Finest practices for CodeIgniter API growth

Trendy internet functions inbuilt CodeIgniter require API assist. This text touches on these finest practices for API growth in CodeIgniter. These are common pointers and maintain true for all variations of CodeIgniter framework.

Use Standing Codes

you should utilize standing codes in responses of request. It will helpfull for customers to recognized whether or not the request is successfull or fail. A very good API ought to at all times return the correct HTTP error code that appropriately explains the character of the particular error that has occurred. For instance:

"status_code": "401 Unauthorized",
"error": "invalid_token",
"error_description": "Entry token expired: fhsgjfgs777868sdf868."

Use nouns as an alternative of verbs

Naming conventation in apis are necessary and might save a variety of confusion. Use noun on the finish of api path it is because our HTTP request methodology already has the verb.

DO: http://www.instance.com/clients/create

DON’T: http://www.instance.com/createcustomers

Use filtering, looking out and Pagination

Someday API response information is massive. Then retrieving information from database may be very gradual. For this function we use pagination. In filtering use a novel question parameter for retrieve the end result. Typically primary filters aren’t adequate and also you want the facility of full textual content search then use looking out in APIs. For instance:

DO: http://localhost:8080/relaxation/api

DON’T: http://localhost:8080/relaxation/api?restrict=20&offset=0

As a substitute of restrict based mostly pagination, Its a finest apply to implement cursor-based pagination. All the nice corporations are transferring in the direction of cursor-based pagination for giant datasets the place its necessary to not lose any information throughout updates. Test the hyperlink on the finish of this text to study cursor-based pagination.

Safety

Safety is necessary if you construct apis. For API administration and safety use api_key that may be a single token string. Primary Authentication that may be a two token string resolution (username and password) Essential to validate the enter fields. Set up trusted identities after which management entry to providers and assets by utilizing tokens assigned to these identities. At the very least implement the precept of privilege. Folks shouldn’t have the ability to entry extra info that they requested. For instance a standard consumer shouldn’t be in a position to entry info of one other consumer. In addition they shouldn’t be in a position to entry information of admins.

Use price limiting

Setting a threshold/throttling for an api. Different requests will likely be rejected. For instance 30 requests per minute per account. Throttling can stop denial of service assaults. A leaky bucket algorithm will be carried out to this impact.

Optimizing for Human Readers

APIs have to be straightforward to grasp and use. Make the most of clear and straightforward naming programs with no abbreviation.
Make the most of nouns fairly than verbs in HTTP strategies. Have straightforward to understood and easy descriptions for error administration together with standardized error codes.

API Documentation

API documentation ought to present details about the authorization, request/response examples, attainable response standing codes, pagination and out there limits or throttling. It must be appropriate, up-to-date and straightforward to grasp.

Working with Specialists

Lastly, it helps in the event you work with individuals who have completed this a number of dozen time and know tips on how to develop CodeIgniter APIs with finest practices inbuilt. Allow us to make the additional effort for you.

Helpful Hyperlinks