IRC log for #rest, 2015-09-04

https://trygvis.io/rest-wiki/

← Previous day | Channels | #rest index | Today | Next day → | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time	S	Nick	Message
00:28			mezod joined #rest
02:27			wsiqueir joined #rest
03:23			baweaver joined #rest
03:29			Coldblackice joined #rest
03:33			dkm joined #rest
04:08			vioz joined #rest
05:15			_ollie joined #rest
05:22			jangid joined #rest
05:29			Coldblackice joined #rest
06:12			jangid joined #rest
06:50			jangid joined #rest
07:24			timg___ joined #rest
07:33			jangid joined #rest
07:49			andern joined #rest
07:50		andern	i understand the difference between status code 401 and 403 and when to return them, but what's the correct status code to return when the authentication itself failed? Let's say I have authenticated and i try to GET from /api/Persons/. The session has timed out and it would be appropriate to return 401. However, what would be a proper status code if a POST to /api/authenticate with the wrong username/passwor
07:50		andern	d?
08:00		trygvis	//api/authenticate is just a resource like other resources, so 200 OK or 400/422
08:06			interop_madness joined #rest
08:09			jangid joined #rest
08:13			chthon joined #rest
08:36			graste joined #rest
08:40		timg___	when using problem+json whats the "type" (url) of a classical 404 response? i dont want to define all the docs!`?
08:52			fumanchu joined #rest
09:10			interop_madness joined #rest
09:22		trygvis	timg___: I don't understand your question
09:23		timg___	problem+json force the "type" to be an url.
09:24		timg___	trygvis: so what url/type is supposed to be used for classic 404 responses?
09:30		trygvis	I would say "about:blank" and use "Not Found" for "title"; https://tools.ietf.org/html/draft-nottingham-http-problem-07#section-4.2
09:31			jangid joined #rest
09:34			fumanchu_ joined #rest
09:36			rosstuck joined #rest
12:22		pith	I didn't know this draft, it looks interesting. Thanks for the link
12:22			wsiqueir joined #rest
12:51			_ollie joined #rest
13:01			interop_madness joined #rest
13:03			interop_madness left #rest
15:09			interop_madness joined #rest
16:31			vioz joined #rest
17:01		vioz	would it be valid for me to ask a question about jwt in here?
17:01		pdurbin	vioz: what is it?
17:02		vioz	i'm wondering if i should use JWT for authenticating users in a SPA
17:04		vioz	i think i recall reading that cookies were better, but i know i've read that in-memory session handling doesn't scale
17:07		pdurbin	oh, it's that json thing, right?
17:07		pdurbin	searchbot: lucky jwt json token
17:07		searchbot	pdurbin: http://jwt.io/
17:07		pdurbin	right, right. RFC 7519 - JSON Web Token (JWT) - https://tools.ietf.org/html/rfc7519
17:08		pdurbin	someone here might know but there's also https://ask.auth0.com/category/jwt linked from their homepage
18:48			fuzzyhorns joined #rest
18:59			foist joined #rest
19:34			fuzzyhorns joined #rest
19:39			fuzzyhorns joined #rest
20:14			searchbot` joined #rest
20:16			jatb joined #rest
21:06			fumanchu joined #rest
21:08			searchbot joined #rest
21:10			trygvis joined #rest
21:27			riddle joined #rest
21:28			Andre-B joined #rest
22:11			fuzzyhorns joined #rest
22:33			metasansana joined #rest
22:33			metasansana joined #rest

← Previous day | Channels | #rest index | Today | Next day → | Search | Google Search | Plain-Text | plain, newest first | summary

https://trygvis.io/rest-wiki/