The document discusses APIs and the API economy. It introduces NestJS, a framework for building APIs. The speaker worked at various companies and is now CTO at Stonize. Stonize needs to create an API for its "Chuck Norris Facts" service to go into production. The API must meet Stonize's pillars of quality, security, and performance - requiring thorough testing, documentation, monitoring, authentication, and more. The speaker will demonstrate building the API in NestJS.

1. API Economy
A NestJS adventure
17 December 2020
Michele Mastrogiovanni

2. Michele Mastrogiovanni
Who am I
Ph.D. in computer science @ La Sapienza (Roma):
a wonderful period of my life!
Former Engineering ingegneria informatica
Former Expedia Group (Hotels.com)
Former Konica Minolta
And since “I'm hungry, I'm foolish… (thanks Steve
Jobs) I started in October to work as CTO @
Stonize

3. Michele Mastrogiovanni
Agenda
1. What is an API and what does API Market mean
2. The “Facts” Project need to go in PRODUCTION
3. NestJS introduction and coding

4. Michele Mastrogiovanni
What is an API?
Application Programming Interface: A way to interact with your software
Examples: Microservices, IoT services…
The following expose API for their services:
● Google
● Facebook
● Twitter
● Telegram
● ...

5. Michele Mastrogiovanni
Why create an API for your Business?
Easy customer integration/adoption
Enforce standardisation
Enable your business on pay per use
Can be included in existing marketplace
Mobile friendly
...
Open your wonderful AI stock prediction engine to the world!

6. Michele Mastrogiovanni
Just few data
Source: https://media2.govtech.com/images/api_infographic_smartfile.jpg

7. Michele Mastrogiovanni
API Architecture (not today, baby!)
Reverse Proxy
CDN (Content Delivery Network)
API Gateway
Firewall
Load Balancers
...

8. Michele Mastrogiovanni
API Landscape
And many others
AWS Cognito

9. Michele Mastrogiovanni
API Design: why NestJS?
● Well designed
● Well documented
● Spring-Like
● Dependency Injection
● Annotated

10. Michele Mastrogiovanni
We work for the Stonize company
We need to create an API for our most
valuable service “Chuck Norris Facts”.
We need to go… in production!!!
Stonize Pillars
● Quality
● Security
● Performances
The “Facts” Project
High performant,
Reliable, Efficient,
Privacy Aware,
Secure, Testable,
Fault tolerant
...

11. Michele Mastrogiovanni
● Unit tests
● End-to-End tests
● Quality metrics: coverage, static code analysis...
● ...Did I mention to test the code?
● Code review
● Standard responses
● Validation everywhere: DTO, responses,
extreme conditions...
● Documentation: e.g. OpenAPI (Swagger API)
● Monitoring in production
Stonize’s pillars: Quality (1/3)

12. Michele Mastrogiovanni
Stonize’s pillars: Security (2/3)
External threats
● Authorization and authentication (e.g. JWT token)
● Headers protection
● Upload limits
● DoS protection (whitelist/blacklist)
● Throttling: Rate Limiting
● Penetration tests
● Software vulnerabilities
● ...
Internal risks
● Log’s anonymity
● ...

13. Michele Mastrogiovanni
Stonize’s pillars: Performance (3/3)
● Use of Cache
● Compression
● CDN for static contents
● Scalable architecture (someone mentioned containers?)
● Distribute load / Automatic provisioning
● Leverage also on client computational power
● Performance test
● ...

14. Michele Mastrogiovanni
Demo Time: let’s rock some code!

15. 15
Thank you!
Michele Mastrogiovanni
michele.mastrogiovanni@stonize.com
https://www.linkedin.com/in/michele-mastrogiovanni/

16. Michele Mastrogiovanni
Resources
NestJS: https://www.postman.com/
Postman: https://www.postman.com/
Portainer:
https://documentation.portainer.io/v2.0/deploy/linux/#deploy-portainer-in-docker
HTTPie: https://httpie.io/
Chuck Norris Facts: https://chucknorrisfacts.net/top-100
Code: https://github.com/mastrogiovanni/codegarden-API-nest-17-12-2020