[haiku-depot-web] Re: Creating user accounts via the API
- From: Andrew Lindesay <apl@xxxxxxxxxxxxxx>
- To: haiku-depot-web@xxxxxxxxxxxxx
- Date: Sun, 21 Sep 2014 16:48:42 +1200
Hi Stephan;
It is great to hear it is working out well. When I get a moment, I will
have to download a nightly and see how it looks.
I was wondering, though, if there is maybe something not working quite
as you intended. When the requests contains multiple validation errors,
You are correct that the system can describe multiple validation
failures in one response. If there is a validation failure event then
it may be the result of one validation failure or many validation
failures. As-implemented, explicit API-layer logic will tend to throw
on the first failure it encounters without checking other possible
problems and so this scenario tends to return a single failure. If
validation failures arise in the ORM layer, then it might bundle-up a
number of encountered validation failures.
Because the JavaScript client checks many of the possible validation
failures on fields (nickname, email) itself, it is typically only things
like nickname uniqueness that still require a server-trip to figure out.
Maybe you could enforce local checking too?
The pattern for nickname is "^[a-z0-9]{4,16}$" and the password-clear
validation algorithm code is at the method
"AuthenticationService#validatePassword". Are there any others coming
through?
If this is still a problem or you don't want to implement client-side
checks, let me know and I'll see what can be done to coalesce failures.
Also, is my interpretation correct that a captcha token can only be used
for one request? Or am I doing something wrong. In my initial
This is correct; a captcha token can only be used on one request and
then a new one needs to be employed.
Regards;
--
Andrew Lindesay
Other related posts:
