REST (REpresentational State Transfer) is an architectural style and approach to communications that is commonly used in Web services due to its more economic use of bandwidth over SOAP (Simple Object Access Protocol). This lightweight communication makes REST an ideal architecture for modern APIs that typically transfer information via HTTP.
RESTful APIs operate within certain constraints, including high availability of code, a uniform interface and a stateless existence. One of the most foundational constraints of RESTful design is the separation of concerns between client and server, as discussed in this tutorial by Dale Cox on 01.org.
Client-server separation of concerns supports the distributed architecture that allows the independent evolution of client-side logic and server-side logic. This means that a user (client) invokes a service’s capability by sending the corresponding request message. The server listens for these requests and, after confirming authentication and authorization, acts out that capability or returns a relevant error message in the case of failure.
This tutorial shows followers how to leverage the flexibility of Node.js with Express to build a modular and scalable API with strong separation of concerns, in line with RESTful design. The author explains establishing a user’s identity with the Authentication Filter, determining permissions with the Authorization Filter, and applying the Action Filter. Code samples are provided, as is a link to the full project on GitHub.