In this course, we’ve taken a pedagogical approach to explaining how APIs and authentication is done. In this video, we will look at the security issues with our API and what needs to be done to handle them.
- [Saleh] Hello and welcome to…the last section of this course.…In the previous section, we discussed…the design considerations of two real world APIs.…In this section, we will learn some useful tips…for building APIs in real world scenarios.…We are going to look at some…important security considerations.…Then we will look at how…we can deliver accurate and useful documentation.…We will follow that by looking at API versioning.…And finally, we will take a practical look on caching.…Now we move on to the first video of…this section that deals with security considerations.…
In this video, we will talk about common mistakes…that developers make when building APIs.…In particular, we are going to take a look…at why we should use HTTPS everywhere.…Then, we will look at session hijacking…and how we can generate dynamic session IDs to prevent it.…Finally, we will look at small measures…we can take to protect our secret keys.…About four years ago, Facebook had a major security issue.…On the login page, Facebook was using HTTPS.…
This Node.js training course gives you an overview of a RESTful API and the logical steps of building one. It explores three different APIs, focusing on their similarities and differences to effectively implement one. Author Saleh Hamadeh starts off by defining APIs, showing how they can be built on top of HTTP and listing the properties that make an API RESTful. Then learn how to develop Twitter Notes, a sample web application that lets its users leave notes for their Twitter friends. You'll use Twitter's API to implement a login flow and then design a web API. In addition, you'll get a closer look at two other real-world APIs—Facebook API and GitHub API. Finally, learn some best practices to keep APIs secure, maintainable, and efficient.
- Identifying REST resources
- Setting up the development environment
- Consuming a RESTful API
- Creating an OAuth login request
- Getting an access token
- Saving data in MongoDB
- Building a RESTful API
- Looking at APIs in the real world
- Best practices for building RESTful APIs