aboutsummaryrefslogtreecommitdiff

Client Requirements

back to index

What a compliant client needs to support

This isnt about building a specific UI. Just more or less about the minimum stuff a client needs to somewhat handle to work with a JsonDerulo compliant server properly.

Must support

  • Auth process: login via /auth/login, store the token, send it as Authorization: Bearer <token> on all subsequent requests
  • Session handling: check /auth/status to see if session is still alive. handle 401 responses gracefully (redirect to login or show a message, dont just crash)
  • JSON DEROLUE everywhere (even your dreams!): all request bodies are JSON, JSON IS EVERYWHERE, all responses are JSON. set content type accordingly. JSON JSON JAYS SON JAYSON DERULO !!!!
  • Error handling: read success field first. if its false read the error field and show it to the user somehow
  • For UI's its adviced to show them as an overlay/popup and not just a little toast message, this way the user has an actual chance at noting the request I'd which will help the admin figure out wtf actually went wrong.
  • For None UI's show error in console
  • Unexpected fields: if the server response has fields the client doesnt know about just ignore them. dont crash. maybe log a warning to console bt DO NOT BREAK! json derulo is counting on you!

Should support

  • Toolkit listing: the client should be able to list what toolkits are available and preferably have options to only work with certain ones (and hide ones known not to work and stuff) some kind of module chooser after login if it has a GUI is advised.
  • Rate limit handling: when you get a 429 response read the retry_after field and wait that long before retrying dont just hammer jsonderulo server!
  • For UI's preferably block user interaction (and obviously all server requests) until after retry_after time has expired otherwise your jail time will increase!
  • Permissions awareness: call GET /permissions after login to know what the user/client can and cant do. (kinda also where toolkits you have access to are listed btw.)
  • For UIs either grey out or prefferably hide stuff that user dont have access to rather than letting them try and fail.

Nice to have

  • Preferences: use /preferences to store and load user settings per client type. the server supports global and per client scopes so you can share some settings across apps
  • Batch queries: if youre doing lots of the same action (like inserting 50 rows) use batch mode instead of 50 individual fucking requests
  • Graceful reconnect: if you get a 503 (database is having a stroke ugh...) dont panic. show a message and retry in a bit, the server should be capable of keeping your request temporarily while it tries an do cpr on the database automatically and auto resend your request.
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2026-02-16 02:27:15 +0000