Scalability Essentials for APIs in High-Traffic Services

When developing APIs for services in a company with a large user base, scalability becomes a critical consideration. Scaling an API in production for such a company requires keeping certain fundamentals in mind. Today, I’ll discuss a few key points that you should also keep in mind when approaching this challenge. Here’s a breakdown of some key techniques and strategies you can use: API Optimizations Reduce Payload Size: Send only the necessary data in responses and avoid including unnecessary properties, as every byte contributes to network overhead, even if it’s just a single byte. ...

November 22, 2024 · 7 min · Saddam H

Generate API Documentation Easily with Docgen: A Simple, Open-Source Tool

In this tutorial, I’ll introduce you to an open-source tool that makes creating amazing API documentation effortless! If you’re working with REST APIs and exposing them through HTTP/JSON, there’s a good chance you’re already using Postman to test, debug, and manage collections. When collaborating with teams, especially Android or iOS developers, you often need to share your API documentation. This typically involves sharing the Postman collection in JSON format along with manually written documentation to describe the API. ...

May 15, 2020 · 3 min · Saddam H

An easy way to validate Go request

When building REST APIs or web applications in Go, one of the essential tasks is validating incoming request data. Having worked on various small to medium-sized projects in Golang—most of which are microservices providing RESTful APIs—I’ve employed several approaches to handle data validation. Among these, there’s one method I frequently rely on. For validating application/json or text/plain requests, I begin by defining a struct type to represent the specific request payload. Then, I implement a Validate method on that struct to encapsulate the validation logic. ...

October 18, 2017 · 2 min · Saddam H

How to customize Laravel request throttle message in API response?

When building APIs with Laravel, enabling throttling is essential to protect your endpoints from scraping or other malicious activities. By default, Laravel’s throttle middleware limits API requests and responds with an HTML message containing “Too Many Attempts” when the limit is exceeded. To customize this response—for instance, returning a JSON-formatted error message—you can follow these steps: Create a new file named ThrottleRequestsMiddleware.php in the app/Http/Middleware/ directory. Paste the following code into the newly created file: <?php namespace App\Http\Middleware; use Closure; use Illuminate\Cache\RateLimiter; use Symfony\Component\HttpFoundation\Response; class ThrottleRequestsMiddleware { /** * The rate limiter instance. * * @var \Illuminate\Cache\RateLimiter */ protected $limiter; /** * Create a new request throttler. * * @param \Illuminate\Cache\RateLimiter $limiter */ public function __construct(RateLimiter $limiter) { $this->limiter = $limiter; } /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param int $maxAttempts * @param int $decayMinutes * @return mixed */ public function handle($request, Closure $next, $maxAttempts = 60, $decayMinutes = 1) { $key = $this->resolveRequestSignature($request); if ($this->limiter->tooManyAttempts($key, $maxAttempts, $decayMinutes)) { return $this->buildResponse($key, $maxAttempts); } $this->limiter->hit($key, $decayMinutes); $response = $next($request); return $this->addHeaders( $response, $maxAttempts, $this->calculateRemainingAttempts($key, $maxAttempts) ); } /** * Resolve request signature. * * @param \Illuminate\Http\Request $request * @return string */ protected function resolveRequestSignature($request) { return $request->fingerprint(); } /** * Create a 'too many attempts' response. * * @param string $key * @param int $maxAttempts * @return \Illuminate\Http\Response */ protected function buildResponse($key, $maxAttempts) { $message = json_encode([ 'error' => [ 'message' => 'Too many attempts, please slow down the request.' //may comes from lang file ], 'status' => 4029 //your custom code ]); $response = new Response($message, 429); $retryAfter = $this->limiter->availableIn($key); return $this->addHeaders( $response, $maxAttempts, $this->calculateRemainingAttempts($key, $maxAttempts, $retryAfter), $retryAfter ); } /** * Add the limit header information to the given response. * * @param \Symfony\Component\HttpFoundation\Response $response * @param int $maxAttempts * @param int $remainingAttempts * @param int|null $retryAfter * @return \Illuminate\Http\Response */ protected function addHeaders(Response $response, $maxAttempts, $remainingAttempts, $retryAfter = null) { $headers = [ 'X-RateLimit-Limit' => $maxAttempts, 'X-RateLimit-Remaining' => $remainingAttempts, ]; if (!is_null($retryAfter)) { $headers['Retry-After'] = $retryAfter; $headers['Content-Type'] = 'application/json'; } $response->headers->add($headers); return $response; } /** * Calculate the number of remaining attempts. * * @param string $key * @param int $maxAttempts * @param int|null $retryAfter * @return int */ protected function calculateRemainingAttempts($key, $maxAttempts, $retryAfter = null) { if (!is_null($retryAfter)) { return 0; } return $this->limiter->retriesLeft($key, $maxAttempts); } } Then go to your kernel.php file in app/Http/ directory and replace ...

August 21, 2016 · 3 min · Saddam H