RESTful API

An API responsible for being a reverse proxy and serving data

OVERVIEW

About the project

The Saikou API, a powerful tool developed for the same client as the "Discord Chatbot" project, seamlessly integrates with one another. It leverages the RESTful API to send POST and GET requests, providing ban data to a popular game on the Roblox platform. This game attracts an impressive 400-500 average players daily and has accumulated over 100M+ overall visits. Additionally, the Saikou API serves as a reverse proxy for sending Discord webhook messages, further enhancing its functionality.

WHEN WAS THIS?

29th July, 2022

WHAT'D I DO?

Developed a RESTful API and reverse proxy.

Tools Used

BACKSTORY

The Problem

Develop a secure API that stores player ban data. This data can be readily fetched, and new records can be added. Include a reverse proxy for sending Discord webhook messages.

The client's input was invaluable in shaping the Saikou API. They expressed a need for a secure API that gave granular control over which data could be accessed and added to the database, and a reverse proxy. In response, I decided to use API keys to keep unauthorised individuals from accessing the API and leveraging MongoDB for the database.

Design & Implementation

The API that serves hundreds of players.

SECURITY VALIDATION

API Tokens

As this API performs GET/POST requests that restrict access to a popular game on the Roblox platform, it was vital that security considerations were taken to prevent bad actors from abusing the API. Including a uniquely generated API token that has to be passed through an "X-API-KEY" on all requests was my way of preventing unauthorised access.

JSON RESPONSES

Fetching Data

The Saikou API utilises the MongoDB database to carefully curate specific data regarding banned players. This data is neatly presented in a JSON object with easy-to-reference names so developers can easily refer to the API response. The data uniquely changes based on the parameters and will throw error codes in JSON if no records exist.

ERRONEOUS RESPONSES

Rigorous Validation Checks

Rigorous validation checking was a top priority when developing the API to prevent bad data from entering the database or requests causing unexpected issues in the API. Over 13 validation checks were incorporated, each providing its own dedicated error message and error code in JSON format for easy reference, ensuring the highest level of reliability.

Impressive Results

After the launch of the Saikou API, it consistently hits thousands of requests each month, showing that the implementation is reliable with zero noted errors since its first major release. Statistics as of 2024.

Apr-May

11.58k requests

Jun-Jul

TBD

Aug-Sept

TBD

REFLECTION

Project Learnings

1. Reliability is essential

This API would be relied on for a player-based game that averages 400-500 players, so it needed to operate flawlessly to prevent a negative playing experience from unexpected problems. To this end, rigorous validation checks and extensive testing were conducted to ensure that the API would be error-free upon its initial launch.

2. Ease of understanding

Since the API would be utilised by other individuals who would be required to read the JSON responses outputted by my API, it needed to be laid out in a way that was easy to read and didn't require much deciphering to understand what was going on. From API endpoint URLs to JSON responses, I ensured everything was consistent and easy to follow.

3. Validation Checks

Validation checking was an absolute must in this API to ensure it didn't run into any unexpected problems. Using erroneous responses also allowed the programmer to send requests to the API with instant feedback as to what went wrong, allowing them to take the necessary steps to rectify the situation.