REST APIs

• restify is a node framework specialized for REST APIs.

CORS

(Cross-Origin Resource Sharing)

The protocol, domain and port must match.

Disable CORS

CORS allows you to lift this restriction on a case-by-case basis

• even allowing you to list which domains specifically are allowed to access the script
• CORS is implemented through the Access-Control-Allow-Origin header
• npm package cors
• • app.use(require('cors')())
• to implemente CORS only on a route
• • app.use('/api', require('cors')())

Documentation

Docs Generators

• docusaurus

Examples

Amazing REST APIs for Inspiration

• DigitalOcean API
• GitHub API
• Stripe API
• Twilio API

HTTP Headers

• list of HTTP headers
• use HTTP headers to send metadata like pagination, rate limiting, or authentication.
• Node.js imposes an 80KB size limit on the headers object to prevent DoS attacks. Therefor avoid the total size of the HTTP headers (including the status line) to exceed HTTP_MAX_HEADER_SIZE.

Rate Limiting

Rate limiting is used to control how many requests a given consumer can send to the API.

To tell your API users how many requests they have left, set the following headers:

• X-Rate-Limit-Limit, the number of requests allowed in a given time interval
• X-Rate-Limit-Remaining, the number of requests remaining in the same interval,
• X-Rate-Limit-Reset, the time when the rate limit will be reset.

Test APIs

Use npm package restler to do the XHR requests

• restler
• supertest