greptilian logo

IRC log for #rest, 2016-11-28

#rest on freenode has been logged here from May 2014 until end of July 2018 but logging has been suspended because the channel has been riddled with spam since August 2018 with no end in site. See the following blog posts about the problem:

Until the spam problem has been dealt with and logging can resume, please visit our wiki at https://trygvis.io/rest-wiki/

Thanks.

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time S Nick Message
07:12 _ollie joined #rest
07:46 _ollie joined #rest
09:21 Tomatosoup- joined #rest
09:52 marcv joined #rest
10:10 marcv Hello. In my (oauth-protected) REST API, I want to give users the possibility to change their password. A PATCH sent to /users/{id} is ok, but for something so sensitive as modifying a password, I think maybe it would be good to not rely on an oauth token in this specific case, but ask the user for their current credentials. Is it a good idea to ask for the current password in a custom http header for instance?
10:10 marcv I would use HTTP Basic authentication for this specific request, but I cannot target only this one, I would have to apply it to every PATH sent to /users/{id}
10:10 marcv PATCH, sorry
12:04 pdurbin on the right track to require more than the oauth token
13:10 marcv joined #rest
13:31 fuzzyhorns joined #rest
13:46 ShekharReddy joined #rest
16:01 `0660 joined #rest
16:02 igitoor joined #rest
16:15 igitoor joined #rest
16:15 tbsf joined #rest
16:28 ghostlight joined #rest
17:01 tbsf joined #rest
17:03 tbsf joined #rest
17:31 ShekharReddy joined #rest
17:33 Tomatosoup- joined #rest
17:45 wsieroci joined #rest
18:08 _ollie joined #rest
18:13 ShekharReddy joined #rest
19:23 tbsf joined #rest
19:27 tbsf joined #rest
19:40 wsieroci joined #rest
22:53 fuzzyhorns joined #rest

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

#rest on freenode has been logged here from May 2014 until end of July 2018 but logging has been suspended because the channel has been riddled with spam since August 2018 with no end in site. See the following blog posts about the problem:

Until the spam problem has been dealt with and logging can resume, please visit our wiki at https://trygvis.io/rest-wiki/

Thanks.