【API】很棒的 API

Design

Overview

REST allows us to create services and applications that can be used by any device or client who understands HTTP.

• Best Practices for Designing a Pragmatic RESTful API [spanish version].
• Ideal REST API Design.
• StackOverflow best REST API Design.
• Heroku API Reference.
• API Terms Glossary.
• HTTP API Design by Heroku.
• Learn REST: A RESTful Tutorial.
• RAPIS: A REST API Standard for the 21th century.
• IBM Watson REST API Guidelines.
• Microsoft REST API Guidelines.
• Zalando RESTful API and Event Scheme Guidelines
• gov.uk API technical and data standards

Status Code

When you are using a REST design you have to provide the HTTP status code that are the more appropriated to respond to the request.

• HTTP Status code table in RESTAPITutorial.
• httpstatuses.com
• Status code definition in W3C.
• HTTP Status Code Guides

Authentication

• Auth Boss – Learn about different authentication methodologies on the web.
• Authentication Cheat Sheet.
• The Problem With API Authentication in Express.
• Web Authentication Methods Explained.

JWT

JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties.

• 10 Things You Should Know about Tokens.
• Cookies vs Tokens.
• JWT Draft in IETF.
• JWT.io.
• Using JSON Web Tokens as API Keys.
• Why Meteor doesn't use session cookies.
• Guide on API authentication and authorization.

Authorization

OAuth

An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications

• The OAuth Bible by Mashape.

Caching

• Caching best practices & max-age gotchas.
• Increasing Application Performance with HTTP Cache Headers.
• Using Cloudflare with your API.

Security

• Helmet, help secure Express/Connect apps with various HTTP headers.
• APISecurityBestPractices.
• Node Security Project.
• Node.js Security Checklist.

Format

• HAL – Simple format that gives a consistent and easy way to hyperlink between resources in your API (see: HATEOAS).
• Hydra – Vocabulary for Hypermedia-Driven Web APIs (W3C).
• JSend – Simple specification that lays down some rules for how JSON responses from web servers should be formatted.
• JSON API – Standard for building APIs in JSON.
• JSON-LD – Standard for describing Linked Data and hypermedia relations in JSON (W3C).
• OData – Open protocol to allow the creation and consumption of queryable and interoperable RESTful APIs. Quite complex.
• RAML – Simple and succinct way to describe RESTful API.
• Schema.org – Collection of schemas describing common data models.

Discover

Need a API for your projects?

Curated list

• Awesome APIs Directory – A public list of APIs from round the web.
• public apis – A collective list of public JSON APIs for use in web development.

Directory

• apis.io – API Search service to help discover APIs on the web.
• ProgrammableWeb.

Testing

Querying

• Firecamp – Protocol agnostic API testing client which help you test and manage RestAPIs, GraphQL, Websocket and many more.
• httpie – Command line HTTP client, far more dev-friendly than curl.
• HttpMaster – GUI tool for testing REST APIs and services. Windows OS only.
• jq – Command line JSON processor, to use in combination with a command-line HTTP client like cURL.
• Insomina – A Fancy HTTP REST Client.
• resty – Little command line REST client that you can use in pipelines (bash or zsh).
• TestMace – A modern powerful crossplatform tool for working with API and creating automated API tests.

Mocking

• Beeceptor - Beeceptor helps intercepting API calls and mocking them selectively. Creates an endpoint for wrapping original API and routes requests.
• FakeRest – Patch XMLHttpRequest to fake a REST API client-side.
• JSON Placeholder – Free online REST service that you can use whenever you need some fake data.
• json-server – Get a full fake REST API with zero coding in less than 30 seconds.
• Mocky.io – Free online service to create fake HTTP responses.
• FakeQL – Mainly focused on GraphQL, but can mock RESTful APIs, as well.
• PIPL API – Free and public API that generates random and fake people's data in JSON
• API Mocha - Free online service providing fake REST API endpoints, create customizable responses and download rules as a Postman collection.

Response

• httpstat.us – A super simple service for generating different HTTP codes.
• httpbin – httpbin(1): HTTP Request & Response Service.
• badssl – Testing clients against bad SSL configs.

Documentation

One of the most important part of your API is have a good documentation and updated with the code.

Free

• docbox.
• slate.
• whiteboard.

Services

• RapidAPI.
• Readme.io.
• GitBook.

Logging

• PM2 by keymetrics.
• morgan for expressjs.
• Moesif API Analytics. Log and Understand API Traffic.

Modeling and SaaS

Based in DDD (Domain Driven Development). Generates automatically API's in different languages.

• Alteranatives to API Plug – 9 alternative and related products to api plug.
• Apiary – Collaborative design, instant API mock, generated documentation, integrated code samples, debugging and automated testing.
• wrapAPI, Build an API on top of any website.
• import.io, turn web pages into Data.
• RAML, RESTful API Modeling Language.
• Runscope – Automated API Monitoring & Testing.
• swagger.io.

Libraries

Used it to improve your workflow

• hello.js – A client-side Javascript SDK for authenticating with OAuth2.
• nock – HTTP Server mocking for Node.js
• node-ratelimiter – Rate limiter for Node.js backed by Redis.
• node-uuid – Simple and fast generation of UUIDS.
• Supertest – Super-agent driven library for testing HTTP servers.

Frameworks

Designed specifically for building RESTful API's Quickly.

• Loopback.
• Sails.js.
• FastAPI.
• rest-hapi.

Gateways

Manage API infrastructure concerns such as authentication/authorization, rate limiting, scaling, analytics, etc.

Open Source / Self-hosted

• API Umbrella.
• ApiAxle.
• KrakenD.
• Mashape Kong.
• Tyk.
• WSO2 API Manager.

原文：https://github.com/Kikobeats/awesome-api