REST tutorial

The application we have developed in this tutorial is simplistic, but demonstrates the principles of a RESTful architecture, and a few of the parts of developing a web application in JavaScript to utilise that architecture. There are a great many features which could be added to the code. A far-from-complete shortlist could include:

• Security
  • Who can place items for sale?
  • Who can bid on them?
  • Who can delete items?
  • Prevent “unauthorised” accesses.

• Robustness
  • Ensure that bad input data won’t cause the server to crash (or otherwise cause security problems)
  • Ensure that the URI processing can cope with any kind of malformed request

• Usability
  • Add more user feedback to the POST and PUT operations
  • Allow the seller to see all bids (at /item/1729/bid, for example)
  • Allow users to see their own bids (at /item/1729/bid, for example)
  • Use interim results in the AJAX interface to display items as they come in from the query
  • Appearance

• Performance
  • Is it really necessary to reload all the items when you delete one? Could you check for success and simply delete the table row from the list instead?

• API features
  • Get lists of items posted by a particular user (/user/derek/items)
  • Search capabilities? (GET /item/filtered/searchterm1 maybe?)

Most of these features are peripheral to the principles of REST system architecture, and so have been elided, omitted or simply ignored in this tutorial. However, they are all important to a good web application, and most are important in the context of an API. For more practice at developing web applications, have a go at implementing some of them in your auction site.

Or you could just have a well-earned REST.

References