作业要求
模仿github API,用markdown编写设计一个博客网站的部分rest API。
作业实现
假设一个博客网站为:https://api.lessonblog.com
Authentication
1.基本认证方式
登录认证需要用户名:
curl -u "username" https://api.lessonblog.com
2.用户名和密码认证
需要用户名和密码对应才能登录博客网站:
curl -i https://api.lessonblog.com -u usrname:password
- 密码不正确返回
401 Unauthorized
HTTP/1.1 401 Unauthorized { "message": "Bad credentials", "documentation_url": "https://directory.lessonblog.com" }
- 在短时间内检测到多个具有无效凭据的请求后,API会临时拒绝该用户的所有身份验证尝试(包括具有有效凭据的请求),返回
403 Forbidden
HTTP/1.1 403 Forbidden { "message": "Maximum number of login attempts exceeded. Please try again later.", "documentation_url": "https://directory.lessonblog.com" }
请求资源
1.参数
许多API方法采用可选参数。对于GET请求,任何未在路径中指定为段的参数都可以作为HTTP查询字符串参数传,返回JSON格式的数据。
(1)把路径中的:user
设为testuser,:repo
设为info
,显示个人信息:
curl -i “https://api.lessonblog.com/testuser/info”
返回:
Content-type: text/html; charset=utf-8
{
"ret":0,
"is_lost":0,
"nickname":"Peter",
"gender":"男",
"country":"中国",
"province":"广东",
"city":"深圳",
"figureurl":"http://directory.lessonblgo.com/Peter/info/user_icon/1236153759.gif",
}
(2)查询个人最新的博客等等:
curl -i "https://api.lessonblog.com/testuser/newest_article
返回信息:
Content-type: text/html; charset=utf-8
{
"errCode": 0,
"data": {
"lists": [
{
"id": "1",
"type": "ServiceComputing",//类型
"name": "作业2",//博客名
"url": "https://api.lessonblog.com/testuser/5421679",//地址
"addTime": "2019-11-11 00:00:00",//添加时间
},
{
"id": "2",
"type": "ServiceComputing",//类型
"name": "作业1",//博客名
"url": "https://api.lessonblog.com/testuser/5421680",//地址
"addTime": "2019-11-12 00:00:00",//添加时间
}
],
"number": 2,
"currentPage": 1
}
}
2.请求错误
接收请求的API调用上可能存在三种类型的错误:
- 发送无效的JSON将导致
400 Bad Request
响应。
HTTP/1.1 400 Bad Request
Content-Length: 35
{
"message":"Problems parsing JSON"
}
- 发送错误类型的JSON值将导致
400 Bad Request
响应。
HTTP/1.1 400 Bad Request
Content-Length: 40
{
"message":"Body should be a JSON object"
}
- 发送无效的字段将导致
422 Unprocessable Entity
响应。
HTTP/1.1 422 Unprocessable Entity
Content-Length: 149
{
"message": "Validation Failed",
"errors": [
{
"resource": "Issue",
"field": "title",
"code": "missing_field"
}
]
}
限速
1.对于使用基本验证的API请求,每小时最多可以有3000个请求。
2.对于未经身份验证的请求,速率限制允许每小时最多40个请求。未经身份验证的请求与原始IP地址相关联,而不与发出请求的用户相关联。可以发出API请求显示当前的速率限制状态:
curl -i https://api.lessonblog.com/users/octocat
HTTP/1.1 200 OK
Date: Mon, 19, Nov 2019 19:27:06 GMT
Status: 200 OK
X-RateLimit-Limit: 40
X-RateLimit-Remaining: 30
X-RateLimit-Reset: 19192700873
信息解释:
Header Name | Desciption |
---|---|
X-RateLimit-Limit | 每小时允许发出的最大请求数 |
X-RateLimit-Remaining | 当前速率限制窗口中剩余的请求数 |
X-RateLimit-Reset | 当前速率限制窗口重置的时间,以UTC纪元秒为单位。 |
3.当超出速率限制,经过身份验证的请求会获得更高的速率限制:
HTTP/1.1 403 Forbidden
Date: Tue, 20 Nov 2019 14:50:41 GMT
Status: 403 Forbidden
X-RateLimit-Limit: 40
X-RateLimit-Remaining: 0
X-RateLimit-Reset: 19192700873
{
"message": " Authenticated requests get a higher rate limit. Check out the documentation for more details.",
"documentation_url": "https://directory.lessonblog.com/#rate-limiting"
}
参考网址
https://blog.csdn.net/champaignwolf/article/details/84099258
https://developer.github.com/v3/