Time |
S |
Nick |
Message |
00:05 |
|
|
ewalti joined #rest |
00:54 |
|
|
happyface joined #rest |
01:23 |
|
|
fuzzyhorns1 joined #rest |
01:44 |
|
|
Mxyzpltk joined #rest |
02:15 |
|
|
shrink0r joined #rest |
02:57 |
|
|
mzarella joined #rest |
02:57 |
|
|
znn joined #rest |
02:58 |
|
znn |
i have a simple service which has these resources currently: users, cars |
02:58 |
|
znn |
i want to let the user order a car |
02:58 |
|
znn |
i'm using an arbitrary example |
02:58 |
|
znn |
it could just as well be a game |
02:59 |
|
znn |
i'm not really sure how this should be represented, and i was hoping someone here could help |
02:59 |
|
znn |
POST /order/:car_id |
02:59 |
|
znn |
that's the best i can do right now |
03:03 |
|
fuzzyhorns1 |
by that scheme, order is itself a resource |
03:03 |
|
fuzzyhorns1 |
but posting to an arbitary id of a nested resource is weird |
03:03 |
|
fuzzyhorns1 |
i recommend reading some basic rest stuff for this |
04:04 |
|
|
shrink0r joined #rest |
04:05 |
|
|
diegoaguilar joined #rest |
04:14 |
|
|
lemur joined #rest |
04:43 |
|
|
lemur joined #rest |
05:09 |
|
|
Mxyzpltk joined #rest |
05:57 |
|
|
ewalti joined #rest |
05:59 |
|
|
Mxyzpltk joined #rest |
06:39 |
|
|
proteusguy joined #rest |
06:42 |
|
|
ewalti joined #rest |
06:43 |
|
|
znn joined #rest |
07:12 |
|
|
Mxyzpltk joined #rest |
07:45 |
|
|
ewalti joined #rest |
08:10 |
|
|
lemur joined #rest |
08:47 |
|
|
Mxyzpltk joined #rest |
08:47 |
|
|
rosstuck joined #rest |
09:01 |
|
|
graste joined #rest |
09:19 |
|
|
Andre-B joined #rest |
09:27 |
|
|
shrink0r joined #rest |
10:06 |
|
|
fumanchu joined #rest |
10:21 |
|
|
Left_Turn joined #rest |
11:04 |
|
|
interop_madness joined #rest |
11:27 |
|
|
mezod joined #rest |
12:31 |
|
|
dEPy joined #rest |
12:34 |
|
|
proteusguy joined #rest |
14:30 |
|
|
shrink0r joined #rest |
14:55 |
|
|
ewalti joined #rest |
15:13 |
|
|
nkoza joined #rest |
15:17 |
|
|
diegoaguilar joined #rest |
15:18 |
|
|
ewalti joined #rest |
15:19 |
|
|
nkoza joined #rest |
16:05 |
|
|
znn joined #rest |
16:10 |
|
znn |
fuzzyhorns1: can you expand on what you were saying a little? |
16:14 |
|
saml |
znn, POST /orders to create new order |
16:15 |
|
saml |
in the request, you'd supply who and what |
16:15 |
|
saml |
which user is ordering what car |
16:15 |
|
saml |
then you can get that particular order GET /orders/1 |
16:15 |
|
saml |
you can also do GET /orders/?by=<userid> to list all orders made by certain user |
16:16 |
|
saml |
to cancel order: DELETE /orders/1 |
16:16 |
|
saml |
to update order before shipping: PUT /orders/1 with modified order representation (maybe car model is updated) |
16:32 |
|
|
Left_Turn joined #rest |
16:34 |
|
|
ralphschindler joined #rest |
16:48 |
|
|
Left_Turn joined #rest |
17:01 |
|
|
warehouse13 joined #rest |
17:26 |
|
|
shrink0r joined #rest |
17:27 |
|
|
lemur joined #rest |
17:36 |
|
|
ewalti joined #rest |
17:36 |
|
|
lemur joined #rest |
17:39 |
|
|
Mxyzpltk joined #rest |
18:08 |
|
|
diegoaguilar joined #rest |
18:38 |
|
|
foist joined #rest |
18:53 |
|
znn |
very helpful |
18:53 |
|
znn |
thanks saml |
18:53 |
|
saml |
np |
18:57 |
|
|
kibibyte joined #rest |
18:57 |
|
kibibyte |
hi |
18:58 |
|
kibibyte |
anyone here |
18:59 |
|
kibibyte |
?? |
18:59 |
|
kibibyte |
need help |
19:04 |
|
saml |
ask |
19:19 |
|
|
ewalti joined #rest |
19:34 |
|
kibibyte |
saml i have rest desing problem . lets say i have controller with path like: /accounts/{accountId}/ /accounts/{accountId}/orders/{orderId} etc. |
19:34 |
|
kibibyte |
but how to design reset password path . i dont account id at this time |
19:35 |
|
kibibyte |
to have it consistent |
19:35 |
|
saml |
password to account? |
19:35 |
|
saml |
PUT /accounts/1 with modified representation? |
19:37 |
|
kibibyte |
i mean user wants to reset password. So what rest url should looks like . I cant use i.e PUT /accounts/{accountId}/password since i dont know ccountId since user knows only his email |
19:48 |
|
|
shrink0r joined #rest |
19:49 |
|
* whartung |
not going to get on the "who cares what the url is" horse... |
19:49 |
|
* whartung |
I'll just hold it reign next to this post. |
19:49 |
|
trygvis |
:) |
19:53 |
|
whartung |
so, what do you mean "user wants to reset password" kibibyte |
19:55 |
|
kibibyte |
whartung, some request which takes email as body , and result of this action is that email is sent to user with URL and token to change password |
19:56 |
|
whartung |
so, then why not just POST to /resetpassword |
19:57 |
|
kibibyte |
but is it valid rest api design |
19:57 |
|
kibibyte |
i mean it isvalid |
19:57 |
|
kibibyte |
but |
19:57 |
|
kibibyte |
is it the "proper" way |
19:58 |
|
whartung |
sure |
19:58 |
|
saml |
oh user forgot password |
19:58 |
|
whartung |
yea, not changning the password |
19:59 |
|
saml |
if client doesn't know url... it can have fall back url |
19:59 |
|
saml |
no scratch what i said |
19:59 |
|
saml |
POST /resetpassword sounds good to me |
20:04 |
|
kibibyte |
saml, and why not DELETE /accounts/password {email} |
20:05 |
|
saml |
i don't understand |
20:05 |
|
saml |
you want to delete all passwords of all accounts? |
20:05 |
|
saml |
or delete an account named `password` ? |
20:06 |
|
saml |
think about REST as three commands: cat (GET), mv (PUT), rm (DELETE). all others are POST |
20:07 |
|
kibibyte |
i want to keep all acount related stuff under /accounts/ prefix |
20:08 |
|
saml |
rm /accounts/password vs. find . -type f exec sed -i 's/password:(.+)/password:/' '{}' \; |
20:08 |
|
kibibyte |
saml but what to do when its not entity but action like resetpassword |
20:08 |
|
saml |
second one, i'd use POST |
20:08 |
|
saml |
POST /accounts/resetpassword |
20:09 |
|
saml |
/accounts/kibibyte is your account. but /accounts/resetpassword is special resource? |
20:09 |
|
saml |
i think that's fine |
20:09 |
|
asdf` |
you can also model that as an entity of course, just have a 'password reset' resource that you create by POSTing, and that needs to be updated with the new password (and a one time sms token) |
20:10 |
|
kibibyte |
saml, no i dont have special resource |
20:10 |
|
saml |
i don't really understand :P |
20:11 |
|
saml |
if it's asynchronous workflow, you can do what asdf` said |
20:11 |
|
kibibyte |
asdf`, so POST /accounts/resetpassword for creating email and token and PUT /accounts/resetpassword for inserting password ? |
20:12 |
|
asdf` |
kibibyte, sure; and when a user creates this resource you know you need to send a token |
20:13 |
|
kibibyte |
hm |
20:13 |
|
kibibyte |
ok |
20:13 |
|
kibibyte |
i just wanted the most common/proper way to do it |
20:13 |
|
whartung |
the POST to reset password shoudl return /account/pendingresets/abc12345 |
20:13 |
|
whartung |
that's your token |
20:13 |
|
kibibyte |
since it can be deigned in several ways |
20:14 |
|
whartung |
when you PUT the password and security info to that resource, the users password is changed |
20:14 |
|
kibibyte |
ok |
20:18 |
|
kibibyte |
thx |
20:20 |
|
|
pgicxplzs joined #rest |
21:03 |
|
|
znn joined #rest |
21:03 |
|
|
znn left #rest |
21:04 |
|
|
znn joined #rest |
21:05 |
|
znn |
i am building a mobile app, and i'm struggling with the auth part of it a bit |
21:05 |
|
znn |
i can auth the user through any oauth provider, that is log them in and get a token |
21:06 |
|
znn |
but from there, it would be nice if a user had their favorites retrieved, so they could look at their favorited works |
21:07 |
|
znn |
in my head, i figure the routes look like |
21:07 |
|
znn |
GET /users = get all users |
21:08 |
|
znn |
should never be used, probably shouldn't be an enpoint |
21:08 |
|
znn |
GET /users/:id = get a specific user |
21:08 |
|
znn |
GET /users/:id/favorites = get a user's favorites |
21:08 |
|
znn |
however, there may be some coupling from another resource |
21:09 |
|
|
shrink0r joined #rest |
21:11 |
|
znn |
the Orders model depends on the Users model, a POST to /orders with data user_email causes a Users model to use its get method |
21:11 |
|
znn |
and there's the problem |
21:11 |
|
znn |
Orders causes a get request, but it's sending over an email |
21:12 |
|
znn |
the user is doing the same thing |
21:12 |
|
znn |
but there is no route for that |
21:12 |
|
znn |
i don't know if that is clear |
21:13 |
|
znn |
basically i need two routes |
21:14 |
|
znn |
/users/:user_id |
21:14 |
|
znn |
/users/:user_email |
21:14 |
|
znn |
and i think this is bad practice |
21:16 |
|
znn |
so i was thinking i should rethink how users send requests to the server, and they should have the user_id so they can request the appropriate information |
21:16 |
|
znn |
but that causes more network requests |
21:17 |
|
znn |
and that's not good for mobile apps |
21:17 |
|
znn |
i figure you could do something like this |
21:18 |
|
znn |
i was about to say GET /users/:email_id, but then anyone could do this and get the user object |
21:19 |
|
znn |
i need some way of authenticating the user on the server as opposed to relying on the client side |
21:19 |
|
znn |
this is an embarassing conversation with myself |
21:31 |
|
whartung |
not quite followng -- did you discern a fundamental question from your converstaion? |
21:42 |
|
znn |
i guess not yet |
21:43 |
|
znn |
i just think i'm doing it all wrong |
22:18 |
|
znn |
i will be back with a solution i guess |
22:31 |
|
|
graste joined #rest |
23:31 |
|
|
blahdeblah joined #rest |
23:31 |
|
|
blahdeblah joined #rest |