What do I need to pay attention to when writing Restapi?

• Ps1= "\n[\e[32;1m" ([\e[37;1m]\u[\e[32;1m])-([\e[37;1m]jobs:\j[\e[32;1m])-([\e[37;1m]\w[\e[32;1m]) \ n ([[\e[37;1m] ! ! [\e[32;1m]), [\e[0m] "

• The business is the model layer to be responsible, the control layer is only responsible for invoking

• Use Xmind to draw mind map, ask self-answer way, in practice, deepen the familiarity of software and use of skills

• The database table design is recommended to use soft foreign key constraints, soft deletion; At the same time, the design of the database table is difficult to consider complete at the outset, and may also make some field change during the development process.

• To access the URL link in postman directly by adding? DebugSESSIONstaer suffix can also pull up Phpstrom breakpoint debugging

• How do you think about starting an interface?

• From the actual application of an operation, such as login, jump, etc., can correspond to a segment of the business logic, thinking about what parameters need to write the corresponding method, the beginning can be considered in the controller to write for testing, and then transferred to the model

• What do we need to take into account?

• Different versions of V1, V2; The method accepts the validation of the parameters (the idea of the validator may fetch some common methods into the base class basevalidate); Exceptions that may occur during the entire API call

• The better the code encapsulation, the more abstract, the better the Code reusability

• @ RESTFul API

• Based on resource, adding and deleting is based on the change of resource state; Use HTTP verbs to manipulate resources (/getmoive/:mid Get:/moive/:mid recommends the latter)

• @ HTTP verb POST: Create PUT: Update GET: query Delete: delete

• Status code: 404 (Not Found), (Parameters Error), $, 201, 202, 401 (Unauthorized), 403, 500

• Error code: custom Error ID number

• Unified Description Error: Error code, error message, URL where the current error message occurred

• Use token tokens to authorize and authenticate identities

• Version control

• Testing is separate from the production environment: api.xxx.com/dev.api.xxx.com

• URL semantics to be clear, it is best to "look at the text to know the meaning"

• It's better to have a more standard document

• The best way to learn: Imitate the Watercress open API; GitHub Developer API

• API is verified and authorized through token, tokens, three points to consider: token is not valid (there is a corresponding row in the database)? token expiration date; token corresponding permissions

What do I need to pay attention to when writing Restapi?