greptilian logo

IRC log for #rest, 2015-03-18

https://trygvis.io/rest-wiki/

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time S Nick Message
00:02 SlippinJimmy joined #rest
00:03 azr joined #rest
00:20 pdurbin whartung: similar problems in #io: http://irclogs.shortcircuit.net.au/%23io/2015-03-17.log.html#t23:41:35 :)
00:20 pdurbin and sure to get worse now that io.js is a thing
00:21 whartung heh
00:48 ralphschindler joined #rest
01:00 ralphschindler joined #rest
01:22 ralphschindler joined #rest
01:57 shrink0r_ joined #rest
02:32 lemur joined #rest
03:23 fumanchu joined #rest
03:51 dkm joined #rest
03:51 ralphschindler joined #rest
04:43 ralphschindler joined #rest
06:20 tr3online joined #rest
07:22 Andre-B joined #rest
07:54 vanHoesel joined #rest
08:30 Andre-B joined #rest
08:38 Andre-B should a bad request response only contain http status code 400 and message bad request, or can I have a message like bad request: missing filter param - to indicate what’s bad on that request?
08:42 vanHoesel joined #rest
09:04 azr joined #rest
09:31 Andre-B_ joined #rest
09:33 _ollie joined #rest
09:44 vanHoesel joined #rest
09:53 shrink0r joined #rest
10:16 pdurbin Andre-B: for our Search API we return 400 and {"status":"ERROR","message":"q parameter is missing"}
10:19 pdurbin huh. github returns a 422 at https://api.github.com/search/repositories 422 Unprocessable Entity ... it says "message": "Validation Failed" (and has an array of errors with "q... missing")
10:20 trygvis pdurbin: githubs api has a lot of strange stuff
10:23 trygvis Andre-B: you can include whatever you want in your response, it's just like any other response. make sure to include a proper content-type so the client knows how to process it
10:23 trygvis like pdurbin does :)
10:26 pdurbin When you write your own API you can fill it with strange stuff. :)
10:32 trygvis yep
10:38 vanHoesel joined #rest
10:47 vanHoesel joined #rest
11:52 Left_Turn joined #rest
12:54 azr joined #rest
13:15 StatelessCat joined #rest
13:32 mezod joined #rest
13:35 azr joined #rest
14:29 ralphschindler joined #rest
14:46 Andre-B_ joined #rest
15:06 ralphschindler joined #rest
15:16 happyface joined #rest
16:01 shrink0r joined #rest
16:03 lemur joined #rest
16:40 TeddyMurray joined #rest
16:40 TeddyMurray anyone know any good coupon RESTful databases?
16:50 tr3online joined #rest
16:53 _ollie what's a restful database?
16:54 fumanchu what's a (for each term in combinations(["good", "coupon", "RESTful", "database"]))?
17:55 fumanchu_ joined #rest
18:03 t_dot_zilla joined #rest
18:03 t_dot_zilla hello
18:05 t_dot_zilla I'm trying to understand how to implement a secure RESTful API
18:05 t_dot_zilla i have the API setup like this tutorial http://www.androidhive.info/2014/01/how-to-create-rest-api-for-android-app-using-php-slim-and-mysql-day-12-2/
18:05 t_dot_zilla which basically retrieves the apikey based on a valid user/pass login
18:06 t_dot_zilla the api-key is then used for authentication on all other functions
18:06 t_dot_zilla from an client application standpoint. would the api-key be stored in a 'cookie' ?
18:07 t_dot_zilla is that secure? assuming everything is done via https
18:08 pdurbin you've got to store it somewhere
18:08 t_dot_zilla if you were using a website -> api. would a cookie make sense? or perhaps a php session more sense?
18:09 t_dot_zilla website being the client app
18:09 pdurbin you could store the api key in a database
18:09 t_dot_zilla right it is stored in the database
18:09 t_dot_zilla the client retrieves it with the correct user/pass hash
18:10 t_dot_zilla then the client uses the api-key to perform other functions (instead of having to re-auth with user/passhash each request)
19:38 adaro joined #rest
20:08 Davey joined #rest
20:16 tr3online joined #rest
20:36 Left_Turn joined #rest
20:53 tr3online joined #rest
21:17 warehouse13 joined #rest
23:08 talios joined #rest
23:19 warehouse13 hey which is a better json response?   https://bpaste.net/show/dec769180af2
23:20 asdf` warehouse13, i'm not sure why would that matter, but sure, i guess i'd do the latter (also that's javascript, not json)
23:22 warehouse13 well that will be the object before it's serialised... I was just trying to get a good format so I could also have it represented well in sql and also the rest library I use
23:22 warehouse13 @ asdf`
23:24 whartung you should focus on the resource design itself, and worry about how its implemented later
23:25 warehouse13 you're right
23:25 warehouse13 I keep thinking ahead:( haven't designed an api before
23:42 pdurbin nothing wrong with thinking ahead

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

https://trygvis.io/rest-wiki/