patt0
commented
7 years ago @Scarygami should we move to POST and pass the api_key in a payload or stay with GET and use a url parameter?
Open patt0 opened 7 years ago
patt0
commented
7 years ago @Scarygami should we move to POST and pass the api_key in a payload or stay with GET and use a url parameter?
justinribeiro
commented
7 years ago On the web side, we could simply add the authorization: Bearer to the currently non-auth'ed requests much like we do with the create/edit methods. The change is minimal there, but I worry about the rest of the tooling.
keyboardsurfer
commented
7 years ago Any update on this?
patt0
commented
7 years ago Ben,
Thanks for your heads up. I looked into it and there is no easy straightforward way to do this, as I would need to overwrite the https://github.com/GoogleCloudPlatform/endpoints-proto-datastore library for which I have no time and appetite considering that cloud end points v1 are deprecated
I have considered migrating to v2 of endpoints, and while attending GDD in Krakow we talked about migrating the backend to Firebase to make it easier for a multitude on clients to interact with the data in a secure and private way.
I have started to build an environment and will migrate to it with the help of the tracking team over the next couple of months.
Patrick Martinent
On 18 September 2017 at 17:55, Ben Weiss notifications@github.com wrote:
Any update on this?
— You are receiving this because you were assigned. Reply to this email directly, view it on GitHub https://github.com/GoogleDeveloperExperts/experts-app-backend/issues/35#issuecomment-330203704, or mute the thread https://github.com/notifications/unsubscribe-auth/ADoQJHN4ySZjVeO7y27tD9GsWDMHEmGjks5sjmEdgaJpZM4LRoIQ .
This will have implication on the app and we need to coordinate @justinribeiro so your data binding fails when you load read-only data.