[英]Using REST API as server side for web page application
We have web applications that we build internally (server side exposes web-services that are called from client side JS). 我们有内部构建的Web应用程序(服务器端公开了从客户端JS调用的Web服务)。 We also required to expose our code functionality in REST API. 我们还需要在REST API中公开我们的代码功能。
I wonder - should I also start to use the REST API also for the web application that I build internally? 我想知道-我是否也应该对内部构建的Web应用程序也使用REST API?
Originally, the REST architectural style declares that the REST is stateless ( http://www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm#sec_5_1_3 ). 最初,REST体系结构样式声明REST是无状态的( http://www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm#sec_5_1_3 )。 This results in consumers\\clients that keeps the state in the client side. 这导致使用者\\客户端将状态保留在客户端。 It works well for "rich" clients (mobile applications, etc...) that are built to save the state in their side. 它适用于“丰富”客户端(移动应用程序等),这些客户端旨在将状态保存在自己的身边。 But... is it the same for web applications? 但是... Web应用程序是否相同? Is it good to have server side that expose itself in REST API, and the client side calls those REST API directly? 让服务器端在REST API中公开自己是否很好,而客户端直接调用那些REST API?
I see some pros, and some cons. 我看到一些优点和缺点。
Pros: 优点:
Cons: 缺点:
Any hints\\recommendations? 有任何提示\\建议吗?
This is an extremely common and powerful architecture, especially when coupled with heavy front-end clients like AngularJS or EmberJS. 这是一个非常通用且功能强大的体系结构,尤其是与诸如AngularJS或EmberJS之类的大型前端客户端结合使用时。 The state in that case is held on the client, and passed to the server only what's needed to complete whatever interaction (API call) they're making. 在这种情况下,状态保留在客户端上,仅将完成他们正在进行的任何交互(API调用)所需的内容传递给服务器。 It's really clean and scalable, in my experience. 根据我的经验,它真的很干净且可扩展。
A couple things you need to figure out / handle. 您需要弄清楚/处理几件事。 Login & "session" info. 登录和“会话”信息。 In general, session stuff doesn't get done on a REST service ,so you have to account for that in various ways. 通常,会话内容不是在REST服务上完成的,因此您必须以各种方式解决这一问题。 Login is generally done by acquiring a token from the server (eg a JavaScript Web Token) and then passing that on further requests. 通常通过从服务器获取令牌(例如JavaScript Web令牌),然后在进一步的请求中传递该令牌来完成登录。 You end up handling expiration on your own. 您最终将自行处理到期。
Using single REST server for all your applications will enable you reuse of the server. 对所有应用程序使用单个REST服务器将使您能够重用该服务器。 Regarding sessions, in Kaltura we use login to return an encrypted string that holds the user id, his session type (admin/user) and the session expiration, once the client received that session string it will use it for any future API call. 关于会话,在Kaltura中,我们使用登录名返回一个加密的字符串,其中包含用户ID,他的会话类型(管理员/用户)和会话到期,一旦客户端收到该会话字符串,它将用于以后的任何API调用。 This architecture enable us to save additional information on that session string without keeping a copy of it on the server. 这种体系结构使我们能够在该会话字符串上保存其他信息,而无需在服务器上保留它的副本。
For more API REST server guidelines, see my blog: http://restafar.com/create-new-rest-server/ 有关API REST服务器的更多指南,请参阅我的博客: http : //restafar.com/create-new-rest-server/
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.