Search found 17 matches

by galaxyAbstractor
Fri Apr 24, 2015 8:19 am
Forum: [3.x] Tickets Discussion
Topic: PHPBB3-11595 - API
Replies: 64
Views: 203614

Re: [RFC] API


The best choice is an observer only API of course (while information leakage is still an issue here, data loss is not a risk), however, if data modification is a must the best options are an API that does not allow data removal or is sandboxed as such that the only data that the API can modify or ...
by galaxyAbstractor
Wed Feb 25, 2015 8:45 am
Forum: [3.x] Tickets Discussion
Topic: PHPBB3-11595 - API
Replies: 64
Views: 203614

Re: [RFC] API

To start, I'm sorry I haven't actively replied for a while, I used to get emails whenever there was a new reply and for some reason I haven't got any mails in a long time so I assumed no one had said anything new :) (maybe I forgot to mark my last notification as read, and therefore wouldn't get new ...
by galaxyAbstractor
Sat Dec 06, 2014 11:14 pm
Forum: [3.x] Tickets Discussion
Topic: PHPBB3-11595 - API
Replies: 64
Views: 203614

Re: [RFC] API

I've thought for a while about what you have said and what we discussed, and I'm still unsure.

My vision of the API was a generic type of an API. A developer could write a single application, say an Android app, which can then be used with all boards (provided that the board has the API turned on ...
by galaxyAbstractor
Tue Jul 30, 2013 2:53 pm
Forum: [3.x] Tickets Discussion
Topic: PHPBB3-11595 - API
Replies: 64
Views: 203614

Re: [RFC] API

Note that Hardolaf is currently working on implementing Oauth into the phpBB authentication system and has gotten pretty far. I suggest you talk to him to see about somehow integrating it if possible.

I did during the hackathon but iirc he was a bit against OAuth or negative against it for the ...
by galaxyAbstractor
Mon Jul 29, 2013 7:50 pm
Forum: [3.x] Tickets Discussion
Topic: PHPBB3-11595 - API
Replies: 64
Views: 203614

Re: [RFC] API

I made a simple API implementation so far, to be able to test API calls more easily. https://github.com/galaxyAbstractor/phpbb3/commit/d9675f2fe1217de35c698cbcde910a162fa6d7f4#L3L-1 the hashing does make a bit extra code to implement but it turned out to not be very complicated after all.

Also ...
by galaxyAbstractor
Sun Jul 28, 2013 1:39 pm
Forum: [3.x] Tickets Discussion
Topic: PHPBB3-11595 - API
Replies: 64
Views: 203614

Re: [RFC] API

To get closer into the details, how much security do we want? Do we want to make sure that the API key cannot be stolen when sending a request over HTTP? Should we just don't care much about it and let the user remove the API key if the user notices it's abused? I don't know how big problem it is ...
by galaxyAbstractor
Thu Jul 04, 2013 9:45 am
Forum: [3.x] Tickets Discussion
Topic: PHPBB3-11595 - API
Replies: 64
Views: 203614

Re: [RFC] API

imkingdavid wrote: The board admin should be able to select applications that can be used by the board, and of those applications the user should be able to select which ones can perform user-level actions with his account.
Wouldn't that require the application to be registered to the board in some kind of way?
by galaxyAbstractor
Wed Jul 03, 2013 4:46 pm
Forum: [3.x] Tickets Discussion
Topic: PHPBB3-11595 - API
Replies: 64
Views: 203614

Re: [RFC] API

So I want to talk about authentication for a bit.

The authentication system
Users should never be required to give their username and password to applications because that would simply just be unsecure for a lot of reasons (password reuse, don't know which app is abusing your password if you use ...
by galaxyAbstractor
Sun Jun 09, 2013 2:54 pm
Forum: [3.x] Tickets Discussion
Topic: PHPBB3-11595 - API
Replies: 64
Views: 203614

Re: [RFC] API

I've started looking into this and is planning and drawing up how it should work etc etc. Right now I'm testing around a bit, making a prototype to retrieve a list of all forums to get the idea of stuff.

Forums can have sub-forums and so on. I've been thinking if we should offer the result as a ...
by galaxyAbstractor
Thu May 09, 2013 9:10 pm
Forum: [3.2/Rhea] Merged RFCs
Topic: [RFC] Remove innermost quote
Replies: 41
Views: 190082

Re: [RFC] Remove innermost quote

I've been thinking about this one for a bit and I think I might have a way to solve it when I looked at the code. Just a question, should the user be alerted that a quote that was too deep was removed, or just remove it automatically without mentioning it to the user?

In my opinion, I would just ...