Chris Boesch

Chris Boesch

Audience level:
9 a.m.–9:45 a.m.

Rapidly Prototyping and Securing Your RESTful API


In this talk, I will talk about how to develop RESTful API's with very little create, read, update, and delete (CRUD) code.


 I often begin new development projects with a clickable prototype of some kind that has been developed to meet a specific business need. Once the application flow has been agreed on by the target users, the next task is to start converting the prototype into something "real" which usually means implementing a backend API as efficiently as possible. And although I know that I will eventually need to start writing python code in order to implement an API that is fast, secure, audit-able, and reliable; development philosophies such as Lean Startup and Test-Driven Development have encouraged me to write as little code as possible for as long as I can get away with it. In this talk, I will talk about how to develop a RESTful backend with as little create, read, update, and delete (CRUD) code for as long as possible. I will share examples such as how initially dropping a JSON document in to your Dropbox public folder can be used to simulate your first GET API's. I will briefly cover how to export any python dictionary as a JSON document and then how import the JSON document as a python dictionary after editing. The talk will then cover how backend-as-a-service applications such as Firebase, Parse, and allow you to quickly convert your evolving JSON data structure into an API that securely accepts updates, modifications, and deletes. 
I will conclude the talk by introducing a few asynchronous queueing patterns which allow your python scripts to securely process complex tasks while still allowing you to leverage Firebase and other backends for authentication, authorization, and to protect against threats such as denial of service attacks. Taking this approach may allow you to write and maintain much less python code for longer as your new applications and services begin to emerge.

Platinum Sponsors:

Silver Sponsors: