Lessons Learned
building a Web Service API
(for an Android Photo Sharing APP)
About Me
Brennan Heyde
VP Developer Relations, Miva Merchant
Front End / Back End Web Developer
Specialize in Ecommerce Development
ShareBear
Launched in 2012
Total Users: 471 (13 last month)
Groups Created: 300
Images Uploaded: 4,760
Lesson Learned
Identify data format early
for sending and receiving data
(Don't forget about error handling)
JSON in and JSON Out
Sample Request
<form action="request.php" method="post" name="sample-form">
<input type="hidden" name="action" value="get_image_ids" />
{
"user_id":"14",
"secret_code":"1zq08de1eTETUoo",
"group_id":"56"
}
Sample Response
{
"response_status":"success",
"response_message":[
{
"user_message":"User added to pending group. Invites sent to all contact methods.",
"user_message_code":"No_User_Account_Invites_Sent"
}
],
"response_code":"MULTIPLE_RESPONSE"
}
Application Architecture
Lesson Learned
Always be thinking about security in every layer of the application
What we DID
Email Validation
Secret Code Passed with every request
Do not transmit username / password
Encrypted Passwords / Parameterized Queries
Verify Group / Image Ownership
SSL Encryption
Lesson Learned
Sending and receiving Images is surprisingly easy.
Sending Images to Server
Heavy Lifting is built into http (via POST) sends binary data to server automatically
Data Upload Verification / Errors handled by PHP $_FILES
Sending Images to Phone
$image = file_get_contents($returned_row["fullsize_path"]);
Lesson Learned
Leverage existing libraries / services to speed up development
PDO - PHP Data Objects
PHP Mailer
Password Hashing
https://github.com/defuse/password-hashing
Mandrill (Emails)
Thank You
Code available on github
https://github.com/bheyde1/sharebear
bheyde@mivamerchant.com
Lessons Learned
By bheyde
Lessons Learned
- 212