greptilian logo

IRC log for #rest, 2015-09-04

https://trygvis.io/rest-wiki/

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time S Nick Message
00:28 mezod joined #rest
02:27 wsiqueir joined #rest
03:23 baweaver joined #rest
03:29 Coldblackice joined #rest
03:33 dkm joined #rest
04:08 vioz joined #rest
05:15 _ollie joined #rest
05:22 jangid joined #rest
05:29 Coldblackice joined #rest
06:12 jangid joined #rest
06:50 jangid joined #rest
07:24 timg___ joined #rest
07:33 jangid joined #rest
07:49 andern joined #rest
07:50 andern i understand the difference between status code 401 and 403 and when to return them, but what's the correct status code to return when the authentication itself failed? Let's say I have authenticated and i try to GET from /api/Persons/. The session has timed out and it would be appropriate to return 401. However, what would be a proper status code if a POST to /api/authenticate with the wrong username/passwor
07:50 andern d?
08:00 trygvis //api/authenticate is just a resource like other resources, so 200 OK or 400/422
08:06 interop_madness joined #rest
08:09 jangid joined #rest
08:13 chthon joined #rest
08:36 graste joined #rest
08:40 timg___ when using problem+json whats the "type" (url) of a classical 404 response? i dont want to define all the docs!`?
08:52 fumanchu joined #rest
09:10 interop_madness joined #rest
09:22 trygvis timg___: I don't understand your question
09:23 timg___ problem+json force the "type" to be an url.
09:24 timg___ trygvis: so what url/type is supposed to be used for classic 404 responses?
09:30 trygvis I would say "about:blank" and use "Not Found" for "title"; https://tools.ietf.org/html/draft-nottingham-http-problem-07#section-4.2
09:31 jangid joined #rest
09:34 fumanchu_ joined #rest
09:36 rosstuck joined #rest
12:22 pith I didn't know this draft, it looks interesting. Thanks for the link
12:22 wsiqueir joined #rest
12:51 _ollie joined #rest
13:01 interop_madness joined #rest
13:03 interop_madness left #rest
15:09 interop_madness joined #rest
16:31 vioz joined #rest
17:01 vioz would it be valid for me to ask a question about jwt in here?
17:01 pdurbin vioz: what is it?
17:02 vioz i'm wondering if i should use JWT for authenticating users in a SPA
17:04 vioz i think i recall reading that cookies were better, but i know i've read that in-memory session handling doesn't scale
17:07 pdurbin oh, it's that json thing, right?
17:07 pdurbin searchbot: lucky jwt json token
17:07 searchbot pdurbin: http://jwt.io/
17:07 pdurbin right, right. RFC 7519 - JSON Web Token (JWT) - https://tools.ietf.org/html/rfc7519
17:08 pdurbin someone here might know but there's also https://ask.auth0.com/category/jwt linked from their homepage
18:48 fuzzyhorns joined #rest
18:59 foist joined #rest
19:34 fuzzyhorns joined #rest
19:39 fuzzyhorns joined #rest
20:14 searchbot` joined #rest
20:16 jatb joined #rest
21:06 fumanchu joined #rest
21:08 searchbot joined #rest
21:10 trygvis joined #rest
21:27 riddle joined #rest
21:28 Andre-B joined #rest
22:11 fuzzyhorns joined #rest
22:33 metasansana joined #rest
22:33 metasansana joined #rest

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

https://trygvis.io/rest-wiki/