After figuring out the basics of how to build the pre-game portion of the Unity application, I spent some time in front of the whiteboard (in reality it's a cork board I pin notecards into) figuring out what Mabel's API will look like.
These are, from my experience, the endpoints you need for a minimalist user account management api:
POST /authorization/logout authorized only
GET /accounts/view authorized only
POST /accounts/create unauthorized only
POST /accounts/update authorized only
POST /accounts/passwordupdate authorized only
POST /accounts/passwordreset unauthorized only
GET /anonymous/news no authorization functionality
For all endpoints except /anonymous/news, the API expects the presence of a special header to be present in that request.
When the request enters the API, that header value will be used to look up whether or not that value is authorized.
If the authorization state does not match what's in the third column, the request will be rejected and an error response returned.
If no header value is present or the value doesn't correspond to anything looked up by Mabel, a new header value will be returned in the response, even if it's an error.
The /anonymous/news endpoint isn't part of the account management api (which is why it won't implement the authorization system) but I thought it would be cool to have the ability to display 'content' on the pre-game portion of the app. I'll probably try to figure out how to get it to return a formatted version of Mabel's git log.
No comments:
Post a Comment