.Number of words.
  • Function
    • Defining function.Local and Global variable.keyword and keyword only arguments.Docstring.
  • File Handling.
    • Opening and closing a file.Reading data inside a file.Copying data from one file to another.Counting spaces, tabs and new lines in a file.
  • Exceptions
    • Various type of errors.
    • Handling exceptions.
    • Using finally keyword for cleaning.

Learning python3

Photo by Hitesh Choudhary on Unsplash

I started learning python back in 2017 and since then I am still learning it and using it and almost everyday I write some python code. Python is an interpreter based language, you can write the code directly in the interpreter or in a separate file(extension is .py) and run it.

Using the interpreter

Fire up your terminal and type python3. And you will see something like this below code snippet.

$ python3
Python 3.6.8 (default, Jan 14 2019, 11:02:34) 
[GCC 8.0.1 20180414 (experimental) [trunk revision 259383]] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> 

Now we are going to print “Hello World!” using the interpreter.

>>> print("Hello World!")
Hello World!

Using a source file

Create a file called helloWorld.py and enter the following text:

print("Hello World!")

We can run this file by python3 command.

$ python3 helloWorld.py 
Hello World!

Whitespaces and indentation

Language like c/c++ use pair of curly brackets to divide different identifiers. In the python it uses indentation for that. The whitespaces at the beginning of the line is known as indentation. If you give wrong whitespaces then it will give you errors. Python use 4 whitespaces for a single indentation. Below there is an example.

>>> a = "Aniruddha"
>>>  b = "Basak"
  File "<stdin>", line 1
    b = "Basak"
    ^
IndentationError: unexpected indent

Comments

Comment is a line in python that will start with # and the interpreter of python will just ignores the lines. You can write anything here to describe your code.

>>> # This is a comment
>>> # The next line will multiply two numbers
>>> a = 12 * 34
>>> print(a) # Printing the value of a

If your description is long then it is recommended that you use multiline comments. There is two options for that.

# This is option 1
# Multiline comment
"""
This is option 2
Multiline comment
"""

Modules

The reason why python is loved by so many people is it gives so many modules to work on almost everything you can imagine. Basically modules are python files that contains different functions classes and variable that you can reuse.

>>> import os
>>> print(os.name)
posix

Keywords and Identifiers

Below the following identifiers are main keywords of python. They must exactly types as it is.

False      class      finally    is         return
None       continue   for        lambda     try
True       def        from       nonlocal   while
and        del        global     not        with
as         elif       if         or         yield
assert     else       import     pass
break      except     in         raise

Variables and Datatypes

In python we don’t specify the type of the variable while declaring it.If we declare a = 1 then a will become an integer type and if we define b = "Hii" then b will become an string type variable.

>>> a = "Hi "
>>> b = "how you doing?"
>>> a + b
'Hi how you doing?'

Taking input from keyboard

We can take input from users while executing the program. We can use the input() function given by python for this. Let’s see an example of taking input from user.

number = int(input("Enter number: "))
print(number)

Here is the result –

$ python3 input.py 
Enter number: 25
25

Operators and Expressions

Python language supports the following types of operators.

  • Arithmetic Operators
  • Comparison (Relational) Operators
  • Assignment Operators
  • Logical Operators
  • Bitwise Operators
  • Membership Operators
  • Identity Operators

Arithmetic operator:

It is used to perform common mathematical operations.

>>> a = 2
>>> b = 4
>>> a + b
6
>>> a - b
-2
>>> a * b
8
>>> a / b
0.5
>>> a % b
2
>>> a ** b
16
>>> a // b
0

Comparison operator:

It is used for comparing two values and returns either True or False.

>>> a = 2
>>> b = 4
>>> a == b
False
>>> a != b
True
>>> a > b
False
>>> a < b
True
>>> a >= b
False
>>> a <= b
True

Assignment operator:

This operator is used to assign values to some variable.

>>> x = 5
>>> x += 5
>>> x -= 5
>>> x *= 5
>>> x /= 5

Logical operators:

Logical operators are the and, or, not operators.

>>> x = True
>>> y = False
>>> print('x and y is ', x and y)
x and y is  False
>>> print('x or y is', x or y)
x or y is True
>>> print('not x is', not x)
not x is False

Bitwise operators:

Bitwise operator works on bits and performs bit by bit operation. Assume if a = 60 and b = 13. Now in binary format they will be as follows –

>>> a = 60
>>> b = 30
>>> a & b
28
>>> a | b
62
>>> a ^ b
34
>>> ~a
-61
>>> a >> 2
15
>>> a << 2
240

Membership Operators:

Python’s membership operators test for membership in a sequence, such as strings, lists, or tuples. There are two membership operators as explained below −

a = 'Hello World'
print('H' in a)

Identity Operator:

Identity operators compare the memory locations of two objects. There are two Identity operators explained below −

>>> a = 5
>>> b = 5
>>> c = 10
>>> print(a is not b)
False
>>> print(a is b)
True
>>> print(a is c)
False

How To Create a Pull Request on GitHub

What is pull request?

Pull request let you tell others about changes you’ve pushed to a github repository. Once a pull request is sent, the maintainers of that project can review the changes and discuss for modifications, and even push commits if necessary and once everything is ok they can accept that pull request and all your changes will be merged with the upstream project. Below there are set of instructions that will describe how to create pull request.

Photo by Brina Blum on Unsplash

Fork the Repository

The first step should be creating a copy of a repository. You can fork a repository on GitHub by navigating with your browser to the GitHub URL of the open-source project you would like to contribute to.

GitHub repository URL contains both the username of the owner of the repository and the name of the repository. For example, below github url aniruddha2000 is the username and the hello-world is the name of the repository.

https://github.com/aniruddha2000/hello-world

When you go to that url on your browser you will see a “Fork” button on your upper right hand side of the page.

Click the fork button and start the forking process.

Once the process is done, your browser will go to a screen similar to the repository image above, except that at the top you will see your username before the repository name, and in the URL you will see your username before the repository name.

https://github.com/your-username/hello-world

Clone the forked repository

Now you have to clone the repository in your local machine that you have forked. In order to do that you have to use git clone command. Execute below command in your terminal.

$ git clone https://github.com/your-username/hello-world.git

Create a New Branch

Whenever you work on a collaborative project you and other programmers contribute to the repository will have different ideas for new features or fixes. So it is recommended that you should always work on a new branch and make pull request to the upstream project from that branch and this process will help you to work nicely will all contributors. Execute below command to create a new branch.

$ git checkout -b new-branch
Switched to branch 'new-branch'

Make changes locally

Once you have modified all necessary files you should add them git add and commit by git commit -m. After committing you have to push the changes in the ‘new-branch’. Execute below command for this operation.

$ git push origin new-branch

Create Pull Request

Now you can create a pull request to the upstream project. You can navigate to your forked repository and click the “New pull request”.

Once you have chosen, for example, the master branch of the original repository on the left-hand side, and the new-branch of your forked repository of the right-hand side, you should see a screen that looks like this:

Add the necessary comment and then click the “Create pull request” button. Now go the pull request section of the upstream repository and you will see your pull request is there.

Thank you 🙂