[x] The login_api::login API call will create all API objects, even if none of them is used later. It is better to only create the corresponding API object the first time an API is requested.
[x] Access to the database API set can not be avoided even with the api-access option
[x] The login_api::database API call will create a new database_api object, which is unnecessary since there is already one registered (according to docs, it has ID 0).
[x] The following API call will fail with error too few arguments passed to method:
curl -d '{"id":1,"method":"call","params":["login","database",[ ]]}' http://localhost:8090/
But this API call will succeed:
curl -d '{"id":1,"method":"call","params":[1,"database",[ ]]}' http://localhost:8090/
It means we can not use the name "login" when calling an API in the login_api API set (but we can do that with database_api, history_api and etc). Although it doesn't matter at the moment, it will be inconvenient when we adding new APIs in login_api.
The reason is that login_api::login is used for login but not for retrieving the ID of login_api itself.
[x] Since https://github.com/bitshares/bitshares-core/pull/223, login_api::login("*","*") is called by default on each new connection with no username or password supplied (this is a feature). As a result, the documentation saying login must be called first is no longer true. Task: update documentation.
abitmore
commented
1 year ago
Bug Description
login_api::loginAPI call will create all API objects, even if none of them is used later. It is better to only create the corresponding API object the first time an API is requested.databaseAPI set can not be avoided even with theapi-accessoptionlogin_api::databaseAPI call will create a newdatabase_apiobject, which is unnecessary since there is already one registered (according to docs, it has ID0).too few arguments passed to method:curl -d '{"id":1,"method":"call","params":["login","database",[ ]]}' http://localhost:8090/But this API call will succeed:curl -d '{"id":1,"method":"call","params":[1,"database",[ ]]}' http://localhost:8090/It means we can not use the name "login" when calling an API in thelogin_apiAPI set (but we can do that withdatabase_api,history_apiand etc). Although it doesn't matter at the moment, it will be inconvenient when we adding new APIs inlogin_api. The reason is thatlogin_api::loginis used for login but not for retrieving the ID oflogin_apiitself.login_api::login("*","*")is called by default on each new connection with no username or password supplied (this is a feature). As a result, the documentation sayingloginmust be called first is no longer true. Task: update documentation.Note: https://github.com/bitshares/bitshares-core/issues/2618 was originally reported here but we can not fix it at the moment.
Impacts Describe which portion(s) of BitShares Core may be impacted by this bug. Please tick at least one box.
Host Environment Please provide details about the host environment. Much of this information can be found running:
witness_node --version.CORE TEAM TASK LIST