Status codes
Goals
The goal of this document is to outline some proposed improvements to our API so that we can have a team discussion around the changes.
All proposed changes vary on when we should implement them.
Problems Identified
Status codes are lacking
A 500 on unauthorized is the most notable. This was why this investigation started. Essentially we have many cases where we could return a more informative status code.
Response Body’s are brittle
We often return data unwrapped. [1,2,3] instead of wrapped { list: [1,2,3] }. While valid this can cause breaking changes if we want to add additional fields in the future. Also the nature of wrapping responses in an object allows us to communicate meaning easier through field names.
Duplicate and or unused endpoints
In a few instances we had two endpoints doing the same thing: GET /ipf/{cid} and GET /ipfs?cid={cid}.
Misnamed endpoint
Currently PUT /ipfs/{cid} means pin this to your service. However POST /ipfs means create this file on ipfs and GET /ipfs/{cid} means give me the data for this cid from ipfs. I don’t think these necessarily line up. POST /ipfs/{cid}/pin would be a better endpoint for that functionality.
Proposed Endpoints, Status Codes and Responses
General error codes
Unauthorized -> 401
Ipfs Error -> 502
IPFS timeout -> 504
GET /dns/
note: this is a newly proposed endpoint
Status Codes
- 200 OK*
- 401 Unauthorized
Response Body*
{
cid: 'abc1233'
}
PUT /dns/{cid}
Status Codes
- 201 Created*
- 401 Unauthorized
Response Body*
{
domain: 'subdomain.com'
}
GET /ipfs/cids
Status Codes
- 401 Unauthorized
- 200 Ok
Response Body*
{
cids: [...]
}
GET /ipfs/{cid}
Status Codes
- 401 Unauthorized
Response Body
{
content: "..."
}
PUT /ipfs/{cid}
Status Codes
- 401 Unauthorized
Response Body
POST /ipfs/{cid}
Status Codes
- 401 Unauthorized
Response Body
PUT /ipfs/{cid}
Note: renamed from PUT /ipfs/{cid}
Status Codes
- 401 Unauthorized
- 400 Bad Request
- 201 created
Response Body
{
cid: "asdasdasd"
}
DELETE /ipfs/{cid}
Status Codes
- 401 Unauthorized
- 200 OK
Response Body
{
cid: "asdasdasd"
}
POST /ipfs
Query Params
- name
Status Codes
- 401 Unauthorized
- 201 Created
- 400 Bad Request
Response Body
{
cid: "abc123"
name: "whatever.pdf"
}
POST /ipfs/dag
Status Codes
- 401 Unauthorized
- 201 Created
- 400 Bad Request
Response Body
{
cid: "abc123"
}
GET /ipfs/peers
Status Codes
- 200 OK
Response Body
{
peers: [...]
}
POST /heroku/resources
Status Codes
- 401 Unauthorized
- 201 Created
- 400 Bad Request
Response Body
{
"config": {
"INTERPLANETARY_FISSION_PASSWORD": "GW0SHByPmY0.y+lg)x7De.PNmJvh1",
"INTERPLANETARY_FISSION_USERNAME": "c74bd95b8555275277d4",
"INTERPLANETARY_FISSION_URL": "https://runfission.com"
},
"id": 4213,
"message": "Provisioned successfully"
}
DELETE /heroku/resources/{addon_id}
Status Codes
- 401 Unauthorized
- 404 Not found
- 204 No Body
Response Body
GET ping
Status Codes
- 200 OK
Response Body
pong
POST /user
Status Codes
- 201 created
- 400 bad request
- 409 conflict
Response Body
{
username: "user1"
domain: "user1.runfission.com"
}
GET /user/verify
Status Codes
- 200 OK
Response Body
{
active: true
}
PUT /user/reset_password
Status Codes
- 204 No Body
- 401 Unauthorized
- 400 bad request
Response Body
Endpoints to Remove
POST /ipfs/{cid}
- http upload doesn’t need the cid
GET /ipfs
- what are we getting?
PUT /ipfs
- what are we putting without a cid?
Questions
- Why do we have
GET ipfs/?cid=123andGET ipfs/123 - How does POST /ipfs/dag work again?
Implemented Ideas
1. Rename PUT /ipfs/{cid} to PUT /ipfs/{cid}/pin
2. Add GET /dns which will return the current cid of their subdomain
What should we do
I think we should do the following:
- Update the API to use the updated general status codes for authorization and ipfs failure ASAP
- Create a card to update the rest of the agreed upon status codes
- create a card to add the
GET /dnsendpoint - create cards update the response body’s
and rename to PUT /ipfs/{cid} to POST /ipfs/{cid}/pin