Json API & Advanced Html

This web-app engine allows API access by "json over http(s)".
For most of the functions, you will use a simple http post with fields list and the response will be in json format.
Every transaction can use fixed API fields, also called "properties" or "attributes", for session management and security.
This engine also allows you to add your own Header & Body HTML code (useful for js manipulations and analysis).
All as described on the following lists:

Common API Properties

Send these fields on every transaction, according to your pre-plan architecture. None of this fields is mandatory, unless you set it beforehand.
If you are not familiar enough with this material, please contact SYE software support team, before you start coding...
Field Name Description
SessionID On html and API, the web engine is using HTTP Cookies to track sessions.
Some server or mobile apps engines cannot use HTTP Cookies, therefor you will get the session id as a json field and also as a cookie.
Simply pass this id string as a field if your system does not support HTTP Cookies.
ApiToken For extra security and noise filtering, you can set a Token String on the web-app Main Configuration.
Once implemented, every transaction that does not pass this field, will be filtered out with less CPU resources as possible.
Too many calls without this field, will activate the self defense algorithms.
ApiClientIP When working under a web UI server (like PHP / .NET), the engine cannot get the end client IP address. Therefor you can pass this IP using this field.
UI_Lang On projects with multi language installed, You can ask for UI language other then the default, by passing 3 letters code:
ENG, HEB, RUS, ARA, SPA, FRA, HIN, CHI.
Pass only one language at a time. Lang code (value) is case sensitive !

Let's talk about session management

In order to keep track on sessions, Hyper is using a standard HTTP session cookie (without "Expires" / "Age" attributes).
When writing Mobile applications or Server 2 Server interfaces, you can use either "HyperSession" cookie OR "SessionID" field.
Both of them will work. Let's see some examples...

An API call from android app, without using HTTP cookies, should look like this:
Send:   DOMAIN/Login_json?ApiToken=123456&Leading_ID=myuser@gmail.com&password=9876
Recv:   {"Login":"OK","Cookie":"A500F02A56F08549A70E40B7"}
Send:   DOMAIN/Service_Ticket_json?ApiToken=123456&SessionID=A500F02A56F08549A70E40B7
Recv:   {"Title":"ServiceTickets","RowCount":"1","Data":[ ...

When you want to use http cookie in your Mobile app or Server 2 Server, just write a simple http cookie header, like this:
Cookie: HyperSession=A500F02A56F08549A70E40B7;
Of cource you can mix any other cookies in your buffer, you don't have to filter them out. For example, hyper will handle this input:
Cookie: CloudFlare=ijhaskhksghksdfhgkshdkghsdkghksdf;HyperSession=A500F02A56F08549A70E40B7;AnyOtherP2P=823642564725425;

Hybrid between Web-app pages and your own pages

You can mix between pages that you render (like in Word-Press, Wix etc) to the pages that Hyper's web-app render.
Just use the cookie "HyperSession" (Browser side) and post the field "SessionID" (API side) with the same Session ID.
You need to pass the cookie to the browser on the pages that you render, ONLY IF these pages are for Registration OR Login !
e.g. Set-Cookie: HyperSession=A500F02A56F08549A70E40B7; HttpOnly; Secure

Advanced HTML Manipulation

If you wish to use "Google Analytics" or any other 3rd party service, with Hyper Web-App, you need to inject some JS code into page Header and Body.
Use "Text Components for Modules" on hyper client app, to setup these HTML segments:
Content ID Usage Description
Page_Header_Code Stream out any code just before the closure of the html header, just before </head> <body> .
Page_Body_Code Stream out any code at the end of the html body, just before </body> </html> .
Please note: Segments will be injected (included on the html file) only when the user is entering a page.
When posting a form or refreshing the same page address, these contents will not be injected.

Add your custom CSS and JS files

You can add your own custom styling and scripts to the site, just by placing the following files on the HTTP folder:
Folder Name Description
HTTP\Media Client media (logo, menu buttons, styling etc) is stored on this folder.
You can change the image files in this folder and add your own.
HTTP\Media\CSS Client custom css for changing the HTML design. Create only the files you need.
These are the possible file names:
Custom_LTR.css     Custom_LTR_PC.css     Custom_LTR_Mobile.css
Custom_RTL.css     Custom_RTL_PC.css     Custom_RTL_Mobile.css
Text direction by user language: LTR = Left to Right; RTL = Right to Left;
PC is the default; Mobile when browser details are from Android / iOS.
HTTP\Media\JS Client custom javascript for changing the HTML UI logics, OR adding animation etc.
File name should be custom.js and you can loan any other js library from it.

When planning your CSS, you can depend on page BODY Class, values can be 1 of 3:   MobileDev / PersonalComp / PC_Frame.
For example: <body class="PersonalComp">

Host Web-App inside an IFrame

Call any html page with URL extension "Frame" to get the iFrame version of the web-app.
e.g.   DOMAIN/LoginFrame,   DOMAIN/Forgot_PasswordFrame,   DOMAIN/RealRegFrame ...

  • The web-app will flag the current session as an IFrame, so any other page address will work under frame.
  • When surfing from a mobile device, the web-app will NOT support IFrame, because it cannot work with the mobile.css

Field Name Structure and Letters Case

The whole API is NOT case sensitive, Except some specific points designed to be sensitive.
We made consideration to balance between "Developer Experience" to CPU performance (when having DOS attack).
The case sensitive objects / fields are:
  • Common API Properties: SessionID, ApiToken, UI_Lang.
  • Boolean fields should be posted with 'yes' for TRUE, or any other string for FALSE.
  • Json function names.

The fields names (the Original names of Hyper) are received and displayed according to the following rules:
  • The received fields names in API are filtered and can contain only letters, digits and the char '_'.   Any other chars will be removed.
  • The separated words will be compounded, by using the Camel-Case method (capital letters at the beginning of each new word).
    For example: table field name "Last name" will be used as "LastName" in the API.
  • The developer is allowed to post field names, without case sensitive and with spaces, for example: 'last Name' will be processed well.
    The developer can explore the html version of each function, and learn which fields to use and how.

Nice trick to get a Function Fields list

To help developers, we allow to test most of the functions fields list. You will see internal fields (hidden) as well as public.
On some of the functions, you need to post the field "json" = "help", on others you don't post any parameter.
Read each function documentary to know how to test it. For example, this is how it looks in postman...

SYE Hyper WebApi Postman Screen Shot