2

i searched a lot regarding the question in the title and I'm still not really sure what I'm supposed to do. I just heard of RESTful this morning and the more I read about it the more confused I get.

A couple of weeks ago I was supposed to make an PHP/jQuery/AJAX web application that would basically be a simple todo list with multiple users. I learned a lot about ajax and jQuery(thanks to stackoverflow) during the process and I am quite happy with the final result.

The application works like this: The user logs in, and his id is stored in session variable. For example if he clicks on 'Add' button the code looks something like this.

//script.js $.get("ajax.php",{'action':'new','text': $text, 'list': $selectedList }, function(msg){ // add a new task and fade it $(msg).hide().appendTo('.listoftasks').fadeIn(); });

And on the ajax.php

//ajax.php if($_GET['action'] == 'new') add_task($_GET['text'], $_GET['list'], $_SESSION['user_id']);

So, as it turns out an android app for the web app is in the plans and I was asked if I could make a RESTful web service for it. Can anybody point me in the right direction, is it possible to implement that kind of service with an application coded like this because I've read somewhere (among many other things) that it doesn't work with sessions?

It would be great if someone coud at least point me to some basic tutorials, because at this moment this is all very confusing for me.

Thank you for all your help

edit:

Ok thanks everyone, i managed to do what was asked from me with you help and I learned something new, thank you. The problem I have now is authentication. Basically the android app sends request to my api.php page with some variables (id, list_id etc). Now how do I implement some form of authentication so the api.php would only return results for the authenticated user. I've talked to the app developer briefly and basically he would send me username and password through http header (or something like that). How do I get those values on my api.php page? Thank you for all the help :)

Improve this question

2 Answers 2

Reset to default
5

In few words – an a very practical, non academic explanation – a RESTful web service is a web server that answer requests that are structured following a :resource/:action/[:id] pattern.

For example, your users are a resource and you have these actions:

  • GET /users : list of users
  • GET /users/5000/edit : Edit a specific user
  • GET /users/5000 : Show a specific user
  • GET /users/new : Form for creating a new user
  • POST /users/ : A post request that created a new user.
  • PUT /users/5000 : A Post request that updates an user.
  • DELETE /users/5000 : A destroy request that removes an user.

It is a CRUD interface: Create, Read, Update, Destroy.

Your sessions are resources too.

  • POST /session/create : Create a new session for a user.
  • DELETE /session/destroy : Removes a session.

Some resources do not need to be have all CRUD actions.

For the original document that describes the RESTful architecture:

http://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm

For a more practical examination of this matter:

http://www.amazon.com/Service-Oriented-Design-Rails-Addison-Wesley-Professional/dp/0321659368

Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

Thank you very much for such fast response :) It's a bit clearer for me what I'm supposed to do. Thank you once again
Nerian What you are describing is how MVC style web frameworks build web apps. If you really understand REST you can build RESTful applications using these frameworks, but they certainly don't lead you down the right path. BTW, DESTROY is not a HTTP method. I think you meant DELETE.
Also, creating a session as a resource may work for some simple cases but you are likely to violate the self-descriptive constraint if you use it for anything more than helping to authenticate.
"* GET /users/5000 : A Get request for viewing the user. * GET /users/5000/edit : Form for editing a user." I recommend you add two extra standard actions. The GET on a user id is kind of important ;)
@Raynos: That's right :) I shouldn't post on OS before having my morning coffee :) I added those the answer.
|
3

There is lots of useful information here http://code.google.com/p/implementing-rest/

Be warned, there is more mis-information about REST on the web than there is valid information.

  • Being RESTful has almost nothing to do with what your URL looks like.
  • Building RESTful systems is about being able to build distributed systems that can evolve over the long term. It is not a short term, quick solution.
  • Requests to a RESTFul system should be independent of each other. Keeping session-like state between requests for anything other than holding on to authentication token is a bad idea.

Most of the systems that you will see on the web described as REST are simply HTTP based Remote Procedure Call, APIs. This is a valid architecture, but it is not REST and therefore does not need to comply to the REST constraints, nor does it necessarily gain the benefits of REST.

Improve this answer

1 Comment

ah..you sir are a gentleman and a scholar :). Thank you for the link and the info. I'll try to get into this some more. API at least is a familiar term, I think I can do this :). Thank you very much

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.