Closed bschwind closed 9 years ago
@bschwind
Thank you for taking our test.
I made this test based on our current service.
Unfortunately it has some confusing specs.
Your points are exactly some of these.
About companies/events endpoint. I used POST.
Because its parameter has token field in body.
I don't like putting such a sensitive parameters in query parameter.
if token is stored in cookie or other custom http header, I might use GET method.
I'm glad to hear you enjoyed this test. We are going to make a web service which allows engineers to making and solving such a tests.
About tokens, I didn't think respondent bothers about it. I've imagined they use something that framework has.
You use JWT. I think it is very nice solution.
I hope to talk more next time.
These are just the notes I wrote down as I implemented my solution:
Overall the test was pretty enjoyable. It was simple enough that you can do it in a day, but long enough that you can get a feel for the person's coding style. Though it is a "short-term" project, and engineers will treat projects differently when they know it's short-lived.
I enjoyed it though, and learned something new! I was wondering how to get by without storing the tokens server-side. Turns out this was a pretty good use case for JSON Web Token