• MV (Jerboa dev)@programming.dev
    link
    fedilink
    arrow-up
    0
    arrow-down
    1
    ·
    5 months ago

    I can’t tell what the general flow of the API usage in general is. Am I supposed to login/authorize somehow first? Some common examples, especially in at least one programming language (whether that’s curl or python or whatever) I think would go a long way to help people understand what they’re supposed to do.

    This could use indeed some work

    How do I know if I need to authorize for a particular endpoint?

    openapi spec allows one to specify the authentication, this has not be done already because there is an open issue to include auth in lemmy-js-client (I use this to generate the spec) + Need to figure the best approach to convey “elevated” auth endpoints. Endpoints like GetSite where authentication enhances the response.

    Endpoint descriptions are often unhelpful.

    They are actually summaries, they are fine imo. There is an open issue to add the descriptions though.

    We have to guess what endpoint we might need for a lot of things. Example: /post/like is also for dislikes, but it doesn’t tell you that. It also never tells you HOW to like or dislike anything, the valid values of score do not appear to be documented. And you’re left to assume that’s the right field to even use for it.

    Yes indeed, things like this should be documented in the description.

    What is the content type of the request supposed to be? JSON is never mentioned anywhere.

    This is explicitly mentioned on every request, visually and in the spec.

    What are these named “parameters”? Is that a query parameter? Why does it say “object” and “(query)”? Does this parameter go in the request body instead?

    Query is mentioned when they are query parameters, else it just a request body. This is pretty clear in the text (spec) or visually imo.

    /user shows a parameter called “GetPersonDetails” except in reality this name is (I guess) supposed to be completely ignored, because no part of the request actually uses the string “GetPersonDetails”.

    GetPersonDetails is the name of the object if you scroll all the way to the bottom you can inspect it. This more clear in the spec.

    Schema is missing for many endpoints, like the request part of /user.

    There is not a single endpoint missing nor its requests.

    What are all these fields under “GetPersonDetails”? Are they all required? Only some? It doesn’t say anything about it.

    This could be improved.

    Many of the possible error codes are undocumented.

    Status codes? or the 400 lemmy error? ex: { error: "report_reason_required" } Status codes are the same everywhere, 200/201 or 400 with Lemmy error as response. There is one exception that is 401 that can be thrown for every auth required endpoint where auth fails. But these are standard. Ig this should documented.

    Now the “LemmyErrorTypes”. This could be improved, but it is hard to, not possible to be automated and tedious to add and frequently changes.

    Thanks for the feedback.