REST API

Security: This module is considered insecure by Drupal security team and all of it's releases have been unpublished. You are strongly encouraged to disable the module on your site.

Notice regarding maintainence: With a change in employment, I am no longer able to maintain this project. If you are interested in maintaining this project, please use my contact form or privmsg me (zostay) in Freenode IRC.

This is a no fuss REST API. After installation, this module bolts on a REST API. The REST API is divided up into different modules that serve different purposes.

REST API

The main REST API module provides very little for the end-user by itself. It sets up the permissions for REST access and provides a /=/help URL that provides some quick reference documentation into the API. For REST API modules developers, it provides helpers to read in JSON or www/x-form-url-encoded data and pass it on to request handlers and a serializer to output data in one of the available formats.

REST API Node

This provides a set of resource URIs for listing information about nodes, listing information about particular content types, listing nodes, creating nodes, reading nodes, updating nodes, and deleting nodes RESTfully.

REST API User

This module a set of resource URIs for listing information about users, listing users, creating users, reading users, updating users, and deleting users in a RESTful manner.

REST API Execute

This provides an RPC-ish interface to perform drupal_execute() on any available Drupal form. This isn't exactly RESTful, but it is useful

REST API Services

This connects the REST API to the Services module. This is like the Execute module in that it is RPC-ish rather than RESTful, but it may be useful.

REST API Login

This is a helper for login that allows clients to use Drupal session logins through the /=/login URL, which is sometimes convenient. This allows clients to fetch a session cookie that can be used as an authentication token for subsequent requests.

I've modeled the API itself after the one that the Jifty framework uses. It's a pretty nice way of doing things. You can get started by asking for help:

http://example.com/=/help

You can fetch a current user by:

http://example.com/=/user/uid/4523

or a current node:

http://example.com/=/node/project/nid/177552

You can modify a user or node by performing a PUT request that submits information in application/x-www-form-urlencoded or application/json format. You can delete a user or node by modifying the request to a DELETE. Creates are performed using POST requests.

You can also request output in different formats. Currently JavaScript, JSON, PHP, and HTML are supported. These are chosen by setting your client's Accept headers to the appropriate content type.

An alternative is offered for weaker clients by just appending a file suffix (which violates URI opacity, blah blah), for example:

http://example.com/=/user/uid/4523.json

Which would output the user as a JSON file. If no format is given it will output an HTML file.

There's also a shortcut for applying different HTTP methods, in case your client is limited. You can pass a regular POST request and then tell the REST API to treat it as a DELETE, by changing the URL to:

http://example.com/=/user/uid/4523!DELETE

That doesn't work for GET requests, only POSTs can be modified in this way.

Downloads