It’s been a few weeks since I’ve been able to work on my Bookmark Web Service.
This week, I’ve had some time to jump back into my Bookmark service and launched an updated version to Heroku (https://bookmarks-service.herokuapp.com).
While it is not 100% complete, the Bookmark service is at a point where I can use it to build out the full bookmarking web application I’ve been planning to build for a few months now.
As such, I’d like to update you on where I am with my bookmarking web service, how I plan to use this web service in my full application, and future plans for improving it.
One final note before we jump in: I made a lot of mistakes along the way and learned some valuable lessons, so in the near future I plan to write posts discussing what I’ve learned.
Now, let’s discuss what this bookmarking web service actually does.
1. An Overview of the Bookmarking Web Service
If you’d like to try out my Bookmarking service, you can do so here: https://bookmarks-service.herokuapp.com. It is a live, working version. Just shoot me an email at email@example.com and I’ll set you up with an account.
I launched (crude) API Documentation so you’ll know how to work with the API, but in the meantime, here is a quick overview:
How The Bookmarking Service Works
To interact with any aspect of the service, you’ll need to include an HTTP Authorization header using the Basic authentication type. Which username and password you use depends on the type of request you make.
SuperUsers are the starting point, and are able to create new Users. Because SuperUsers have so much power and will rarely be added, I’ve intentionally left it a bit cumbersome to add, and as such must be added via Python code.
Each SuperUser will have an ID and a Password which they can use in the next step.
I’ve provided instructions on adding a SuperUser in my GitHub Readme.
Creating & Viewing Users
SuperUsers authenticate with their ID and Password and are then able to view all Users by making a
GET request to
/users. They can also create Users by making a
POST request to the same endpoint, also passing form data for
password. The response will include a user id.
Creating & Viewing API Keys
Users authenticate with their ID and Password and are able to create an API Key by making a
POST request to
/api_keys. The response will include an API Key ID and Secret. To view all existing API Keys associated with the user, make a
GET request to
Creating & Viewing Bookmarks
To work with bookmarks, users must authenticate with their API Key ID and Secret.
To create a bookmark, make a
POST request to
/bookmarks, including form data for:
follow_redirects– This is optional, but setting this to
Truehas the service follow all redirects on the
urland save the final URL to the bookmark
The response from the
POST request will include an
id that is a random and unique 6 character alphanumeric sequence, such as
GET request to
/bookmarks/abcdef, for instance, will return a response with the original URL.
GET request to
/bookmarks will show all bookmarks which that user has added.
2. How I Plan To Use This Bookmarking Service
For my own bookmarking application, I plan to use this web service to handle storing the bookmarks.
A user will be able to visit my application homepage and enter a URL to bookmark. A request will then be made from the application to this web service, which will return a bookmark ID. This ID will be directly associated with the shortened link that my application will return to the user.
Then, if anyone visits that shortened link, the application will make a request to the web service, passing the bookmark ID, find the associated URL, and redirect the user to this URL.
By the end of October, I’d like to launch the full application utilizing a microservices architecture. This Bookmarking web service I’ve built handles the majority of backend functionality, so I can now concentrate on building the frontend of the application.
I haven’t had a chance to play with some of the popular frontend frameworks, so I will use this project as an exercise to gain experience working with React.
Future Plans For The Application
After I build out the frontend of the application, I would like to add in some more functionality, including tracking/analytics on all bookmarks, allow users to create an account to edit their bookmarks, and provide users a way to make bookmarks private or public.
Should be fun!
3. What I’ll Be Adding To This Web Service In The Future
As I mentioned in the beginning, even though I’ve launched my web service and will be using it as part of a larger application, it is not done yet.
Here are some of the areas I need to improve.
Turn Off URL Checking
Right now, when a request is made to add a bookmark, the service makes a request to the URL and checks the status code. If the status code is not 200 or 300 level, it will return an error to the user and not create the bookmark.
While this is a nice feature to help users who may make typos when entering URLs, there may be a use case for users who want to add URLs that either don’t exist yet or return an error code for now but not in the future.
So I’d like to add another option that users can pass when creating a bookmark that will turn this checking off.
Editing and Deleting
There is currently no way for someone to edit or delete users or bookmarks.
But this is definitely a needed functionality.
Adding this functionality is rather easy (I just need to add PUT and DELETE methods to the appropriate routes), but there are some complexities I’d like to address.
For instance, if a user is deleted, what happens to all of their bookmarks?
In the same line of thinking, if a user is created with a password, there is no way for them to reset their password. If they forget their password, they will get locked out of their account.
I’d like for users to be able to reset their passwords. At first I imagined using emails to allow resets, but this is probably too much for a web service.
Instead, SuperUsers should be granted the ability to reset user passwords.
I spent some time researching how to make this service secure. But I realized I was spending too much time and decided that the best way for now would be to use basic authentication. Although this is not the most secure way, as long as the data is sent over HTTPS, it should be secure. But I still would like to research more secure options.
I have some work still ahead of me, but I’m excited to integrate my web service into a full application that utilizes a microservices architecture.
Obviously, I’m not inventing anything groundbreaking (there are tons of link shortening services out there already), but the process of building out this application has allowed me to learn some of the intricacies of how the Internet works, how REST APIs work, and how to build a larger application.