
Ask HN: What is a good book to learn about the components of modern APIs? - throwaway_shame
I am wondering if there is a good resource(preferably a book) that details the components for building scalable APIs. I wish to learn to how to properly secure the endpoints, rate limiting, etc.<p>My background in CS is not formal but I have built a few webapps and hosted on AWS but I was never sure if I was doing it the right way. For example, I know to access DB it is better to use connection pools than not but I do not know how much of scalability this gives.<p>Secondly, I want to learn about things like how&#x2F;when messaging queues are used and several other similar solutions and the drawbacks of just using a DB to achieve these functionalities.<p>Thirdly, thirdly things like how to secure the app, caching, CDNs, Load balancing etc.<p>To frame my question differently, I wish to learn about various services a Cloud vendor like AWS offers, why such a solution is necessary, what are the alternative ways of achieving something that a particular service offers and trade-offs among the alternatives and finally how to put it all together.<p>Any reference will be greatly helpful.<p>EDIT: I have specifically mentioned about APIs and not web apps to leave out the front-end aspects.
======
aisafetyceo
Unless your currently facing the issue and can't solve it using "true
standards" than don't bother learning it.

I wouldn't use anybodies definition of a standard rather just try to get away
with learning no "vertical software industries" which were pioneered to
increase cloud vendor profits

I'm suggesting a low level stack of Linux EC2 with Nginx, Nodejs and no
libraries

The vast majority of concerns that are addressed in books are solved by the
invisible hand of the market.

a simple example of this would be "the tiny learning hell" a developer would
place themselves through to implement SSL before certbot surfaced

the same is happening for security, caching, CDNS, Load balancing etc.

The component that I suspect is not in written circulation is what i think of
as a single user model: across all systems the preferred way to implement a
solution that scales is to reduce the complexity to a single value

For example, if you have database of users then you write the data to a single
file with no real structure instead the structure is computed during a read
request

Another example, if your writing a web app with a node server, reduce the
server and webapp into one function on one page that runs through a generator
contained in that one function that outputs the appropriate file for the
server or the client

the value is that your code is reduced to the logic that produces real
functionality and benefits naturally from the teams of engineers who work on
improving the concerns and constitute the invisible hand

some insights that are noteworthy: \- instead of using PM2/forever to keep
your app online spawn a bash script to start your node process \-
Require.cache can cause issues / might make sense to write a copy to disk to
bridge between restarts \- use the native modules for requests and
cryptography hashing

------
polymathemagics
Designing Data Intensive Applications is not exactly what you're looking for,
but it touches on some API topics and is a genuinely great technical read for
application programmers.

