Open leepeuker opened 1 year ago
The basics were added together with the first api endpoint (history). The rest of the endpoints has to follow.
Some other suggestions:
@JVT038 true, I have added the following to the TODO
- /users/{username}/settings/general (CRUD for user general setttings)
- /users/{username}/settings/security (CRUD for user security setttings)
I think I would prefer to create just one endpoint per settings type with optional values instead of one endpoint settings type value :thinking:
We need to improve the rest API stability. Incorrect requested payloads lead to 500 server errors.
Additionally, we return the frontend 500/404 responses pages for server errors. The rest API response should be JSON and not html.
Edit: Fixed wrong error pages for API.
The current most http routes used have a state (php session) and are not suitable for third party usages.
Structure proposal:
Other:
/api
X-Auth-Token
. Every user account can re/generate their X-Auth-Token (token and user are hardly coupled). This is a really basic setup which can be improved later, for now I would like to focus on functionality over security.TODO: add api token and its management to user general account settings, maybe under new section
Api