APPI
A minimal toolkit for building modern, stateless APIs, perfect for single page applications. Built with Ember CLI in mind, but framework agnostic. Use as much or as little as you need.
First Class Support for:
- JSONAPI
- JSON Web Tokens
- Token Based Authentication
- Error Handling
- Frontend Hosting via Redis
Coming Soon:
- Slugs (Limited support for Friendly ID)
- Tokenable Resources (currently limited to User)
- Variable User Class
- Pagination (Via Kaminari)
Installation
Add APPI to your Gemfile:
gem 'appi', github: 'sanctuarycomputer/appi'
then run a bundle
and you're golden!
Getting Started
Let's start with the essentials:
Error Handling
The first thing you'll want to do is setup some APPI style exception handling in your application. This is a snap!
In your application_controller.rb
:
module YourAPI
class ApplicationController < ActionController::Base
include APPI::RendersExceptions
rescue_from APPI::Exception do |exception|
render_appi_exception exception
end
end
end
Now, whenever you need to show the user an error, you can do something like this:
module YourAPI
class PostsController < ApplicationController
def update
unless params[:can_update]
raise APPI::Exception.new("posts.will_not_update", id: @post.id)
end
...
end
end
end
Then in your Rails i18n locale:
# config/locales/en.yml
en:
appi_exceptions:
posts:
will_not_update:
title: 'Posts: Could Not Save'
detail: 'Could not update a post with ID: %{id}.
status: 'unprocessable_entity'
You can handle External & Rails exceptions with APPI too:
class ApplicationController < ActionController::Base
include APPI::RendersExceptions
rescue_from Exception do |exception|
case exception
when APPI::Exception
render_appi_exception exception
when CanCan::AccessDenied
details = {
action: exception.action.to_s
}
if exception.subject.respond_to? :id
details[:subject_id] = exception.subject.id.to_s
details[:subject_class_name] = exception.subject.class.to_s
else
details[:subject_id] = nil
details[:subject_class_name] = exception.subject.to_s
end
render_appi_exception APPI::Exception.new('permissions.access_denied', details)
else
render_appi_exception APPI::Exception.new('rails.untracked_error', message: exception.message)
end
end
end
Resource Controllers
APPI comes with some nice tools for DRY'ing up your Resource Controllers.
JSON API Requests
If you need to handle requests formatted for the JSON API spec, the Rails Strong Params method isn't really going to cut the butter for you. Instead, use APPI!
module YourAPI
class PostsController < ApplicationController
APPI::HandlesResources
protected
def permitted_attributes
[:name, :blurb]
end
def permitted_relationships
[:comments]
end
end
end
Resource Filtering
It's a common pattern to filter a resource on its index
action. APPI has drop-in support for
this too:
module YourAPI
class PostsController < ApplicationController
APPI::HandlesResources
APPI::FiltersResources
protected
def permitted_attributes
[:name, :blurb]
end
def permitted_relationships
[:comments]
end
def permitted_filter_params
[:status]
end
end
end
Now when you issue a GET
request to the posts
endpoint, you can also append ?status=publised
to return a collection of published posts.
Users & Current User
APPI supports token (JWT) based User Authentication, like so:
module YourAPI
class ApplicationController < ActionController::Base
include APPI::RendersExceptions
include APPI::CurrentUser
end
end
Now in your Users Controller:
module YourAPI
class UsersController < BaseController
include APPI::UserTokenController
end
end
And in your routes.rb
:
Rails.application.routes.draw do
resources :users do
post 'token', on: :collection
end
end
Now a user can request a token by issuing a POST
request to the users/token
endpoint, with an
email
and password
. With the token, and the @current_user
variable with be loaded whenever
the request headers include a valid token in the following format:
Authorization: bearer 1234usertokenhere56789
You can also encode and decode things at will with the APPI::TokenUtil
singleton class.
Serving Single Page Applications from Redis
The Ember CLI Deploy approach to Single Page Application deployment usually
involves uploading compiled assets to a data store like S3, and then serving
an index.html
file that references those assets from your API in some way.
APPI supports this idea through Redis:
module YourAPI
class ApplicationController < ActionController::Base
include APPI::ServesAppsFromRedis
end
end
Then in your routes.rb
file:
Rails.application.routes.draw do
get '/(*path)', to: "application#serve_index", defaults: { app_name: "frontend" }
end
Now when a user requests http://yourappserver.com/about-us
, APPI will look for a Redis
key called frontend:current
, and serve its content as HTML Safe text.
If you're serving the app somewhere other than root, you'll want to force a trailing forward slash too:
Rails.application.routes.draw do
get 'admin/(*path)', to: "application#serve_index", defaults: {
app_name: "admin",
trailing_slash_at_root: true
}
end
If you're serving multiple apps, be sure to get the order right!
Rails.application.routes.draw do
get 'admin/(*path)', to: "application#serve_index", defaults: {
app_name: "admin",
trailing_slash_at_root: true
}
get '/(*path)', to: "application#serve_index", defaults: { app_name: "frontend" }
end