Closed PeerRich closed 2 years ago
Now that we have Monorepo, @baileypumfleet and I were discussing on how can we proceed with public API project. Here are my thoughts.
apps/api
as our #1581 monorepo specs.These are the options that come to mind:
...WIP
Thanks for the proposal and the later summary. I vote up for Express.
i used strapi in the past and quite liked it
i used strapi in the past and quite liked it
I think Strapi is more CMS-focused. I could be wrong tho.
i used strapi in the past and quite liked it
I think Strapi is more CMS-focused. I could be wrong tho.
yeh probably a bad usecase to use it
i used strapi in the past and quite liked it
I think Strapi is more CMS-focused. I could be wrong tho.
yeh probably a bad usecase to use it
I was gonna -1 it (for public api)because I had some drama it only supporting integers for prices on an e-commerce once.
I think strapi is more a candidate for an integration maybe down the road although that does seem far fetched! Who knows where the app store will take us ππ.
For public API I like both Next and express, although separating it into it's own app feels off (although I think nextjs, recently added better support for such kinda redirects)
All in all I would love to know more of what the community thinks would be the best approach for us to follow.
One question I have is how we'll handle auth for the API? Personal Access Tokens? Is Oauth with something like ORY's hydra package too far fetched? It would make a sign in with cal.com closer.
Can we get away for now with just using our current api endpoints in nextjs. But making them compatible with the outside world? Documenting them etc. maybe we can use the new next 12 middleware that next-auth has for the API endpoints?
The idea (for now) is to use personal access tokens, and later we can extend to OAuth support for third-party apps to build on top of the Cal.com API.
I wouldn't mind having the API as part of the next project. Alternatively, I think a separate project makes it cleaner, and especially now that we have the shared Prisma logic libraries and such, it should make it easier. I'm totally open to both options.
The main thing though is that the public API will likely be an enterprise only feature, so this will need to be a private app in the monorepo
I'm quite a fan of next but its main use case I think falls outside of building an API. I'm not saying you cannot build one and I believe the argument from @agustif is a valid one meaning that the whole codebase is already driven by Nextjs, but at the same time, I believe using a backend option like Express will embrace much more power to Cal than the limitations you will find with next. Also, Turbo makes everything easier to manage.
π to pure Express
The idea (for now) is to use personal access tokens, and later we can extend to OAuth support for third-party apps to build on top of the Cal.com API.
I wouldn't mind having the API as part of the next project. Alternatively, I think a separate project makes it cleaner, and especially now that we have the shared Prisma logic libraries and such, it should make it easier. I'm totally open to both options.
The main thing though is that the public API will likely be an enterprise only feature, so this will need to be a private app in the monorepo
I second to have API separated from the next. Right now, UI + Prisma logic that powers API are tightly coupled.
Started working already on the API, sharing here a first draft of CRUD endpoints needed to start working on admin functionality.
I think those are the biggest models we have and basically with them and extra relations that can be included on a prisma call, we should be able to cover a lot of ground. Let's go for it.
@emrysal would love a little chat about availabilities, or maybe your general inputs about it before building much there, which API func should be useful there, a general CRUD for both schedules and availabilites?
All endpoints will require Auth. You'll only be able to access the resources you're an owner / team manager of.
GET /users : Get all users/ POST /users : Create a new user GET /users/{id} : Get the user information identified by "id" PUT /users/{id} : Update the user information identified by "id" DELETE /users/{id} : Delete user by "id"
GET /event-types : Get all event-types POST /event-types : Create a new event-type GET /event-types/{id} : Get the event-type information identified by "id" PUT /event-types/{id} : Update the event-type information identified by "id" DELETE /event-types/{id} : Delete event-type by "id"
GET /bookings : Get all bookings POST /bookings : Create a new booking GET /bookings/{id} : Get the booking information identified by "id" PUT /bookings/{id} : Update the booking information identified by "id" DELETE /bookings/{id} : Delete booking by "id"
/availabilties ...
/schedules ...
I am using Django for REST API backend. It works incredibly well. Can only recommend.
Pls. think about providing a URL with documentation right from the API code without requiring authentication. PUT and DELETE are methods that are often blocked per default in big corps firewall rules. Would limit to only use POST and GET. Translates into: POST /bookings/update/{id} or ... GET /bookings/delete/{id} ... which makes it also more readable in networks trace or developer tools.
About team management:
You'll only be able to access the resources you're an owner / team manager of. That's cool.
How do I add/change a booking where I am the client and not member of the team? You should probably have some hashes or tokens here.
For the last year I've used NestJs for api, it's pretty solid. It has Express under the hood, and what I really liked it leaves you with a very good architecture. https://docs.nestjs.com/
@raro42 this is closed-source. At first, it leads to confusion for me as well. I cannot say enough about this but in terms of cost you would want to keep your stack close to what your crew can manage. Django is Python. Most Cal devs are TS devs.
Expanding on what @denik1981 said, we're going to use NextJS api routes in a new project for that same reason.
I am using Django for REST API backend. It works incredibly well. Can only recommend.
Pls. think about providing a URL with documentation right from the API code with requiring authentication. PUT and DELETE are methods that are often blocked per default in big corps firewall rules. Would limit to only use POST and GET. Translates into: POST /bookings/update/{id} or ... GET /bookings/delete/{id} ... which makes it also more readable in networks trace or developer tools.
About team management:
You'll only be able to access the resources you're an owner / team manager of. That's cool.
How do I add/change a booking where I am the client and not member of the team? You should probably have some hashes or tokens here.
If they wanted to go with the Django Rest Framewrok + React Stack I guess they would have used it directly from the start instead of using Prisma, I've never tried Prisma but I guess it's being used as an ORM for postgres and Django's ORM is maybe one of its biggest strength + it also has a customizable GUI admon dashboard for database operations.
@raro42 this is closed-source. At first, it leads to confusion for me as well. I cannot say enough about this but in terms of cost you would want to keep your stack close to what your crew can manage. Django is Python. Most Cal devs are TS devs.
Are the api endpoints going to be closed source too or only the admin UI letting people build their own dashboards ?
@raro42 this is closed-source. At first, it leads to confusion for me as well. I cannot say enough about this but in terms of cost you would want to keep your stack close to what your crew can manage. Django is Python. Most Cal devs are TS devs.
Are the api endpoints going to be closed source too or only the admin UI letting people build their own dashboards ?
@agustif can post the new update here too
Looking forward to this functionality
Will you be creating SDKs in other languages (java/python)? Or will there be a detailed api spec so that we can write community managed ones?
Congratulation on releasing the new API, and the Series A funding.
I see that the Dashboard missed the Launch window. Hopping its available in the next release. Cool stuff seeing youre building Cacom to be the Defactor Platform for calendar and Appointment booking. this will surely drive growth onto the platform.
Also, consider adding more Integration with Opensource Products, Like, Matrix/element, RocketChat, Mattermost and etc
Will you be creating SDKs in other languages (java/python)? Or will there be a detailed api spec so that we can write community managed ones?
The api spec is here: https://docs.cal.com/api Currently a WIP, will be improving it during the weekend and following week. Working on having an alpha release soon so you can all start testing and calling the API.
I think swagger-ui will let us auto-generate snippets for each operation in different languages, but for now we'll focus on API itself, we can improve this later.
I'm really excited to be sharing more news soon, will do a loom demoing the new api keys functionality in webapp, and basically how to get started with API getting a Key and calling the endpoints.
Have a nice weekend everyone!
And yeah dashboard is up next for sure!
Will you be creating SDKs in other languages (java/python)? Or will there be a detailed api spec so that we can write community managed ones?
https://github.com/calcom/cal.com/pull/2547 when this one merges at least snippets will be in more languages than just curl (added java and python in there ;)) using openapi-snippets so anything availabile in there is game, but too many snippets makes the layout break
would the Dashboard and API be available on the self hostable Edition?
would the Dashboard and API be available on the self hostable Edition?
for now it'll stay a commercial, closed source feature but the API end points will be publicly accessible and you can generate an API token to authorize against here: https://app.cal.com/settings/security
you can receive access to the private API repo to self-host on a commercial plan
so both Dashboard, as well as API would be Enterprise edition only features?
you will be able to use them, just the source code will be closed source for now. enterprise can access code
@PeerRich: π to pure Express
π https://github.com/jlalmes/trpc-openapi
Ping me if you want to chat anything through/any assistance!
@PeerRich: π to pure Express
π https://github.com/jlalmes/trpc-openapi
Ping me if you want to chat anything through/any assistance!
It's on the roadmap definitely @jlalmes we need to extract tRPC to a monorepo package, put remaining logic there and there we can adopt it in the open API
RFC summary of the recent discussions and feature requests of our slack channel #admin-panel-and-api
RFC: admin panel (console.cal.com) & Public API
Goals:
Who this is for
Who this is not for
planned features
written by @agustif
CRUD Endpoints
All endpoints will require Auth. You'll only be able to access the resources you're an owner / team manager of.
Users
Event Types
Bookings
Availabilites and Schedules
/availabilties ...
/schedules ...