1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. Hey Guest, is it this your first time on the forums?

    Visit the Beginner's Box

    Introduce yourself, read some of the ins and outs of the community, access to useful links and information.

    Dismiss Notice
Cookies New to the forums?

API API Feature Requests / Discussion

Discussion in 'Community Dev Corner' started by garanis, Jun 24, 2012.

Mods: Downburst, Mazey
  1. garanis

    garanis Shark Slayer

    Messages:
    22
    I thought I'd start a thread of requests for API features. I'll try to keep up this OP with a summary of the thread.

    I'll start.
    Server Browser:
    URL: /servers
    • Add statistic: Uptime (consecutive -- as in, if a server goes away for an hour and comes back, that should start this over.)
    Server Status:
    URL: /server
    • These fields would be useful for API consumers. You might say, well this stuff can go in the description, but if I wanted to make a server browser with URLs as part of the display, it would be useful to have the field directly accessible.
      • Server administrator field -- optional field to identify a server admin by name
      • Server contact field -- optional field to supply an email address for the server admin
      • Server URL field -- optional field to supply a web URL for information about the server, forums, etc.
    • /minimap - add proper cache information so the last modified sent as a request header correctly reflects the last change to the minimap
    Player Information:
    URL: /player
    • Player info -- List of player's server history (should be configurable to private) -- as in, last 20 servers they played and how many times they played each, or maybe how much cumulative time they've played on them. New servers should replace the servers with the least time at the bottom of the list.
    Other Features:
    • Single Sign-on for API consumers.
      • 3rd party API users could send their end users to a KAG sign-in url, and have them return with a unique token to allow them to log in via their Kag2d.com credentials, without exposing those credentials to the 3rd party site.
      • Once logged in, the 3rd party user could request basic information about the user, such as forum avatar, status, follow information, and other relevant data.
    More later.
     
    garanis, Jun 24, 2012
    #1
    frink, LucasTT, norill and 1 other person like this.
  2. FliesLikeABrick

    FliesLikeABrick THD Team THD Team Administrator Global Moderator

    Messages:
    952
    Is there any other cache-related headers/metadata that I should be setting besides Last-Modified? Expires ?
     
    FliesLikeABrick, Jun 26, 2012
    #2
  3. garanis

    garanis Shark Slayer

    Messages:
    22
    I'm not sure, actually... I think you should set Cache-Control: private and max-age so that stale minimap images don't get pulled from the browser cache. Also set expires to 60 seconds after last-modified.
     
    garanis, Jun 26, 2012
    #3
  4. norill

    norill Confirmed Sociopath THD Team Tester
    1. REKINS OF SEAS: Super Crew of Ultimate Havoking 2: Return of King of KAG: Chapter 420blazeit - REKIN

    Messages:
    485
    i hereby +1 this
     
    norill, Aug 22, 2012
    #4
  5. FliesLikeABrick

    FliesLikeABrick THD Team THD Team Administrator Global Moderator

    Messages:
    952
    Thanks guys - even though I haven't been pimping this thread or engaging anyone, by all means keep posting ideas here.

    As for SSO - this is an idea I've kept in mind for a while, however I don't have the time to implement it.

    If implemented, would you want to use one of the somewhat "thick" standards for this, or would you be ok with a fairly thin custom one? E.g. the user gets redirected to a form at sso.kag2d.com, they get back a token which is given to you (the 3rd party site), you then hit the API to validate the token. In response to the token validation, information about the user is sent (e-mail address, etc - if the user approved it when they were signing in to get the token).

    sso.kag2d.com would also set a cookie on the user's computer so that they don't need to sign in manually every time. In the future the cookie would let them redirect to sso.kag2d.com and get a cookie without typing their username/password etc etc.
     
    FliesLikeABrick, Aug 22, 2012
    #5
    frink likes this.
Mods: Downburst, Mazey