Topic: Architecture for an api centric application.

Hi folks,

Got the opportunity to put Ruby into a new site/project. Present system is a number of disperate websites, php etc with web forms submitting to a central database via email processors.

I'm loooking to streamline this via a ror island/data centre. The primary interface would be an api to take posted data from the external sources, mash it about and export it again.

Does anybody have any pitfall advice at a high level for this sort of concept?

I'm thinking of taking a restful approach, I seem t get on with it. I'm shying away from a large single transaction, rather a number of trips to capture data as the user completes sections of the form(s). Also site A may have 3 or 4 times the data requirements site B has so thats a factor, core data remains a near costant of name contacts etc...

Also keen to know of anybody who has api key token like ideas, so rather than a plain username password, a key to authenticate against, aka google maps. Building an api does seem straight forward and I'm wary of a path that appears all to easy...no matter how much I love the ruby concept smile Certainly to post and read xml data is considerably easier than any java I've ever had to build.

My goal is a basecamp esq ease of use for the api from java, php and .net apps, just seem to have too many blank bits of paper, maybe I need to fire up textmate and just start smile

Look forward to any comments from experts and other keen parties smile

Last edited by colindensem (2007-01-12 20:58:29)

Re: Architecture for an api centric application.

I think you're on the right track with the REST stuff.  If you develop a fully rest-compliant application you'll be amazed at the power that will appear soon.  Rails 1.2 is nearly released and it'll be fully REST-centric.  Not only that, ActiveResource (the poster child of all REST libraries) is nearing completion as well.

For authentication:
If you run all of these disparate websites yourself I recommend authenticating either by ip or just by token.  If you're opening this API up to people you haven't met yet then I definitely recommend the token approach.

Good luck!

Re: Architecture for an api centric application.

Thanks for the reply. I've spent a bit of today looking over the basecamp api and the php wrappers that are out for it. Thought is lets look at a well known system and api that works and has community, aka google , knowledge.

It's been a while since I rolled some php, but got to the bottom of it eventually, passing xml to seralize was my undoing, but it works against basecamp...

So I now have a few php scripts, using both curl and pear http_request methods, I think curl works better for me, far easier to validate in my mind and saves checking for arrays or xml as parameters.

Been working on the rest/edge stuff for a while; peepcode's restfull screencast demistified things ages ago, still find myself loading it up and scooting through. REST is great to use and as you say powerful, certainly within a rails project, my concerns are calls from the outside world, now I get to try it in something that matters.

Being newish to ruby & rails, security and a like is a big concern, so tomorrows task is I think to look for token authentication ideas. It will be opened up, but to known people/addresses.

The first stage is all sites we own, but I always like to think ahead for any gotcha's.