Gatul.code RE 5 T AP ccovine suas eNotes GALLERY REST STANDS FOR REPRESENTATIONAL STATE TRANSFER REST APIS OPERATE ON A SIMPLE REQUEST/RESPONSE SYSTEM REQUEST / oo / ‘00 RESPONSE C=) CLIENT CAN MAKE A REQUEST : SERVER RETURNS ARESPONSE WITH AN USING HTTP METHODS: HTTP STATUS CODE THESE METHODS AEs POPULAR HTTP STATUS CODE: GET, POST, PUT, PATCH, DELETE, HEAD, i! ¢ TRACE, OPTIONS, CONNECT EX, 200, 202, 403, 404, 500 ET HTTP REQUEST CONTAINS HTTP RESPONSE CONTAINS REQUEST METHOD HTTP HEADERS BODY STATUS CODE HTTP HEADERS RESPONSE BODY % REST APL CONSTRAINTS < / <> GLIENT-SERVER ARCHITECTURE” UNIFORM INTERFACE © NO THIRD PARTY INTERPRETATION 4 a N\ © FOLLOW A COMMON PROTOCOL a LAYERING : _— © MULTIPLE INTERMEDIARIES BETWEEN 7 CLIENT AND SERVER, CAGHEABILITY STATELESSNESS @ RESPONSE CAN BE CACHEABLE @ THERE IS NO STATE. CLIENT AND SERVER ARE COMPLETELY SEPARATEDHTTP HEADERS CLIENT AND SERVER CAN PASS THE EXTRA BIT OF INFORMATION WITH THE REQUEST AND RESPONSE USING HTTP HEADERS: DIVIDED INTO FOUR PARTS REQUEST HEADERS — RESPONSE HEADERS ‘CLIENT 10 SERVER © SERVER TO CLIENT REPRESENTATION HEADERS — PAYLOAD HEADERS: e INFORMATION ABOUT THE BODY , INFORMATION ABOUT OF THE RESOURCE THE PAYLOAD DATA WIDELY USED HTTP HEADERS Accept TYPE OF DATA CLIENT CAN UNDERSTAND Accept-Encoding WHICH ENCODING METHOD CLIENT CAN UNDERSTAND Authorization USED TO PASS CREDENTIALS $0 THAT SERVER CAN AUTHENTICATE Accept-Language CLIENT IS EXPECTING THE RESPONSE IN THE MENTIONED LANGUAGE Content-Type SPECIFIES THE MEDIA TYPE OF THE RESOURCE Host SPECIFIES THE DOMAIN NAME Access-Control-Allow-Origin WHICH ORIGIN IS ALLOWED TO ACCESS THE RESOURCES Access-Control-Allow-Methods WHICH METHODS ARE ALLOWED TO ACCESS THE CROSS-ORIGIN RESOURCESHTTP STATUS CODES 7 regest GET POSTS | il} CLIENT \ 200 ok SERVER we SERVER ALWAYS RETURNS HTTP STATUS CODE WITH THE RESPONSE 7% SUCCESSFUL RESPONSES: REDIRECTION MESSAGES 200 0K EVERYTHING IS FINE 301 MOVED PERMANENTLY THE RESOURCE HAS BEEN MOVED PERMANENTLY 201 CREATED TO THE NEW URL NEW RESOURCE WAS CREATED xy & 400 BAD REQUEST 401 UNAUTHORIZED & INVALID SYNTAX CREDENTIALS ARE INCORRECT s 403 FORBIDDEN YOU DON’T HAVE PERMISSION TO ACCESS THE RESOURCES 404 NOT FOUND 421100 MANY REQUESTS INVALID URL USER HAS SENT TOO MANY REQUESTS IN A GIVEN AMOUNT OF TIME SERVER ERROR 500 INTERNAL SERVER ERROR SERVER DOES NOT KNOW HOW TO HANDLE THE UNEXPECTED SITUATIONHTTP Request Methods_Henet Control (ITE Headers ORIGIN aS IT’S A CROSS-ORIGIN REQUEST. LET ME ADD THE ORIGIN HEADER TO TELL THE SERVER WHERE THE REQUEST IS COMING FROM. ACCESS-CONTROL-REQUEST-METHOD © LET ME ASK THE SERVER. IWANT TO MAKE A GROSS-ORIGIN 0° OP OST REQUEST. ssc Contre Request athe “| Browser == THIS IS A PREFLIGHT REQUEST TO LET THE SERVER KNOW WHICH METHOD WILL BE USED IN THE MAIN REQUEST. | THIS 19 THE RESPONSE A.COM ORIGIN IS ote TO THE PREFLIGHT g REQUEST INDICATING ALLOWED TO ACCESS 3s Reaues| WOlGATING RESOURCES FROM ¥ : CAN BE MADE USING com ? £ CREDENTIALS. & ts. % & \ ® POST METHOD I: ‘ ALLOWED TO Access \ ome CROSS-ORIGIN RESOURCES. THIS IS THE RESPONSE TO THE ae PREFLIGHT REQUEST. ‘BrowserCaching in API calls GET ipo ena _ {eto pees a ~ —_— = 1 ° ‘Server Cache-Control: max-age=1000 200 OK /posts 4 After 200 Seconds Aeaga\ (ont should GET /posts \rdor — pn LEE Client maK-Age=1000 =o age=200 Cache-Control: max-age=1000 Jposts Hence cache is ‘Sever fresh Wait for 1000 seconds until cache get stale, 200 OK