RESTful

Learn how to make your apps faster with ETag and Caching. Use the ETag header to detect conflicts.

Labels
AJAX(112) App Studio(7) Apple(1) Application Builder(245) Application Factory(207) ASP.NET(95) ASP.NET 3.5(45) ASP.NET Code Generator(72) ASP.NET Membership(28) Azure(18) Barcode(2) Barcodes(3) BLOB(18) Business Rules(1) Business Rules/Logic(140) BYOD(13) Caching(2) Calendar(5) Charts(29) Cloud(14) Cloud On Time(2) Cloud On Time for Windows 7(2) Code Generator(54) Collaboration(11) command line(1) Conflict Detection(1) Content Management System(12) COT Tools for Excel(26) CRUD(1) Custom Actions(1) Data Aquarium Framework(122) Data Sheet(9) Data Sources(22) Database Lookups(50) Deployment(22) Designer(177) Device(1) DotNetNuke(12) EASE(20) Email(6) Features(101) Firebird(1) Form Builder(14) Globalization and Localization(6) How To(1) Hypermedia(2) Inline Editing(1) Installation(5) JavaScript(20) Kiosk(1) Low Code(3) Mac(1) Many-To-Many(4) Maps(6) Master/Detail(36) Microservices(4) Mobile(63) Mode Builder(3) Model Builder(3) MySQL(10) Native Apps(5) News(18) OAuth(9) OAuth Scopes(1) OAuth2(13) Offline(20) Offline Apps(4) Offline Sync(5) Oracle(11) PKCE(2) Postgre SQL(1) PostgreSQL(2) PWA(2) QR codes(2) Rapid Application Development(5) Reading Pane(2) Release Notes(183) Reports(48) REST(29) RESTful(29) RESTful Workshop(15) RFID tags(1) SaaS(7) Security(81) SharePoint(12) SPA(6) SQL Anywhere(3) SQL Server(26) SSO(1) Stored Procedure(4) Teamwork(15) Tips and Tricks(87) Tools for Excel(2) Touch UI(93) Transactions(5) Tutorials(183) Universal Windows Platform(3) User Interface(338) Video Tutorial(37) Web 2.0(100) Web App Generator(101) Web Application Generator(607) Web Form Builder(40) Web.Config(9) Workflow(28)
Archive
Blog
RESTful
Tuesday, May 17, 2022PrintSubscribe
Data Caching, RESTful API Engine, Visual Studio 2022

Code On Time release 8.9.24.0 introduces the performance enhancing Universal Data Caching and one of a kind RESTful API Engine. Visual Studio 2022 is supported in the Project Designer.

Universal Data Caching will give your applications a significant performance boost. Most databases have a few tables with the content that does not change frequently. Developers can define simple rules that will eliminate the queries to such tables. It takes only a few minutes to make your app run faster.

Specify the data controllers and and the output caching duration in the application configuration. Start reaping the benefits!

Level 3 RESTful API Engine is included now in every application built with Code On Time. The data controllers are automatically mirrored in the application API.

  • Developers can use the engine to create custom data-aware embedded pages that either blend in the Touch UI or have a completely custom presentation.
  • The engine supports OAuth 2.0 Authorization Flows suitable for the standalone web and mobile applications. Use any framework and technology to build a custom frontend with the Code On Time application in the backend.
  • External scripts and utilities can make direct calls into your application with the robust authentication based on authorization keys. Use tools like cUrl to make your application perform custom actions or change data.
  • Developers can limit the application UI to the specific user roles. For example, administrators can sign into the application and manage data while the users in other roles will only be able to sign in to confirm their identity during OAuth 2.0 Authorization.

The engine is introduced in the RESTful Workshop, the curated set of tutorials that will empower the reader to build the modern high performance software in a record time and at the fraction of the cost of other tools. Level 3 REST API is self-documented with the hypermedia embedded in the data.

RESTful API Engine makes it possible to build custom embedded pages and standalone web and mobile frontends using your application as a backend. External scripts and utilities can use your application to orchestrate the complex workflows.

Code On Time is making a big bet on the RESTful API Engine to deliver the new benefits to our customers:

  • Developers will be able to build apps serving as backends for devices that need to know the user identity and a way to read and write the user-specific data. The next release will support OAuth 2.0 Device Authorization Grant flow for the input-constrained devices. You may have experienced this flow when authorizing a medical device to access your health data or when allowing a smartwatch to use your music service. The same flow is authorizing a smart TV in a hotel room to access the video streaming service that you are paying for at home.
  • Cloud Identity has been on our roadmap for several years. Soon developers will be able to build a collection of apps with one of them serving as the Identity Provider while the others will become the Identity Consumers.
    • Each application will have its own security system.
    • Users will identify themselves by signing into the Identity Provider. This app may have the 2-Factor Authentication enabled or include an option to authenticate users with the third-party providers such as Google, Microsoft, or Facebook.
    • An application will become the identity consumer at runtime when the administrator creates a Cloud Identity link with another application. Device Authorization Flow will authorize the establishment of the link when approved by the administrator of the intended Identity Provider.
    • Identity Consumer application synchronizes its roles and custom OAuth 2.0 scopes with the Identity Provider database. This makes it possible to manage users of the entire application collection in one place.
    • RESTful API Engine access tokens will be issued by the Identity Provider application. The same access token will authorize requests to any application in the collection. The token will inherit the permissions configured in the Identity Provider by the collection administrator.
  • Microservices Architecture becomes a reality with Code On Time even for the smallest of developer shops. Cloud Identity and access token portability across the collection of applications make it possible to create the frontend that will exchange data with multiple backend applications. Each backend provides a custom API, has its own performance characteristic, and can be deployed independently. This improves the stability of the frontend and its overall performance. Learn more in the Introduction to Microservices Architecture.
  • The upcoming built-in GraphQL processor will parse the queries and resolve them by executing the RESTful API Engine requests. GraphQL has emerged at Facebook as the query language for the complex collections of APIs. Their numerous apps needed small subsets of data from multiple sources, which required several requests fetching too much data. Graph QL server is the “fat client” that defines the supported query types. The server accepts the queries formulated as a graph and delegates the execution to the custom resolvers. The output of multiple resolvers is merged in the graph that matches the query.
  • The App Studio application is a part of each Code On Time installation. This local web app presently starts the product activation process by redirecting developers to the account management portal. App Studio will come with the RESTful API Engine enabled in the future releases. It will serve as the local project management portal that will replace the start page of the app generator, which will be relegated to the icon tray. It will also provide the backend to the v9 Live Project Designer. The code generator will be invoked in the command line mode by the RESTful API Engine of the App Studio in response to the developer activities in the Project Designer of live apps. This is the architectural departure from our original plan outlined in the Roadmap, but we are on the finishing line now to deliver the amazing development tools in the heads of developers.
  • Content Hub, our innovative publishing platform, creates the new content in our legacy public site. We have developed this platform for internal use. The hub agent monitors the shared drives in our corporate Google Drive and transforms the changed documents into the HTML-based Display Flow content published through the RESTful API to the account management portat. The portal feeds the content to the database of the legacy site. The following capabilities of the platform will become commercially available:
    • Content Hub Agent will monitor Google Drive, Office 365, and network folders for the content in Microsoft Word Format. The agent is a multi-platform application. Changes are pushed to the hub-enabled application built with Code On Time.
    • Content Hub Add-On for applications created with Code On Time will render the content imported by the hub agent as public pages, blog posts, documentation library, newsletters, helpdesk tickets, public forum posts, etc.
    • Add-on will provide the interactive content editor based on Touch UI. It will customize the presentation style of the live “content hub” pages. It will create tickets and community posts from within the apps built with Code On Time in the same format that is used by the hub agent. It will invoke the RESTful API of the app to read and write the hub content.

The release 8.9.24.0 includes the following features and enhancements:

  • (Framework) Upgraded the framework to jQuery.3.6.0 and the latest version of the Material Icons.
  • (AppGen) Added support for VS2022.
  • (App Gen) Develop command in the project options will activate the most recent version of Visual Studio if the solution file format version is 12.00. This will ensure that VS2022 starts when both VS2022 and 2019 are installed on the same machine.
  • The enhanced Postal Address Verification silently resolves the postal addresses with Google Geocoding. The customers in the United States can achieve a perfect resolution of each address in the USPS-approved format.
  • (Touch UI) New tag form-max-(xs|sm|md) will make the contents of the form aligned in the middle of the page.
  • (Touch UI) Input field tagged as text-style-primary will display in the "primary" color.
  • (Touch UI) Modal popups will have the header when displayed in the content pages, which have their own header hidden.
  • (DAF) Client-side cookies are created with the SameSite=Strict attribute.
  • (Framework) Access control check is performed in the correct sequence for the standard membership controllers both for reading and writing of data.
  • (Touch UI) New css rules to enable hover over the fields with the Actions lookup to ensure correct display of icons in the buttons.
  • (Touch UI) Right-clicking on the logo will open the menu panel.
  • RESTful API Engine is included in the generated apps.
  • (Framework) New js/sys/restful.js provides a thin wrapper on top of Fetch API for the RESTful API Engine.
  • (Touch UI) A click on the empty part of the app toolbar or reading pane button bar will close an visible popup menu.
  • (Touch UI) Eliminated the redundant 3rd level child Data View fetching in the form views with multi-level master-detail. This significantly reduces the load time of forms with master-detail field relationships.
  • (Touch UI) Improved stability of inline editing in multi-level master detail forms. In some situations the aggressive selection of items in DataView fields would have caused the unnecessary attempts to fetch data and server-side exceptions.
  • Universal Data Caching improves the response time of the requests to read data in Touch UI.
  • (Touch UI) The focused universal inputs are redrawn whether or not they have a value. Previously only non-empty inputs were redrawn.
  • (Touch UI) Simplified parsing of the virtual page activator.
  • Integrated codemirror-5.65.2 for the upcoming Content Hub Add-On to allow display and editing of code samples.
  • (Touch UI) Refactored the code responsible for the "scrollable" state of the system tab bar. The visual presentation goes from flat to scrolled when the scrollable content is detected and the view does not have the horizontal scrolling (grid with horizontal scrolling).
  • (Touch UI) Removed redundant CSS class definition.
  • (Framework) New $app.urlArgs() method returns an object map of the page location URL parameters of the specified argument. The argument is either a string or a hypermedia object with the 'href' property. If the parameter is not specified, then the URl of the page in the browser is used for the parameter extraction.
  • (Touch UI) Account Access grant for OAuth 2.0 Authorization Flows is now supported by the framework,
  • (Offline Sync) Improved reporting of data downloading errors during sync.
  • (Framework) ASP.NET version headers and X-Powered-By headers are not returned by the apps in the HTTP response headers.
  • (Client Framework) Server-side errors raised when the data is retrieved from the server are displayed in the notifiction bar at the bottom of the screen. This helps detect data fetching errors that may remain invisible to the developers.
  • (ASPX) New method Invoke is implemented in DataControllerService to handle all incoming requests. It allows file uploading in the apps with the aspx page model.
  • (Map) Clearing of the geo map will result in the new tooltip assigned to it.
  • (Touch UI) Fixed the exception raised when the quick find filter is cleared.
  • (App Gen) Develop command in the project options will activate the most recent version of Visual Studio if the solution file format version is 12.00. This ensures that VS2022 starts when both VS2022 and VS2019 are installed on the same machine.
  • (Designer) Action property "whenKeySelected"is correctly persisted when set to "No" in the Project Designer.
  • (Site Content) CreatedDate and ModifiedDate fields are set to the DateTime.UtcNow.
  • (CMS) Renamed "Workflow Register" option to "Site Content (recommended)". This option is available in the database connection string settings.
  • (Reports) Class Library projects are provided with the correct ReportViewer references. Previously the leading and trailing spaces have caused errors when building projects.
  • (Reports) Included the reference to the Microsoft RDL Designer for VS 2022 in the custom reports. The reference is visible to the developers in VS if the designer is not installed.
  • (Code Gen) Simplified the syntax of !String.IsNullOrEmpty in the C# source code.
  • (Code Gen) Added support for IsNullOrWhiteSpace unary code generation expression.
  • (CodeGen) Value Inequality operators are produced as natural a != b and a<>b operators in C# and VB. Previously such operators were generated as !(a==b) and Not(a = b).
  • (Code Gen) C# code string constants are now presented with "string" + "string" breaks.
  • (Code Gen) C# code placed to the previous text line the symbols +|-|*|/|% that were previously wrapped to the next line.
  • (Codegen) C# code simplification of "params System.Object[]" to "params object[]".
  • (Framework) Numeric primary keys do not cause hidden exceptions when new BLOBs are uploaded with ODP.
  • (Framework) Method $app.actionInfo(path) returns the information about the action for the specified path in the format "groupId/actionId".
  • (Touch UI) Actions rendered as "Actons" field display simple confirmations and data controller confirmations.
  • (Touch UI) Remove the preloading instructions for the fonts. Added the version of the app to the font reference in the touch-theme.css.
  • (CodeGen) Class attribute definitions in C# will have "spaces" surrounding the "=" preceding the attribute parameter values.
  • (Touch UI) Right-clicking on the logo will open the menu panel.
  • (Touch UI) Click on the empty part of the app toolbar or reading pane button bar will close an visible popup menu.
  • (Touch UI) Eliminated the redundant 3rd level child Data View refresh in the form views with multi-level master-detail.
  • (Touch UI) Improved stability of inline editing in multi-level master detail forms.
Monday, May 9, 2022PrintSubscribe
Introduction to Microservices Architecture

This is an excerpt from the upcoming Microservices Workshop.

Rationale

Let's say you want to build an online marketplace. You will need the inventory management system, product catalog, shopping cart, order management system, payment, invoicing, shipping, product reviews, and many other modules. It is tempting to design a unified database that keeps track of everything and build a monolithic app on top. It will likely become a monumental effort. A better approach would be to build the individual modules in the order of their priority.

Use Code On Time to put together an inventory management system. The built-in rich user interface will likely satisfy your needs at least in the beginning. Touch-friendly UI and the ability to run the apps in the native mode (PWA) out of the box will save a tremendous amount of time and money. The built-in RESTful API Engine automatically mirrors the user interface capabilities and is ready to be enabled to serve as the backend of the custom mobile and web applications whenever the moment arrives.

As soon as the MVP (minimal viable product) of the inventory management system is ready, have it deployed.

Create a separate database to keep track of users and roles. Put together a Marketplace Identity application on top of the database with Code On Time. The built-in security system supports the 2-Factor Authentication and optional integration with the external identity providers, such as Google, Microsoft, or Facebook. Deploy the Marketplace Identity application to the server.

Sign into the inventory management system as administrator and configure the Marketplace Identity app as its Cloud Identity Provider. From now on, users signing into the inventory management system will be redirected to confirm their identity with the Marketplace Identity application.

Suppose that the next target is the order management system. Build it to make sure that you can convert the contents of the future shopping cart into a bona fide order. You can add the required tables to the same database schema. Alternatively, set up an entirely new database and make sure that its references to the product inventory are sufficient to keep track of the order-specific information such as SKU, brand, name, and price. The order history becomes isolated from the accidental changes to the product price that would affect the historical orders. Add the membership support to the dedicated database of the order management system.

Sign into the order management system as administrator and configure the Marketplace Identity app as its Cloud Identity Provider.

Continue to build the other modules of the online marketplace. Make them independent and provide each with its own database and membership. Use Code On Time to create the data management screens automatically mirrored in the custom RESTful API of the module. Configure the Marketplace Identity for user authentication.

Use the best-of-the breed frontend libraries and frameworks to put together the product catalog and the shopping cart modules. The RESTful APIs of the modules are authenticated with the access tokens issued by the Marketplace Identity application. Your custom apps will use the OAuth 2.0 protocol to authenticate the users and obtain the tokens.

You will be able to create a cosmos of powerful microservices complete with their RESTful APIs and sophisticated user interfaces for data management. Each microservice is the module that can be evolved and continuously deployed independently.

Custom mobile and web applications will rely on the microservices for their backend functionality. JavaScript-based clients can reference the restful.js script of the identity provider application. The script provides the lightweight wrapper $app.restful on top of the Fetch API. The in parameter in the method argument can specify the name of the module that will respond to the API request.

Only Code On Time makes it possible for a single-man shop or small team of developers to put together applications that rival the software produced by the industry giants! Perfect for prototyping and everyday production use.

Individual microservices can be replaced over time with the custom implementations eliminating any possibility of a technological lock-in.
Monday, May 2, 2022PrintSubscribe
Lesson: ETag and HTTP Caching

RESTful API Engine responses are provided with the ETag header. Browsers automatically submit ETag with the subsequent requests to fetch the same resource. The engine responds with the HTTP status 304 and empty body if the ETag of the resource has not changed. Apps can also submit ETag with CRUD requests for conflict detection.

Detect the data editing conflicts and build high performance applications by taking advantage of the HTTP protocol.
image2.png
The ETag of the resource specified in the If-Match header of the PATCH request allows detecting the data editing conflicts.
image1.png
The items of the Supplier Company Name and CategoryName lookups are fetched from the RESTful Application with GET requests. The physical data transfer happens one time only for each lookup for each subsequent opening of the Edit Product form.
Firefox Developer Tools provide a complete list of HTTP requests executed by the web application. Other browsers may not provide the full picture of the network traffic between the client and the server.
The RESTful Application responds to the lookup requests with the HTTP status code 304. It tells the client that the ETag of the corresponding resource is unchanged and the previously fetched copy of the response can be used instead.

This tutorial is part of the RESTful Workshop designed to empower individual developers and teams to create amazing enterprise-quality backends for mobile and web applications. Zero experience and no code is required to provide your data with the REST API conforming to the Level 3 of Richardson Maturity Model with the built-in OAuth 2.0 and Open ID Connect.