Dreamfactory on cloud

1-click AWS Deployment    1-click Azure Deployment

Overview

DreamFactory is an API management gateway. It’s proficient of generating influential, documented APIs for almost twenty databases including Microsoft SQL Server, in addition to file storage, caching, e-mail, 3rd party APIs and SOAP services. The scripting interface supports four scripting languages. 3rd party libraries are also supported, and business logic integration allows for data validation, masking and transformation.API keys and role-based access controls restrict endpoint and method access. DreamFactory supports many user authentications options, including AD, OpenID Connect and Okta.Request limiting ensures system resources aren’t abused, reducing the likelihood of data theft. Logging is supported through Elastic Stack. Other compliance controls include restricted admins and API lifecycle monitoring

The units below discuss the various components and characteristics of the system and an anatomy of various API calls as they travel through the system.

DreamFactory is an open source REST API backend that delivers RESTful services for building mobile, web, and IoT applications. In technical terms, DreamFactory is a runtime application that runs on a web server similar to a website running on a traditional LAMP server. In fact, as a base, we require a hosting web server like Apache, NGINX, or IIS. DreamFactory is written in PHP and requires access to a default SQL database for saving configuration. Depending on configuration for caching, etc. it may or may not need access to the file system for local storage. If pre- and/or post-process scripting is desired, access to V8Js or Node.Js may also be required. It runs on most Linux distributions (Ubuntu, Red Hat, CentOS, etc.), Apple Mac OS X, and Microsoft Windows. Installation options are highly flexible. You can install DreamFactory on your IaaS cloud, PaaS provider, as a Docker container, on premises server, or a laptop. Installer packages are available, or the DreamFactory source code is obtainable under the Apache License at GitHub. DreamFactory Components The DreamFactory application can rationally be divided into several operational components. Though these components are logical and do not essentially represent the code structure itself, they are beneficial in conversing the subsystems and functionality of the application, as well as the composition of the API call later on.

Routing
Routing sets up the supported HTTP interfaces to the system. In tandem with Controllers, this component controls the flow of the calls through the system. Controllers are essentially groups of routes or HTTP calls that share some logical handling and are paired with a set of access control components. There are essentially three controllers that the routing component can hand the call off to.
Splash Controller – This handles the initial load and setup states of the system. It also routes web traffic to the default web application (i.e. Launchpad), where users can login and access other configured applications like the admin console, etc.
Storage Controller – This handles direct file access to any file services where folders have been made public through configuration. Files are requested via the service name and the full file path relative to that service. The file contents are returned directly to the client. This is primarily used for running applications hosted on the DreamFactory instance.
• REST Controller – This is the main controller for the API, it handles the versioning of the API and routing to the various installed services via a Service Handler. It also handles any system exceptions and response formatting. The Service Handler communicates generically with all services through a service request and response object. Access Control Access Control is made up of middleware, groups of checks and balances that can be used to control access to various parts of the application. The services and resources for Access Control consist of the following:
• System status checks
•Cross-Origin Resource Sharing (CORS) configuration allowances
• Authentication via user login, API keys, and/or session tokens
• Authorization via assigned user and app role access
• And usage limit tracking and restrictions
If any of these checks fail, the call is left without and the correct error response is sent back to the client; no further processing is done. If all of these checks pass, the call is allowed to continue on to one of the handling controllers, which routes the call for the appropriate API processing. API Processing At this point the API can be broken down further into logical components that we call Services. Services can be anything from a system configuration handler (i.e. the “system” service), to a database access point, or a remote web service. Service types can be dynamically added to the system to expand service offerings, but many are involved out of the box.

A mainstream of the processing done on the server is handled by Services. Services and Resources are both built on the concept of a REST handler. Therefore, a Service may process the full request directly, or choose to pass along the request or parts of the request to any number of resources to process the call based on the path given. Server-side Scripting Part of this REST handling by the services includes server-side scripting. Each API endpoint, be it a Service endpoint, or a subtending Resource endpoint, triggers two processing events, one for pre-process and one for post-process. Each event can be scripted to alter the request (pre) or response (post), perform extra logic including additional calls to other services on the instance or external calls, as well as halt execution and throw exceptions.

Scripting can be used for formula fields, field validations, workflow triggers, access control, custom services, and usage limits. The role-based access controls have separate settings that govern data access for both client-side applications and server-side scripts. This capability enables server-side scripts to safely perform special operations that are not available from the client side REST API. The event scripting all happens in the context of the original API call. Therefore, event scripts block further execution of the API call until finished.

DreamFactory uses the V8 Engine developed by Google to run server-side code written in JavaScript. The V8 engine is sandboxed, so server-side scripts cannot interfere with other system operations or resources. In 2.0, DreamFactory also provides access to use Node.js and PHP as a server-side scripting environment. These environments are not sandboxed however and care must be taken when used. Database and File Storage Access Many of the services mentioned above eventually need to access some data or file store or communicate with a remote process or server. DreamFactory takes advantage of many available open-source packages, SDKs and compiled drivers to access these other resources. In the case of database accesses, DreamFactory utilizes PDO drivers for SQL databases, as well as, other compiled drivers and extensions like MongoDB, and even HTTP wrapper classes for databases like CouchDB that provide a HTTP interface. DreamFactory delivers internal models and schema access for recurrently used data components, mainly the system configuration components. The most frequently used are also cached to reduce database transactions. A DreamFactory occurrence may utilize local file storage or various other storage options such as cloud-based storage. DreamFactory utilizes generic file access utilities that support a majority of the storage options, therefore giving the system, and thus the API, a reliable way to access file storage.

DreamFactory is designed to be safe, humble to use, easy to customize, and vigorously expandable to meet most of your API needs.

New User Interface
Dream Factory’s interface has long been perfectly functional yet decidedly utilitarian in design. Version 3.0 marks a radical improvement to the administration console’s visual appeal while taking care to not require existing users to reorient themselves. This is the first step in a series of exciting UI/UX improvements we plan on making in the coming months to ensure DreamFactory is the most user-friendly API management platform in the universe. Here’s a glimpse of the shiny new UI:

By the way, the beta version of this new UI coincided with the launch of our completely redesigned website https://www.dreamfactory.com/.

Restricted Administrator Support
Compliance must be balanced with the ability to effectively build and manage APIs, and so in response to paid user requests we’ve added support for restricted administrators. This feature allows root administrators to identify with a great deal of specificity what parts of the platform a restricted administrator can access. This is done using the simple point-and-click interface presented in the following screenshot:

Since the companion web-based administration client is itself making API calls to the platform, these restrictions are applied at the API level, ensuring curious or wicked colleagues aren’t able to avoid their defined rights.
Like the UI changes, this is just the first in a series of enhancements we’ll be making to administrator security. In the coming months we’ll be adding authentication geofencing, among other features planned to improve security.
API Lifecycle Auditing
Also by request of several users required to follow data privacy laws such as GDPR and POPI, we’ve added the first iteration of API lifecycle auditing. This feature persists the timestamp and administrator identity associated with API creation, modification, and deletion. Like the restricted administrator feature, we’re very excited about this new capability and plan on dramatically expanding it in the coming months to include API activation review and approval.
Python 3 Support
DreamFactory has long supported four scripting engines, including NodeJS, PHP, Python, and V8JS. Scripting support is undoubtedly one of DreamFactory’s most popular features, not only because it’s used to add business logic to API endpoints, but also because you can create entirely new APIs using the Scripted Services connector. To put the popularity of this feature into perspective, we are aware of at least two users who are running more than 400 scripted APIs within their DreamFactory environments!
In version 3 we’ve updated Python support to include version 3 due to the forthcoming conclusion of support for Python 2.7. The End of Life date is slated for January 1, 2020 so we wanted to be sure our users have plenty of time to begin porting their scripts to version 3. Note we are not removing Python 2 support! We’ve supplemented this support with Python 3 to ensure users can choose from both options as companies transition from version 2 to 3 in the months
Automated Linux Installers
DreamFactory can interact with thousands of of data sources and third-party services, and for this reason developers have done so many amazing things with the platform. But installing and configuring all of the necessary drivers can be pretty intimidating process. Our Docker environment goes a long way towards alleviating these issues however understandably not everybody is using Docker so we wanted to ease the installation process for other users.
The outcome are two new installation scripts found in the installers directory. These installer scripts are used in conjunction with Debian and Ubuntu, and install all of the dependencies you need to run DreamFactory! If you’re running one of our commercial editions, the installers will additionally assist in the installation of the Microsoft SQL Server and Oracle drivers.

 

DreamFactory engineers wrote the world’s first service-based applications over a decade ago. We worked with XML-RPC in 1998, SOAP in 2002, and REST and JSON in 2004. As the technology behind web services matured, we started writing applications for various partner platforms, including the first AppExchange application DreamTeam in 2006. We have also published on the Intuit Partner Platform, Cisco Webex Connect, Amazon Web Services, and Microsoft Azure. Today, DreamFactory applications are used by over twenty thousand companies.

By 2009 we were building our own service platforms, and installing them on IaaS clouds, including Amazon and Azure. Our engineering team became familiar with the best practices for creating REST APIs, and how to make a service platform fast, scalable, and secure. With the rise of mobile phones and tablets, we realized that our application development model would be extremely useful for other companies to adopt, but there simply wasn’t a great open source REST API platform available anywhere. As a consequence, developers had to write their own integration code by hand, over and over again, often with mixed results.

In 2011 we decided to tackle this problem, and started work on the DreamFactory Services Platform. We launched this exciting new product two years later. DreamFactory transforms any IaaS cloud into a PaaS backend for mobile application development. Our platform incorporates more than a decade of deep experience about how to securely build, deploy, and manage service-based applications in the enterprise. DreamFactory can be installed on any server, connected to any SQL or NoSQL database, and used for developing HTML5 or native mobile applications. Our technology enables developers to build modern applications for the phone, tablet, or desktop without having to manage server side code and complexity.

Features

Dreamfactory Features

1.Instant API creation
Integrate any SQL or NoSQL database, file storage system, or external HTTP or SOAP service and DreamFactory instantly generates a flexible, comprehensive, and fully documented REST API endpoint that’s ready to use. Focus on building your applications, not hand-coding APIs for every new development project

Instant API creation

2. Deep SQL support
DreamFactory provides the most comprehensive REST API for SQL databases. Features include automatically generated REST endpoints for data, schema, functions, stored procedures, and API parameters for complex filters, pagination, sorting, related table joins, virtual foreign keys, calculations, aggregation, rollback, commit, and more.

3. Data Mesh to combine unrelated databases
Create virtual foreign key relationships between tables in the same database or between completely different databases without altering your schema or writing any code. Create, read, update, or delete objects and related objects with a single API call.

Combine databases

4. Turn SOAP into REST

DreamFactory instantly turns any WSDL into a live, fully documented REST API. DreamFactory automatically converts the JSON request into SOAP, calls the legacy SOAP service, and then the SOAP response is converted back to JSON for the client application. DreamFactory also generates Live API Docs from the WSDL for testing

Turn SOAP into REST

5.Server-side scripting
Add business logic to your APIs to suit any business requirement. Supporting four scripting engines (NodeJS, PHP, Python, and V8JS), custom logic can be used to validate input parameters, transform responses to suit client requirements, and even call other APIs.

Server-side scripting

5. Rock-solid security
Securing APIs is difficult and time consuming. DreamFactory makes it easy with User Management, SSO Authentication, JSON Web Tokens (JWT), CORS, Role-Based Access Control on API endpoints, record-level permissions on data, OAuth, LDAP, Active Directory, SAML integration, and more

Rock-solid security

6. Federated access and data governance
DreamFactory is a privacy-by-design product engineered to fold in the governance safeguards to keep your data compliant for regulations such as GDPR and HIPAA. Keep legal, audit, security and compliance departments happy while still delighting your engineering team with streamlined development.

Federated access & data governance
7.Live API docs
DreamFactory automatically generates interactive API documentation for every connected data source. DreamFactory uses Swagger, the most popular open source project for API documentation. Live documentation allows you to try out different parameters and see the request and response before building an application

Live API docs

8. Admin console
The admin console makes it easy to centrally manage the entire DreamFactory Platform, including your catalog of REST APIs, applications, scripts, security settings, users, roles, and more. All of the administrative capabilities are also exposed as a REST API in case you need to automate repetitive tasks.

Admin console

9) Run anywhere
DreamFactory is accessible, stateless, and transferrable. DreamFactory is an open source project that runs on Linux, Windows, and Mac OS X. You can run it on private, public, or hybrid infrastructure and easily move your apps between servers. DreamFactory is easy to deploy with Docker, Kubernetes, Bitnami, or straight from GitHub source.
Run anywhere

10)Logging and reporting
DreamFactory comes with the popular ELK stack (Elastic, Logstash, and Kibana) for logging and reporting on API traffic. Kibana provides flexible reporting on all API calls with pre-configured dashboards segmented by instance, application, role, user, API endpoint, and more.

Logging and reporting

.

Major Features of  DreamFactory

  • Instant API creation – Hook up any SQL or NoSQL database, file storage system, or external service and DreamFactory instantly generates a flexible, comprehensive, and fully documented REST API endpoint that’s ready to use. Focus on building your applications, not hand-coding APIs for every new development project.
  • Combine databases – Create virtual foreign key relationships between tables in the same database or between completely different databases without altering your schema or writing any code. Create, read, update, or delete objects and related objects with a single API call.
  • Deep SQL support- DreamFactory provides the most comprehensive REST API for SQL databases. Features include automatically generated REST endpoints for data, schema, functions, stored procedures, and API parameters for complex filters, pagination, sorting, related table joins, virtual foreign keys, calculations, aggregation, rollback, commit, and more.
  • Turn SOAP into REST- DreamFactory instantly turns any WSDL into a live, fully documented REST API. DreamFactory automatically converts the JSON request into SOAP, calls the legacy SOAP service, and then the SOAP response is converted back to JSON for the client application. DreamFactory also generates Live API Docs from the WSDL for testing.
  • Server-side scripting- Any non-trivial application requires server-side business logic, such as data validation, workflow rules, calculations, and more. DreamFactory makes it easy to add logic to the request or response of any API endpoint or build your own custom APIs with JavaScript V8, Node.js, PHP, or Python.
  • Rock solid security- Securing APIs is difficult and time consuming. DreamFactory makes it easy with User Management, SSO Authentication, JSON Web Tokens (JWT), CORS, Role-Based Access Control on API endpoints, record-level permissions on data, OAuth, LDAP, Active Directory Integration, and more.
  • Developer dashboard – Developers can sign up with secure credentials and then create and launch their own DreamFactory instances from the self-service Developer Dashboard. Developers can also invite other team members to their instances to collaborate on development projects.

AWS

Installation Instructions For  Ubuntu

Note : Please use “DreamFactory ” in the place of “stack_name”

To connect to the operating system, use SSH and the username is ubuntu.

Please Click here  to know how to  generate password .

1.Default ports:
Internal Endpoints: Internal Services are normally running on below ports and Shall be NAT-ted with the Public Endpoint as required. Although we do not recommend
Any RDBMS or Nosql admin ports to be opened to Public endpoints and these are all not exposed by default externally.

  • 22 – SSH
  • 80/443 – Webserver

External Endpoints: For Public Endpoints, normally only below port are Opened, although this can change from stack to stack. We recommend changing SSH and RDP ports to Non Standard ports and Putting ACL to your IP.

  • 8080/8443 – Webserver
  • 2222 – SSH

Configure custom inbound and outbound rules using this link

Install DreamFactory and follow the instruction

 

Azure

Installation Instructions For Ubuntu

Installation Instructions For Ubuntu

Note: How to find PublicDNS in Azure

Step 1) SSH Connection: To connect to the deployed instance, Please follow Instructions to Connect to Ubuntu instance on Azure Cloud

1) Download Putty.

2) Connect to the virtual machine using following SSH credentials:

  • Hostname: PublicDNS  / IP of machine
  • Port : 22

Username: Your chosen username when you created the machine ( For example:  Azureuser)

Password: Your Chosen Password when you created the machine ( How to reset the password if you do not remember)

Step 2) Other Information:

1.Default ports:

  • Linux Machines:  SSH Port – 22

2. To access Webmin interface for management please follow this link

Configure custom inbound and outbound rules using this link

Videos

Install dream factory 2.0 on windows

Dreamfactory on cloud