-
Notifications
You must be signed in to change notification settings - Fork 4
Restful API
Francois edited this page Dec 21, 2025
·
2 revisions
REST (Representational State Transfer) is a standard to describe how to implement networked applications (consumed by other applications or a frontend for instance). It almost always relies on HTTP protocol.
Key benefits for this project:
- maintanability : separation of concerns between the frontend and backend
OpenAPI heps to generate interactive documentation from decorators in the codebase (in controllers and DTOs).
on controller class :
-
@ApiTagsto group endpoints under a category (i.e. "users") -
@ApiBearerAuth()if the endpoint requires authentication @Controller
on function
- method such as
@Get(:param) -
@ApiOperationwith attributessummary: description -
@ApiParamwith attributesname,description @ApiQuery-
@ApiResponse(status,description,type: DTO) for each possible case
on DTO fields
-
@ApiProperty(example,description,required)
| โ Do | โ Don't |
|---|---|
| Use DTO for request bodies and response objects | Expose database entities |
| Use standard HTTP codes | |
| Describe params | |
| Document error cases | Ignore 4xx and 5xx |
Note
RESTful API are stateless, so we should not store client context (such as 'current xxx', ...)
| Type | Resource | Notes |
|---|---|---|
| ๐ | Official Specs 3.1.1 | Main reference |
| ๐ฆ | @fastify/swagger | to check |
| ๐ฆ | @scalar/fastify-api-reference | to check |
| ๐ป | Pro example | MS Azure guidelines - not checked |
| ๐ฅ | Documenter avec OpenAPI | php but transferable to project |
Legend: ๐ Doc, ๐ Book, ๐ฅ Video, ๐ป GitHub, ๐ฆ Package, ๐ก Blog
- Gateway Service - API Gateway & JWT validation
- Auth Service - Authentication & 2FA/TOTP
- AI Service - AI opponent
- API Documentation - OpenAPI/Swagger
- Fastify - Web framework
- Prisma - ORM
- WebSockets - Real-time communication
- Restful API - API standards
- React - UI library
- CSS - Styling
- Tailwind - CSS framework
- Accessibility - WCAG compliance
- TypeScript - Language
- Zod - Schema validation
- Nginx - Reverse proxy
- Logging and Error management - Observability
- OAuth 2.0 - Authentication flows
- Two-factor authentication - 2FA/TOTP
- Avalanche - Blockchain network
- Hardhat - Development framework
- Solidity - Smart contracts language
- Open Zeppelin - Security standards
- ESLint - Linting
- Vitest - Testing
- GitHub Actions - CI/CD
- Husky, Commit lints and git hooks - Git hooks
- ELK - Logging stack
๐ Page model