Tutorial 0 - Get it Running
- author:
Welcome to PostgREST! In this pre-tutorial we’re going to get things running so you can create your first simple API.
PostgREST is a standalone web server which turns a PostgreSQL database into a RESTful API. It serves an API that is customized based on the structure of the underlying database.
To make an API we’ll simply be building a database. All the endpoints and permissions come from database objects like tables, views, roles, and stored procedures. These tutorials will cover a number of common scenarios and how to model them in the database.
By the end of this tutorial you’ll have a working database, PostgREST server, and a simple single-user todo list API.
Step 1. Install PostgreSQL
If you’re already familiar with using PostgreSQL and have it installed on your system you can use the existing installation (see PostgreSQL dependency for minimum requirements). For this tutorial we’ll describe how to use the database in Docker because database configuration is otherwise too complicated for a simple tutorial.
If Docker is not installed, you can get it here. Next, let’s pull and start the database image:
sudo docker run --name tutorial -p 5433:5432 \
-e POSTGRES_PASSWORD=mysecretpassword \
-d postgres
This will run the Docker instance as a daemon and expose port 5433 to the host system so that it looks like an ordinary PostgreSQL server to the rest of the system.
Step 2. Install PostgREST
PostgREST is distributed as a single binary, with versions compiled for major distributions of Linux/BSD/Windows. Visit the latest release for a list of downloads. In the event that your platform is not among those already pre-built, see Building from Source for instructions how to build it yourself. Also let us know to add your platform in the next release.
The pre-built binaries for download are .tar.xz
compressed files (except Windows which is a zip file). To extract the binary, go into the terminal and run
# download from https://github.com/PostgREST/postgrest/releases/latest
tar xJf postgrest-<version>-<platform>.tar.xz
The result will be a file named simply postgrest
(or postgrest.exe
on Windows). At this point try running it with
./postgrest -h
If everything is working correctly it will print out its version and the available options. You can continue to run this binary from where you downloaded it, or copy it to a system directory like /usr/local/bin
on Linux so that you will be able to run it from any directory.
Note
PostgREST requires libpq, the PostgreSQL C library, to be installed on your system. Without the library you’ll get an error like “error while loading shared libraries: libpq.so.5.” Here’s how to fix it:
All of the DLL files that are required to run PostgREST are available in the windows installation of PostgreSQL server.
Once installed they are found in the BIN folder, e.g: C:\Program Files\PostgreSQL\10\bin. Add this directory to your PATH
variable. Run the following from an administrative command prompt (adjusting the actual BIN path as necessary of course)
Ubuntu or Debian
sudo apt-get install libpq-dev
Fedora, CentOS, or Red Hat
sudo yum install postgresql-libs
OS X
brew install postgresql
Windows
setx /m PATH "%PATH%;C:\Program Files\PostgreSQL\10\bin"
Step 3. Create Database for API
Connect to the SQL console (psql) inside the container. To do so, run this from your command line:
sudo docker exec -it tutorial psql -U postgres
You should see the psql command prompt:
psql (9.6.3)
Type "help" for help.
postgres=#
The first thing we’ll do is create a named schema for the database objects which will be exposed in the API. We can choose any name we like, so how about “api.” Execute this and the other SQL statements inside the psql prompt you started.
create schema api;
Our API will have one endpoint, /todos
, which will come from a table.
create table api.todos (
id serial primary key,
done boolean not null default false,
task text not null,
due timestamptz
);
insert into api.todos (task) values
('finish tutorial 0'), ('pat self on back');
Next make a role to use for anonymous web requests. When a request comes in, PostgREST will switch into this role in the database to run queries.
create role web_anon nologin;
grant usage on schema api to web_anon;
grant select on api.todos to web_anon;
The web_anon
role has permission to access things in the api
schema, and to read rows in the todos
table.
It’s a good practice to create a dedicated role for connecting to the database, instead of using the highly privileged postgres
role. So we’ll do that, name the role authenticator
and also grant it the ability to switch to the web_anon
role :
create role authenticator noinherit login password 'mysecretpassword';
grant web_anon to authenticator;
Now quit out of psql; it’s time to start the API!
\q
Step 4. Run PostgREST
PostgREST can use a configuration file to tell it how to connect to the database. Create a file tutorial.conf
with this inside:
db-uri = "postgres://authenticator:mysecretpassword@localhost:5433/postgres"
db-schemas = "api"
db-anon-role = "web_anon"
The configuration file has other options, but this is all we need. If you are not using Docker, make sure that your port number is correct and replace postgres with the name of the database where you added the todos table.
Now run the server:
./postgrest tutorial.conf
You should see
Listening on port 3000
Attempting to connect to the database...
Connection successful
It’s now ready to serve web requests. There are many nice graphical API exploration tools you can use, but for this tutorial we’ll use curl
because it’s likely to be installed on your system already. Open a new terminal (leaving the one open that PostgREST is running inside). Try doing an HTTP request for the todos.
curl http://localhost:3000/todos
The API replies:
[
{
"id": 1,
"done": false,
"task": "finish tutorial 0",
"due": null
},
{
"id": 2,
"done": false,
"task": "pat self on back",
"due": null
}
]
With the current role permissions, anonymous requests have read-only access to the todos
table. If we try to add a new todo we are not able.
curl http://localhost:3000/todos -X POST \
-H "Content-Type: application/json" \
-d '{"task": "do bad thing"}'
Response is 401 Unauthorized:
{
"hint": null,
"details": null,
"code": "42501",
"message": "permission denied for table todos"
}
There we have it, a basic API on top of the database! In the next tutorials we will see how to extend the example with more sophisticated user access controls, and more tables and queries.
Now that you have PostgREST running, try the next tutorial, Tutorial 1 - The Golden Key