- Use HTTP methods correctly (GET, POST, PUT, DELETE)
- Use plural nouns for resources
- Use consistent URL patterns
- Return appropriate HTTP status codes
All API responses follow this structure:
{
"data": {}, // or [] for collections
"meta": {
"total": 100,
"page": 1,
"limit": 50
},
"links": {
"self": "/api/scriptures/volumes",
"next": "/api/scriptures/volumes?page=2",
"prev": null
}
}Standard error response format:
{
"error": {
"code": "VALIDATION_ERROR",
"message": "Invalid search query",
"details": {
"field": "query",
"issue": "Query cannot be empty"
}
},
"timestamp": "2025-01-05T12:00:00Z",
"request_id": "req_123456"
}GET /api/scriptures/volumes- List all volumesGET /api/scriptures/volumes/{id}/books- List books in volumeGET /api/scriptures/books/{id}/chapters- List chapters in bookGET /api/scriptures/chapters/{id}/verses- List verses in chapterGET /api/scriptures/search- Search scripturesGET /api/scriptures/random- Get random scriptureGET /api/scriptures/reference/{book}/{chapter}- Get by reference
limit: Number of results (default: 50, max: 100)offset: Pagination offset (default: 0)q: Search queryvolume_id: Filter by volumeinclude_lds: Include LDS volumes in random (default: false)
Content-Type: application/jsonX-Total-Count: Total number of resultsX-Page: Current page numberX-Limit: Results per pageCache-Control: Caching directives
- Currently: No authentication required (public API)
- Future: JWT tokens for user-specific features
- 100 requests per minute per IP
- Rate limit headers included in responses
- 429 status code for rate limit exceeded
- Configured for specific origins
- Preflight requests handled
- Credentials not required
- All inputs validated with Pydantic
- SQL injection prevention
- XSS protection through proper encoding
- Health check: < 1 second
- Simple queries: < 500ms
- Search queries: < 2 seconds
- Complex operations: < 5 seconds
- Static data (volumes, books): 1 hour
- Chapter data: 30 minutes
- Search results: 5 minutes
- Health checks: No cache
- Indexed on frequently queried fields
- Connection pooling
- Query optimization
- Prepared statements
- All endpoints must have unit tests
- Mock external dependencies
- Test error conditions
- Test edge cases
- Test database interactions
- Test full request/response cycle
- Test authentication (when implemented)
- Test rate limiting
- Load testing for high-traffic scenarios
- Stress testing for resource limits
- Benchmark testing for optimization
- All endpoints documented
- Request/response examples
- Error codes documented
- Authentication requirements
- Docstrings for all functions
- Type hints for all parameters
- Complex logic explained
- API versioning notes
- Current: No version in URL
- Future:
/api/v1/scriptures/... - Backward compatibility maintained
- Deprecation warnings in headers
- Graceful degradation
- Migration guides provided
- Sunset dates communicated
- Request count by endpoint
- Response times (p50, p95, p99)
- Error rates by type
- Database query performance
- Cache hit rates
- Response time > 2 seconds
- Error rate > 5%
- Database connection failures
- High memory usage
- GraphQL endpoint
- WebSocket support for real-time updates
- Bulk operations
- Advanced search filters
- User preferences and bookmarks
- Redis caching layer
- CDN for static assets
- Database read replicas
- Microservice architecture