# Client-Server Overview

## Web Servers and HTTP

When you click on a link on a web page, submit forms, or run a search, the browser sends an HTTP Request to the server.

The HTTP request will include:

* URL itself
* A method that DEFINES the required action (like get a file, save or update some data). Here are the methods associated with their actions:
    * `GET`: Gets resource (like a file, or list)
    * `POST`: Creates resource (creates new data on database, new article to wiki)
    * `HEAD`: Get metadata info of a resource without getting the body like `GET`.
    * `PUT`: Update resource (or create if it doesn't exist)
    * `DELETE`: Delete the resource.
    * `TRACE`, `OPTIONS`, `CONNECT`, `PATCH`: Won't go over.
* URL Parameters: `http://www.amazon.com/something?name=hi&age=15` Where the `?` separates the URL from the URL Parameters. And the `&` separates each parameter. They are "insecure", so `GET` requests and URL Parameters are not used for requests that update data on the server.
* Client-Side cookies.

Afterwards, the Web Server will process the request, and will reply with an HTTP Response. It contains:
* AN HTTP Response Status Code (Like "200 OK" or "404 Not Found")

### GET Request/Response Example

`GET` requests are made by clicking a link, or searching ON a site.

Here is an example of a `GET` from searching "client-server overview" on the docs:

The top part is the header (part before `Host: ...`), and contains info about the request. 

* The type of request: `GET`
* The URL: `/en-US/search`
* The URL Parameters: `?q=client+server+overview&topic=apps&topic=html&topic=css&topic=js&topic=api&topic=webdev`
* Target/host website: `developer.mozilla.org`
* Identifying the specific protocol version: `HTTP/1.1`

Here is an example of the response:

In [None]:
HTTP/1.1 200 OK
Server: Apache
X-Backend-Server: developer1.webapp.scl3.mozilla.com
Vary: Accept, Cookie, Accept-Encoding
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Sep 2016 00:11:31 GMT
Keep-Alive: timeout=5, max=999
Connection: Keep-Alive
X-Frame-Options: DENY
Allow: GET
X-Cache-Info: caching
Content-Length: 41823

<!DOCTYPE html>
<html lang="en-US" dir="ltr" class="redesign no-js"  data-ffo-opensanslight=false data-ffo-opensans=false >
<head prefix="og: http://ogp.me/ns#">
  <meta charset="utf-8">
  <meta http-equiv="X-UA-Compatible" content="IE=Edge">
  <script>(function(d) { d.className = d.className.replace(/\bno-js/, ''); })(document.documentElement);</script>
  …


* First line includes response code
* Response is text formatted through: `Content-type`
* Tells us how big the content is: `Content-Length`

### POST request/response example

Made when you submit a form containing information saved onto the server.

Here is a request example when a user submits new profile details:

In [None]:
POST /en-US/profiles/hamishwillee/edit HTTP/1.1
Host: developer.mozilla.org
Connection: keep-alive
Content-Length: 432
Pragma: no-cache
Cache-Control: no-cache
Origin: https://developer.mozilla.org
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: https://developer.mozilla.org/en-US/profiles/hamishwillee/edit
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.8,es;q=0.6
Cookie: sessionid=6ynxs23n521lu21b1t136rhbv7ezngie; _gat=1; csrftoken=zIPUJsAZv6pcgCBJSCj1zU6pQZbfMUAT; dwf_section_edit=False; dwf_sg_task_completion=False; _ga=GA1.2.1688886003.1471911953; ffo=true

csrfmiddlewaretoken=zIPUJsAZv6pcgCBJSCj1zU6pQZbfMUAT&user-username=hamishwillee&user-fullname=Hamish+Willee&user-title=&user-organization=&user-location=Australia&user-locale=en-US&user-timezone=Australia%2FMelbourne&user-irc_nickname=&user-interests=&user-expertise=&user-twitter_url=&user-stackoverflow_url=&user-linkedin_url=&user-mozillians_url=&user-facebook_url=


Notice how the main difference of this and `GET` is that the URL doesn't have any parameters. The info is encoded in the body of the request.

Here is its response:

In [None]:
HTTP/1.1 302 FOUND
Server: Apache
X-Backend-Server: developer3.webapp.scl3.mozilla.com
Vary: Cookie
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Sep 2016 00:38:13 GMT
Location: https://developer.mozilla.org/en-US/profiles/hamishwillee
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
X-Frame-Options: DENY
X-Cache-Info: not cacheable; request wasn't a GET or HEAD
Content-Length: 0

Let's re-look at the:

### Anatomy of a Dynamic Request

<img src="web_application_with_html_and_steps.png">

The parts that make the site dynamic are the "Web Application", which is the server-side code that processes the HTTP requests and returns HTTP responses), and the "Database", which contains all of the data. The Web Application also contains the HTML Templates.

When the user wants to look at a page, here is the sequence that happens:

1. The Web Browser creates an HTTP `GET` request using the base URL resource and other URL parameters/patterns.
2. The Web Server detects that the request is DYNAMIC, and sends it to the Web Application to process.
3. The Web Application gets the specified data from the database that was requested.
4. The Web Application dynamically creates an HTML page by putting the data into placeholders inside an HTML template.
5. The WEB Application returns the generated HTML to the Web Browser along with the HTTP status code.
6. The Web Browser starts the process the returned HTML, and then loads the static files from the file system and returns it to the browser.


But it does not HAVE to return HTML files. It can also dynamically create and return other files or data.

# Server-Side Web Frameworks

These frameworks are also called "Web Application Frameworks" sometimes. They allow us to make it easier to write, maintain, and scale web apps. They provide tools to simply tasks like routing URLs to handlers, interacting with databases, supporting sessions and user authorization, formatting output, and improving security against web attacks.

Here are some of these examples in action:

### Work with HTTP requests and responses

These frameworks allow us to directly work with the HTTP requests and responses. Here is an example in Django:

In [None]:
from django.http import HttpResponse

def index(request):
    # Here, you would perform opertaions using the information from request, and then return it:
    return HttpResponse("Output string")

### Route Requests to the appropriate handler

Websites will provide alot of resources, through distinct URLs. Web frameworks provide tools to map URL patterns to specific handler functions.

### Abstract and Simplify Database Access

Web frameworks have a database layer where we can use database read, write, query, and delete operations. This layer is referred to as **Object-Relational Mapper**.

For example, in Django, we use *model* to refer to the object that defines the structure of a record. It specifies the field types, maximum size, default values, list options, etc. But it doesn't state any info about the database.

Here is an example:

In [None]:
#best/models.py

from django.db import models

class Team(models.Model):
    team_name = models.CharField(max_length=40)

    TEAM_LEVELS = (
        ('U09', 'Under 09s'),
        ('U10', 'Under 10s'),
        ('U11', 'Under 11s'),
        # List our other teams
    )
    team_level = models.CharField(max_length=3,choices=TEAM_LEVELS,default='U11')


We have two field types: `team_name` and `team_level`, both of which are `CharField`, with their own specified `max_length`. But `team_level` only has 3 choices, which are specified in `TEAM_LEVELS`.

In the code below, it is a view function which acts as the resource handler to display the teams we made.

In [None]:
#best/views.py

from django.shortcuts import render
from .models import Team

def youngest(request):
    list_teams = Team.objects.filter(team_level__exact="U09")
    context = {'youngest_teams': list_teams}
    return render(request, 'best/index.html', context)


We will learn more about this later on.

## Rendering Data

Web frameworks provide templating systems. It allows us to structure the output document, using placeholders for data that will be added when a page is generated.

Here is an example in Django, which uses "double handlebards" syntax: `{{ variable_name }}`, which will be replaced by values passed in from the view function we made above when the page is rendered. We can also use expressions with: `{% expression %}`, which lets us perform operations like iterating list values.

In [None]:
#best/templates/best/index.html

<!DOCTYPE html>
<html lang="en">
<body>

 {% if youngest_teams %}
    <ul>
    {% for team in youngest_teams %}
        <li>{{ team.team_name }}</li>
    {% endfor %}
    </ul>
{% else %}
    <p>No teams are available.</p>
{% endif %}

</body>
</html>


This will check if the `youngest_teams` variable exists, and if it does, it will create the unordered list, and iterate through the `youngest_teams` Python list, while adding it to the unordered list