Looking for API testers!

[momijizukamori]

The new API I've been working on (more discussion here) is getting to the stage where it needs lots of rounds of testing and feedback, because I am extremely scatterbrained and bad at testing. Benefits of helping:
1) get to play with API things now instead of whenever it's ready to go live on the production site
2) my eternal gratitude?
3) idk if you want some custom CSS or something I'm happy to help

In particular, I'd love feedback from people who make use of different security settings on tags, and access and subscription filters, because I don't use these features and thus am less certain of expected behavior.

Caveats
-I don't have API keys working yet, though they're partially written and mostly just need debugging right now. In the meantime, auth is via regular session cookies.
-posting photos is still in the works, because I have to interface with and/or convert an older API to fit the current API conventions, and trying to understand file uploads gives me a headache.
-There is no support for reading or posting comments (outside of inbox notifs) right now, because there needs to be some larger high-level conversations about privacy expectations and what kind of query load the servers can support before we can work out implementation details.
-Icons and image uploads aren't working because I was testing some icon stuff unrelated to the API and slightly borked my config - I will try to get that sorted in the next day or two.

How to do the thing
-Make an account on my dev machine. The workers for content import should be working, if you want to import content from Dreamwidth to play around with.
-Poke at the API - raw JSON-formatted description is here and a slightly cleaner HTML-formatted one is here.
-Leave me feedback! This can be anything you notice - down to 'you misspelled this word'. It's all gotta get fixed at some point, so don't worry about being too picky.

Comments

[chalcedony_starlings]

How long is this likely to be around? I'm super-interested but I'm also overloaded right now.

[momijizukamori]

Basically until it's ready to go live, though it may temporarily vanish if I work on non-API stuff that requires me to checkout a new branch (and there may be times where it goes down while I try to figure out what I screwed up in the API key code)

[casimirian]

Thanks for the update. I've created account.

[casimirian]

FYI, I'll be building Python library to call this API. If anyone cares, let me know.

[wohali]

Hi there! I'm sorry I've been absent from the -dev IRC channel. I'm on coding break for a while.

I just wanted to say - thank you, for working on this. I'm sure it'll be incredibly useful in the future.

I'm a bit surprised that the documentation isn't broken up into logical sections, i.e. /journals/* then /users/* then... and so on. I can't actually sort out the structure of the API at all from the web docs. That said, I spent about 30 seconds on it ;)

[momijizukamori]

That's on my to-do list :) The JSON file isn't sorted so it kind of goes in a random order every time it's loaded (because it's a hash, and hashes aren't sorted etc) - the web doc frontend is also fairly randomly sorted, I think, but honestly that was me just slapping a pre-existing package up there to provide some sort of interface that wasn't raw JSON. Once I get the actual api functionality a little better fleshed-out (and debugged), I'll probably make a custom page for the API docs that actually uses site-style rendering and whatnot.

[siderea]

OMG SO EXCITE!!!

Also, completely overwhelmed with other stuff atm. I have to go write a Patreon substitute this week. My hosting company is generating SSL certs wrong. Other responsibilities are eating my head. I'll get back to this as soon as I can.

Thank you so much for doing all this!

[momijizukamori]

No rush! Mostly I just wanted to point people at it because 1) it's been at this stage for like a month now and 2) feedback will encourage me to work more :) It's not going anywhere anytime soon.

[wailor]

Wow! this is superb!

Without the intention of adding more workload to it, wouldn't it be better to follow the http://jsonapi.org/ specification? That way it would be more "standard" and a lot of apps could work with this API or use one of the multiple implementations that already exist for it.

Btw, the old API was disabled?

[pauamma]

Btw, the old API was disabled?

Belatedly, I don't think it was. What makes you think so?

[momijizukamori]

I thought I replied to this, whoops. To my knowledge the old API is still in use, though the switch to full-HTTPS may have broken some stuff that uses it but doesn't use HTTPS.

We're using the Swagger/OpenAPI spec (Swagger is the old name, and now mostly refers to the toolsets) - it's got an active development community, and a lot of tools for interacting/developing stuff that conforms to that spec.

[pauamma]

This just to let you know that there's a question in https://dw-dev.dreamwidth.org/202722.html?thread=1566690#cmt1566690 that looks right up your alley.

[momijizukamori]

Oh, thanks for the heads-up!

RESTFest

[brainwane]

I want to bring your attention to RESTFest, a conference about API design -- my spouse goes a lot and finds it useful and welcoming. If you would be interested in going to one of the RESTFests this year (April 20-21st in Grand Rapids, MI USA or September 26 + 27-29th, Greenville, SC USA) but would have trouble for financial reasons, ping me and I'll put you in touch with the organizers, who have in the past wrangled scholarships.

Re: RESTFest

[momijizukamori]

Oh, thanks for bringing that to my attention! That does look really interesting - I might be able to convince my day job to spring for it, because I know we're in the process of developing APIs for our products, and have been increasingly asked to security-test customers' RESTful APIs (application security company, heh).