greptilian logo

IRC log for #rest, 2016-11-28

https://trygvis.io/rest-wiki/

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time S Nick Message
07:12 _ollie joined #rest
07:46 _ollie joined #rest
09:21 Tomatosoup- joined #rest
09:52 marcv joined #rest
10:10 marcv Hello. In my (oauth-protected) REST API, I want to give users the possibility to change their password. A PATCH sent to /users/{id} is ok, but for something so sensitive as modifying a password, I think maybe it would be good to not rely on an oauth token in this specific case, but ask the user for their current credentials. Is it a good idea to ask for the current password in a custom http header for instance?
10:10 marcv I would use HTTP Basic authentication for this specific request, but I cannot target only this one, I would have to apply it to every PATH sent to /users/{id}
10:10 marcv PATCH, sorry
12:04 pdurbin on the right track to require more than the oauth token
13:10 marcv joined #rest
13:31 fuzzyhorns joined #rest
13:46 ShekharReddy joined #rest
16:01 `0660 joined #rest
16:02 igitoor joined #rest
16:15 igitoor joined #rest
16:15 tbsf joined #rest
16:28 ghostlight joined #rest
17:01 tbsf joined #rest
17:03 tbsf joined #rest
17:31 ShekharReddy joined #rest
17:33 Tomatosoup- joined #rest
17:45 wsieroci joined #rest
18:08 _ollie joined #rest
18:13 ShekharReddy joined #rest
19:23 tbsf joined #rest
19:27 tbsf joined #rest
19:40 wsieroci joined #rest
22:53 fuzzyhorns joined #rest

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

https://trygvis.io/rest-wiki/