Get rid of the /users/Username/ prefix.

[HamishWHC]

You can't access the purchase orders/sell orders/flight plans/ etc of other players. If you can in future, then this can be added back, but I think it makes more sense for your token to identify you. So the endpoints should be:

/purchase-orders
/sell-orders
/flight-plans
/ships
/loans

The user summary endpoint could be used for looking up other players and getting info about them. To get your own user summary, maybe / or /me?

[ramonGonzEdu]

Ah; I thought this was accepted and planned as an update

[artokun]

It’s too hard to implement with alpha but I think beta is heading this direction

On Mar 5, 2021, at 12:03 PM, ramonGonzEdu notifications@github.com wrote:

Ah; I thought this was accepted and planned as an update

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/SpaceTradersAPI/issues-and-suggestions/issues/32#issuecomment-791650307, or unsubscribe https://github.com/notifications/unsubscribe-auth/AB2PWF7CYVRWGUMJTMQAG4LTCE2HRANCNFSM4YUJYIJA.

[thebrubaker]

It's probably a big enough change that we wouldn't roll it out on the current endpoints, but we could make a change when we deploy V1. You alluded to the idea - at some point you can make a service that is authorized to control other player's assets. We need endpoints per user in that instance, but its also true it will be a while before we get to oauth.

I think as a compromise we can make an endpoint for /me or /self (or something better, I could never think of a good prefix) and that would allow the existing endpoints to work.

I'll explore too seeing if just no prefix, just root resources, would assume a me context. I don't want to lock us in too much, but its worth experimenting with. We'll make some updates for when we deploy our first /v1 set of API endpoints.

[ramonGonzEdu]

There shouldn't really be custom endpoints for "controlling other players" as the server should know what token is for what player; i.e a service has an oauth token for each player and the server finds what user the token is for in the db.

I do like the idea of having a /self prefix, but not a /me since me usually refers to a person, while self is more generalized.

[thebrubaker]

🤦 oh man you're totally right. I don't know why my brain was stuck on needing explicit user routes. I agree then, we can strip the username prefix entirely. Thanks for pushing back on this!

[thebrubaker]

Ironically Art has been pushing for this for a while but I always strongarm him into doing what I want 😂