karagenit
commented
7 years ago Okay, here's another weird situation: will the PHP give the client the full JSON or just the repo/point values? If we don't give them the full JSON, we'd be omitting the error information (such as not being authenticated) which would complicate things.
This is going to be weird with the OAuth stuff - the client would have to send their token everytime? Or use PHP sessions probably - that way we don't have to re-authenticate every time.