The Single Page Application architecture when developing secure Web services

Abstract

The article is devoted to the development of a prototype of a secure single page-application (SPA) web service for automating user information accounting. The relevance of this study is very high due to the use of web services. The article provides a classification of web applications and shows the features of the architecture of a single page application used in the development of the service. Based on a comparative analysis of the architectural styles of the API, the most appropriate style was selected. Considered and taken into account the key points of the development of a secure application programming interface (API), the requirements that must be met by RESTful API services. The work used popular authentication schemes (methods). A comparative characteristic of web frameworks of the Python programming language is given, on the basis of which a tool for implementing a web service is selected. Shows the main advantages of using Python when developing paged web services and the security tools included in the standard package of the Flask web services development framework. Shows how to securely prototype a Python RESTful SPA Web Service API using Flask. An example of using the Swagger tool to describe the specifications of the developed API is given. The process of setting up the application is considered in detail. The main recommendations for securing a web application, setting up a database and a web server are listed. The key points of ensuring the protection of the developed web application are considered. Conclusions are made regarding the choice of the architectural style of the application API, the most suitable tools and technologies for the software implementation of the service.