

Show HN: Web analytics with API only approach - petrohi
http://infunl.com/doc

======
pwim
Your API is pretty strange. Some initial things that pop out on me:

json=true to specify the content type. Ideally, this should be from the accept
header, but at the very least it should be possible to only specify one
content type. Right now, I can specify json=true&xml=true.

Only using GET.

Session management on the client. Why would I want to log someone out?

Not using meaningful keys. s and t? Why not status and token?

HTTP codes should be used instead of status codes.

~~~
petrohi
Consideration for not using HTTP status codes was that they are not working
very well with JSONP-type integration. This is when page JavaScript adds
"call" script object to DOM and then expects call back when it's loaded. To
pass error information in this case we need HTTP server to return 200.

~~~
stock_toaster
If you are using jsonp (?callback=foo) then return a 200 and embed the
response code in the response.

    
    
      foo({"err":{"code":500,"msg":"oh no. i broke!"},"response":null})
    
      foo({"err":null,"response":"hooray"})
    

If not using jsonp, then use the status codes IETF gave you. ;)

Most frameworks (WSGI, Rack) allow you to wrap the response and check for
presence of the callback, and transform into a friendlier jsonp format. Then
you can simply ignore it and code as normal. In this case, doesn't express
(seems to be what you are using?) support route middleware too?

