Http trace for a post

(Graham Chiu) #1

I’m looking on how to do a HTTP POST to create a reply message to an existing topic.

The docs here Discourse API Docs say that for a HTTP POST

curl -X POST "Content-Type: multipart/form-data;" -F "api_key=714552c6148e1617aeab526d0606184b94a80ec048fc09894ff1a72b740c5f19" -F "api_username=discourse1" -F "name=89853c20-4409-e91a-a8ea-f6cdff96aaaa" -F "color=49d9e9" -F "text_color=f0fcfd" ""

I presume that the body of the post contains form data.

but then the example for POST shows it instead as JSON

"title": "string",
"topic_id": 0,
"raw": "string",
"category": 0,
"target_usernames": "discourse1,discourse2",
"archetype": "private_message",
"created_at": "2017-01-31"

Also the api target for a post seems to be /posts but other sites says it’s /posts.json

So, is there an example that shows this unambiguously in the documentation preferably as a HTTP trace.


(Graham Chiu) #2

Well, I tried posting the data as JSON and encountered this error:

{"action":"create_post","errors":["Body is too short (minimum is 20 characters)"]}

though the value for raw (message text) is over 20 characters so this is not enlightening.

(Graham Chiu) #3

Well, I then got a bad CSRF error …

but that post told me that I also need to include the api_key and api_name in the URL!

POST /posts.json?api_key=..very.long.api.key&api_username=thatsme HTTP/1.0
Accept: */*
Accept-Charset: utf-8
User-Agent: REBOL
Content-Type: application/json
Content-Length: 234

{"title":"Bot Test","topic_id":36,"raw":"this is an api test that I am trying to see if I can make a post and it needs to be 20 characters","category":8,"name":"Graham","color":"49d9e9","text_color":"f0fcfd","created_at":"2017-05-19"}

And this works.

(Blake Erickson) #4

Sorry for any confusion in the docs. Yes it is showing the example body as JSON mostly just for readability but yes you can create the request as form-data

They are ambiguous, are the same endpoint and will accept the exact same POST body. If the default happens to return JSON then I usually just leave off the .json. Some endpoints that don’t have the extension will return html instead.

That would work, but it actually said:

so you can put the api_key and api_username in the POST body not in the header.

Here is an example curl command for creating a post on a topic:

curl -X POST \
"http://localhost:3000/posts" \
-H "Content-Type: multipart/form-data;" \
-F "api_key=f10bc7457666b1b3b18e7a85e73b975e7010ed3b049e6092199dfc3c4f99763c" \
-F "api_username=system" \
-F "topic_id=12" \
-F "raw=102c406c-54eb-450e-aba4-1ea0a4d0d328 102c406c-54eb-450e-aba4-1ea0a4d0d328 102c406c-54eb-450e-aba4-1ea0a4d0d328"

(Graham Chiu) #5

That would work, but it actually said:

Bad csrf token when making api request
api_key and api_username are POST parameters, not headers.
so you can put the api_key and api_username in the POST body not in the header.

I must have linked to the wrong post. The one I read said that credentials could not be gleaned from the JSON payload, and you had to also include the api_key and api_username in the query string when using the .json endpoint. And it was only then that I managed to get a HTTP POST working for my bot.

Since it’s working that way I’m going to leave it like that for the moment though I should probably switch to using HTTPS.

(Graham Chiu) #6

I dunno if anyone else is interested but I was posting all of the commit logs of our builds from github, and then linking to the deployed binaries on S3 from travis-ci to a single topic so that we can easily track them together.