I am to start designing & architecting a fairly big database business application (data entry, notifications, reporting, data export and usual security restrictions for data). Multiple clients - mobile apps & multiple websites will be there. Plan to use Asp.net MVC5 & Sql server for the development. Phonegap will be used to create mobile apps.
I plan to create an API. All interactions to the Database will be through the API (a REST API). This REST API will be created using Asp.Net MVC5. The front end will be developed as an HTML5 App which calls this API using AJAX. All interactions with the API will be through AJAX calls. Need to expose some of these services (5%) to third parties also.
For e.g. for a supplier management feature, there will be services like SupplierAdd, SupplierEdit, SupplierDelete, SupplierList etc. in the API. HTML5 App will call them through AJAX and do required. Necessary security will be imposed for these services using a login and token based security system.
Plan to use some Javascript frameworks like Angular JS for front end.
The entire application is one with around 200 DB tables and lot of relationships between DB tables. Business logic is only moderately complex. This is mainly a data storage & reporting application.
Is there any problem with this full API based approach ?
Another approach suggested is to avoid AJAX and Javascript and use ASP.Net MVC itself. No separate API will be there for each operation. .cshtml will submit to the controller method and this method will call the Business Layer and do operation. Services which are needed for mobile apps and third parties alone are exposed as API. Is this a better solution ?
The issue which I see for the second approach is that when more and more mobile applications or websites come in future, it does not offer needed flexibility. Also, exposure of some of the services to third parties will be difficult.
I request experienced architects to comment.
Related
I have an ASP.NET Core 5 Web API that communicates with a SQL Server database using ADO.Net using stored procedures. This API is consumed in another ASP.NET Core MVC project within the same Visual Studio solution.
What is the best and most reliable way for the MVC project to handle pagination, sorting and filtering functionalities for the displayed results received from the Web API project?
Fully functional source code: https://github.com/krchome/WebAPICoreMVCClient
Regards,
Kaushik
When you design an API project separately, the idea is that you will keep all the logic and data fetching activities like sorting, filtering, and paging in the API itself. This makes the API self-contained, cleaner, and faster. UI will be responsible for sending the required parameters to the API which includes page no, sorting key, etc to the API and API will give the correct data. which you can consume from the UI and show it.
I am creating an e-commerce API using the Django Rest Framework. The API will handle the following areas:
Databases
User Registration
Permissions
Orders/Payments
There's still one area in which I'm not quite sure how to implement in my project. It's the cart functionality. Would it be better to implement it on the client-side (ex: React/Ember) or on the server-side (i.e. API)?
One scenario that confused me is if the user is logged in in different platforms (ex: Website and mobile app). I want the user to have the same cart on mulitple platforms.
In that particular use case, if you want cart persistence then it must be backend. The reason for this is one being able to have a single source of truth. The phone app and the web app cannot talk to each other unless they have some sort of "common ground" between them.
That's where the API comes in. It will allow both ends to speak to each other by having the API as the single source of truth. See my terrible diagram for a visual.
First off, I apologise if this is a trivial question but I am getting so confused by the information I am reading. I have put off posting on here as I feel my question is too broad but I can't find a definitive answer. I am a C++ developer by trade but I am wanting to get into web development.
My end goal is to have a web API that is consumed by both a web app and mobile app. I want to get the structure nailed first by developing an web API and web app and then expand it to a mobile platform later on.
My aim is to have 4 separate sections - Database -> WebAPI -> Web App
-> Mobile App
all of which are protected with username/password etc.
I have decided to use ASP.NET Core but when creating an application I am given two options in visual studio - ASP.NET Core Application or Web API. I have tried creating a Web API and a separate Core Application but can't work out how to call the web API. I have also tried creating a Core Application as it seems like I should be able to do everything I want in one project but I am worried that the Web API won't be separated enough to be able to call from a mobile app.
I will be working with a database containing sensitive information so obviously want to protect access to the Web API and Web/Mobile app. I have been watching courses on Pluralsight about Identity but I have read that it doesn't work well with Web API's.
Basically I am getting extremely confused when in my mind my end goal should be relatively simple to achieve. If anyone could give me any pointers as to what technologies I need to use would be fantastic.
ASP.NET Core WebAPI is specifically designed for building REST-ful services.
ASP.NET Core Application is used to create web applications that returns both views and data (it's an analog of Asp.NET MVC from standard Framework).
Which to choose is really depends on kind of WebApp you are going to use. If you plan to use some SPA framework, you don't need mechanisms to generate views on server side - WebAPI is a great choice, otherwise choose Application. Here you can find more details on differences.
As of security concern, there no issues with WebAPI. It provides a lot of mechanisms to secure your API and restrict access to methods based on user's identity. Please look at this article as an example.
We want to write a new web site for customer using SQL DB
and implement only one specific client.
what the recommended technology to be used:
Peure MVC.net
Web API and client side using AJAX
I will be glad to hear the causes, the consideration and the cost.
Thanks!
I tend to favour a web api to handle all of the database work (via entity framework), but use MVC for my front end application.
This way you have all the flexibility of an API should you want to use different frameworks in the future (Angular, ASP.net 5 etc), but you can still have the pleasure of working MVC in your front end site.
I want to create a web app that uses Twitter Bootstrap for the front end, and the backend uses Spring+Hibernate.
Now, some data has to be stored in each user's session-- how do I store/manage such data?
Do I have to use a 3rd party JS framework like Angular (by Google) or some other framework for this purpose?
Also, in such a hybrid app, should I use the JS framework (like Jquery or Angular JS) for storing the data and then send it to the Spring + Hibernate API? What I mean is, I can as well store the object-> relational DB mapping in the js framework, and use Spring only for basic database inserts/updates/selects?
Twitter bootstrap is a CSS framework with some javascript plugins, and is not a language in itself. Using it or not using it will have no impact on what you can/can't use on your backend.
As for sessions; sessions should always be stored server-side... therefore using Bootstrap will have no affect on your implementation of sessions.
Finally, in regards to keeping any of your database logic client side in javascript, NEVER do this. Javascript code can extremely easily be modified by the user, so anything client side should be considered unsecure. Do not ever put anything unsecure in your database.
We can use Twitter Bootstrap for the front end, and Spring MVC -> REST API for the back end...
For simple apps, ex search-only apps we can straightaway create an API and use JQuery to connect to the API and fetch data.
For more complex apps, the problem is that REST APIs dont store session data... For this, however we can use Spring MVC-> REST API as that has support specifically to handle sessions.
Refer http://tedyoung.me/2011/10/19/practical-spring-mvc-part-5-sessions/ that explains how to store session data using Spring MVC- and the front end is a simple HTML/CSS web page.