stripe / poncho Goto Github PK
View Code? Open in Web Editor NEWEasily create REST APIs
License: MIT License
Easily create REST APIs
License: MIT License
This can be reproducible with the same example in the examples
directory, and with the following command:
# let us not include the explicit header setting and send the data as a url-encoded
# body instead of application/json which is what we really want/expect
curl http://localhost:4567/charges -X POST -d "{\"amount\" : 120 }"
results in this error:
{"error":{"param":"{\"amount\":120}","type":"invalid_param","message":null}}
This is not really an error with Poncho but a problem with the user forgetting to set the wrong content type.
However, Poncho seems to run the basic sanity checks on params
and throws this error. Guarding against wrong user input (in this case, pure idiocy on the part of the user) may not be the goal of a framework/abstraction and I really don't know what would be a better way to solve this for the same reason. Should there be a better error message? (I know it's impossible to cover all the edge-cases). Or perhaps, a setting to make sure Poncho won't sanity check the params
unless the developer wants them?
Loving the current direction of Poncho. I've run into a few repeat issues, mainly stemming from the fact that params and filters are not inherited in method classes.
We typically setup a BaseMethod class for our custom exception handling, shared methods etc, which all other api method classes inherit from. This works fine until we try to share a before filter or param... Filters and params are not inherited... BOOM fullstop.
To get around this limitation, we've been wrapping our shared code (exceptions, filters, params) into modules, and including the module into each... and... every... method class. Arg.
Any chance the stripe team could make filters and params inheritable?
It looks like Poncho expects a logger at request.logger
, but there isn't one. It's been a long time since I've used Rails, so I'm not sure if a logger is supposed to be there or not.
There's a fork with a patch at danielberkompas/poncho@b640a22.
Hi
are there any more examples?
J
I really like where Poncho is going and I'm excited to use it in my projects, but I'm running into a roadblock. How should one implement security?
So far, I've tried implementing security via a shared base method, like so:
class BaseMethod < Poncho::JSONMethod
param :api_key
validate do
# Validation here for api key
end
end
Then all my methods inherit from that BaseMethod
:
class ResourceListMethod < BaseMethod
# Method specific stuff here
end
At first glance, it seemed like this would work. However, the api_key validations don't get run inside the subclassed methods. The same goes if I use before
. Any suggestions?
Poncho::Resource
is a neat and small wrapper that can be used on its own for wrapping a model instance and provide .to_json
, to_hash
and other methods for free. Unfortunately, since it doesn't load the JSON library, using it standalone would throw an error:
require "poncho"
class A
def a
20
end
def b
"Poncho is fun"
end
end
class AR < Poncho::Resource
param :a
param :b
end
AR.new(A.new).to_json
# => NoMethodError: undefined method `to_json' for {:a=>"20", :b=>"Poncho is fun"}:Hash
I can understand that adding a require 'json'
line to every file is not clean. We need to load the entire JSON library just to get access to one method :/
Aside:
Is there a reason why Poncho does not support multiple JSON libraries? Since .to_json
is not present in, say, Oj
gem.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.