I'm developing with Azure Mobile Services (using SQL Azure) to provide a backend for both IOS and Android mobile apps and a PHP website.
My question is now that now custom apis have been introduced is it considered best practice to wrap everything up in custom api calls rather than e.g. using the CRUD table operation scripts directly from apps or websites?
Additionally for data access from a website should you lock down access to stored procedures and only exec via custom apis, to enforce a consistent approach no matter who the consumer is?
While I appreciate that custom apis and the table scripts are restful it still isn't clear how to architect a solution in the most efficient, reliable way that can enforce business rules in only place allowing each process only one entry point e.g. you have a stored procedure exec'd by an api called from the mobile apps. If the website calls that stored procedure directly without going via the api it could have unwanted side effects because other logic steps will have been missed.
I'm relatively new to Azure so forgive me if I have just missed something fundamental here. I've read many blogs and tutorials but they rapidly go out of date.
Many thanks
In my opinion the great feature of azure mobile services is the push notifications (to ios, android, wp). If you are not going to use that, there's no great advantage to use WAMS
(Windows Azure Mobile Services).
But it's a good choice using Windows Azure as backend since it's easy to scale up /down. In this case, you could create a Webapi and host in a Web Role. As it works with http, you can easily create Restful services and call them from your apps (ios / android).
Related
I have an MVC application in production, hosted on Azure. Now I would like to develop Mobile app using Xamarin.Forms and Azure Mobile apps. The goal is to use the same database on both mobile and web. After reading available documentation online, I haven't found the way that would suffice my needs. I would like to know what is the fastest and best way to achieve that.
Is it enough to add necessary fields to existing entities that I would use in my mobile apps? Meaning adding fields like: Version, CreatedAt, UpdatedAt, Deleted and add another Id field of type string ex. MobileId (because current database uses autoincrement ids of type integer). Is this approach Ok, or should I do it some other way?
Any suggestion/advice would be much appreciated.
Azure Mobile apps is an accelerator and a way for devs not familiar with backend development to quickly create a backend for mobile apps. Since you already have a backend, you can simply add API methods in your MVC app that your mobile app will call. You will not benefit from some of the features that the SDK provides but you won't have to change your database structure.
You don't need to create a backend mobile app and in most cases you probably shouldn't. Is your app hosted in app services? If so there really wouldn't be any major differences between leveraging (and expanding as needed) the controller layer of your application. In most cases the datastore won't need to change to accommodate a mobile app vs a web app. Usually you want the datastore to change and evolve based on the features that you want your application to support as opposed to the plataforms that are consuming those features. It's usually a good idea to add an abstraction layer(s) to shield the datastore from platform specific requirements.
That being said there are a few Azure services that you should consider adding to make your life easier when developing Xamarin apps:
Notification Hub (provides an abstraction layer over the platform specific push notification services for ios and android).
App center (provides very useful telemetry data about crashes and errors that occur in your Xamarin clients).
App insights, it provides really good additional telemetry data with very powerful out-of-the-box visualization and querying capabilities for both web apps and mobile apps (I would configure app center to feed its telemetry data to App Insights).
If you provide me with more details about the application I would be happy to give you more detailed suggestions but the recommendations above serve as a good starting point for almost all the mobile application projects that I have encountered.
We are trying to determine the best approach for adding a complex API layer to a modified version of nopCommerce. To back up a step, we're building out a custom site for a fashion/apparel manufacturer that has a lot of front-end application requirements and also needs to integrate with their cross platform apps (iOS, Android, Windows) which we're building with Xamarin. We've tentatively decided to start with nopCommerce as the base of our application to which we will add an API layer.
What we are unsure about is what is the best approach for implementing this in nopCommerce (or other similar .NET package)? The options we are considering are MVC vs WebAPI vs ServiceStack. We've been going thru many of the tutorials on PluralSight.com to get up to speed on app dev and API creation best practices, but there seem to be so many options, we're not sure where to start. We seem to be somewhat lost in a sea of implementation options for the API and how each is to be evaluated based on choice of the JS packages/frameworks used on the front-end for the web site and the tools chosen to create the apps.
If it matters, our basic requirements are:
Expand core of basic e-commerce package with some custom ERP style functionality
API layer that can work effectively with both a web front end (possibly as a SPA) and all cross platform apps built using Xamarin
Insure OAuth authentication across all interface types so we can just use social media logins consistently everywhere and can authenticate the user in any environment
Given this...
My question boils down to which of the three API methods (MVC vs WebAPI vs ServiceStack) is best for this?
In my humble opinion you should go with service stack, it´s easier to implement and a lot more flexible than web api, you can add/remove plugins for different functionalities you get a lot of infrastructure code OOB such as mechanisms to handle cache, loggers and other not just related to infrastructure such as validators and IOC container, etc.
you'll get a single mechanism for authentication including custom auth, oauth, oauth2, etc which works for linked in, facebook and google +, in that situation you´ll find yourself reusing a lot of code in across all your apps.
One other thing that I like about SS is that practically is just you and your IOC, nothig else, everything is quite simple to understand and to implement (there could be more than one hidden option or configuration you may miss in the documentation but you get a lot of support from the community in google groups or stackoverflow)
its easier to test (Unit testing) you already have abstractions for httprequest and httpresponse and a lot of more, you won´t find yourself doing wrappers for all the legacy web impl that are shipped with mvc.
SS is better than mvc web api in terms of performance, it got one of the fastest json serializers out there for .net
I´m working on a SPA app for the time beign and I have no regrets about my desition to get into the SS framework.
just my 2 cents.
I would say Web API is best option for the Services Layer
- http://www.asp.net/vnext/overview/aspnet-web-api
There are many advantages
- Web API has been in release cycle as separate component with latest features
- Security
- Versioning
- Attribute based routing
- OData integration
Folks,
Designing an ios application, and would like to confirm my strategy. There is a database (dynamo/mongo/etc) i am building up, which the app needs to make use of. Is it smart to front the database with an API, and have the ios app authenticate against the api.
This way the app makes calls to the api instead of directly to the database?
Would you suggest node.js be a good place to start crafting the web api with?
Thanks!
Yes, access the data via an API. Whether fancy authentication is needed, depends on what is stored in your database, and what your application is designed to do. Here is one resource (among millions) on API design: http://www.vinaysahni.com/best-practices-for-a-pragmatic-restful-api
Also, here is a popular networking library for iOS: https://github.com/AFNetworking/AFNetworking
As for what technology to use, that too open ended and you will get 10 answers for every technology available. This should help though: https://softwareengineering.stackexchange.com/q/154519/44948
I have one main Asp.net MVC application, I also have a help site and quite a few internal apps (that I need to build - reporting, stats, support tickets).
Question: Can OAuth be used in this way? i.e. a user can be authenticated to use all apps (if they have access to that app)?
Ideally all or most of the other apps will be implemented in Ruby or Node.js - so I am hoping I can achieve this with OAuth.
As long as all of your apps run under the same top level domain, it should not be strictly neccessary to use OAuth or similar to obtain a shared session. Instead you could rely on a plain session cookie. You could run some kind of middleware in between your app and the user.
Only if the main app is providing a REST API that you may want to use on various client apps, where some of them run in external environments / domains, making use of OAuth may be relevant.
I have a database on a database server. No web service in place to be consumed by a web application.
If I want my iOS app to communicate with a database server (send & receive data), I know I can create a web service and then call that service from my iOS app. But what web service is recommended for this? Should I just write a .asmx web service in .NET or should I go for MVC WEB API or may be go for WCF ?? I have spend hours doing research on this. Please help.
A lot will depend on where you expect the service to be hosted, and what technology stack(s) are supported by the host. If you are self-hosting, then do whatever works in the technologies you know and understand. If you want to use a host that targets its services to small-to-midsize independent development teams, many providers like Heroku support things like Rails services. PHP is always an option as well. Microsoft-based solutions and Java-based solutions tend to be more widely used in larger enterprises and data centers, and if that's where you'll host your service then these would also be good options. And of course I'm speaking in broad generalities here: For any general trends I might list here there are lots of exceptions where other approaches make sense.
If you'd rather let the decision be driven by what makes things easiest for your iOS code, I would recommend you start with server-side technologies that support REST-ful interfaces using JSON to represent your service's resources. REST-ful services are very easy to consume from iOS, and JSON-based representations of resources are very easy to parse and produce in Objective-C.
I am personally used this approach to set a direction for my app. For the service side, I am going with a Rails implementation of REST-ful web services. I'm a Java developer by profession, but for a small independent project the options for hosting Java services were more limiting than with Rails so I've picked up rails on the side to make my project work. So far it's suited my project quite well.