Implement LiteREST: A lightweight SQLite-based REST API

[stritt]

LiteREST: SQLite API

This is a small API for SQLite. It's like PostgREST, but simpler because well it's for SQLite.

What it does:

• Creates, reads, updates, and deletes data
• Works with any table in your SQLite database
• Prevents SQL injection

How it works:

• You make HTTP requests to it
• It turns those into SQL
• It runs the SQL and gives you back the results

What's next:

• Better filtering and sorting
• Transactions
• Auth

Testing the REST

1. Test the POST Endpoint:

curl -X POST "https://starbasedb.{YOUR-WORKER-ID}.dev/lite/user" \
  -H "Content-Type: application/json" \
  -H 'Authorization: Bearer ABC123' \
  --data-raw '{"id": 753, "name": "Alice"}'

Expected Result:
A successful response with the message "Resource created successfully" and the inserted data.

2. Test the GET Endpoint:

curl -X GET "https://starbasedb.{YOUR-WORKER-ID}.dev/lite/user" \
  -H 'Authorization: Bearer ABC123'

Expected Result:
A list of users, including the newly inserted user.

3. Test the PATCH Endpoint:

curl -X PATCH "https://starbasedb.{YOUR-WORKER-ID}.dev/lite/user/753" \
  -H "Content-Type: application/json" \
  -H 'Authorization: Bearer ABC123' \
  --data-raw '{"name": "Alice Updated"}'

Expected Result:
A successful response with the message "Resource updated successfully" and the updated data.

4. Test the DELETE Endpoint:

curl -X DELETE "https://starbasedb.{YOUR-WORKER-ID}.dev/lite/user/753" \
  -H 'Authorization: Bearer ABC123'

Expected Result:
A successful response with the message "Resource deleted successfully".

I've tested each operation manually. However, we should add some automated tests next.

---

Let me know what you think. Is this useful? What would you change?

[Brayden]

Love this. A couple of thoughts I'm just going to tag here to keep track of:

1. Need to properly add these requests to the enqueueOperation so they can get processed in order
2. One thing left to consider is tables that don't rely on id as their PK. Should we fetch their PK first (assuming one column exists as that constraint) and replace the usage of id with their actual column name?
3. Should we include a PUT here alongside the already existing PATCH?

Overall very much on board with having a built in REST API interaction layer built right on top of the database for those who don't have complex querying use cases. Future considerations may be optionally allowing this to be deployed independently on its own worker binded to the same DO resource. At the same time though, this is lightweight enough where it won't impact anything for the users.

[Brayden]

Worked with Brandon on refactoring some of the code and utilizing some recently added helper functions for properly enqueueing requests. Below are some test cURLs to verify functionality.

GET

Fetch data from the database.

Equals

Get any entry that matches the column named name inside the users table where name = Alice.

curl --location --request GET 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users?name=Alice' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'Content-type=application/json'

Not Equals

Get any result that does NOT equal the provided value.

curl --location --request GET 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users?name.ne=Alice' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'Content-type=application/json'

LIKE

The URL has %25 appended to it which represents the % character. We need the % character to represent in SQL any number of characters can appear here to be considered "LIKE".

curl --location --request GET 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users?name.like=Al%25' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'Content-type=application/json'

IN

Get all results that match the names in the IN criteria, which the example below includes Alice and Bob.

curl --location --request GET 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users?name.in=Alice,Bob' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'Content-type=application/json'

Greater Than

curl --location --request GET 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users?user_id.gt=0' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'Content-type=application/json'

Greater Than or Equal

curl --location --request GET 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users?user_id.gte=1' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'Content-type=application/json'

Less Than

curl --location --request GET 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users?user_id.lt=3' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'Content-type=application/json'

Less Than or Equal

curl --location --request GET 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users?user_id.lte=3' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'Content-type=application/json'

SORT BY & ORDER

curl --location --request GET 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users?sort_by=user_id&order=DESC' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'Content-type=application/json'

LIMIT & OFFSET

curl --location --request GET 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users?limit=2&offset=1' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'Content-type=application/json'

A bit of everything

curl --location --request GET 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users?name.in=Alice%2CBob&user_id.gte=0&email.like=%25example.com&sort_by=user_id&order=DESC&limit=10&offset=0' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'Content-type=application/json'

POST

curl --location 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: text/plain' \
--header 'Content-type: application/json' \
--data-raw '{
  "name": "Brayden",
  "email": "[email protected]"
}'

DELETE

curl --location --request DELETE 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users/4' \
--header 'Authorization: Bearer ABC123'

PUT

A PUT command is to do a FULL replacement of the entry in the table. For partial updates see PATCH

curl --location --request PUT 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users/4' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: text/plain' \
--header 'Content-type: application/json' \
--data-raw '{
    "name": "Brandon",
    "email": "[email protected]"
}'

PATCH

A PATCH command is to do a PARTIAL replacement of the entry in the table. For full updates see PUT

curl --location --request PATCH 'https://starbasedb.{YOUR-IDENTIFIER}.workers.dev/lite/users/4' \
--header 'Authorization: Bearer ABC123' \
--header 'Content-Type: text/plain' \
--header 'Content-type: application/json' \
--data-raw '{
    "email": "[email protected]"
}'