What http error codes to return?

I

Ilya2015-03-09 09:33:22

PHP

Ilya, 2015-03-09 09:33:22

Good afternoon. Wrote API for mobile application. It is written in php (one of the popular frameworks). Everything works fine, I'm processing the error. But a question arose. What http error codes to return? Let me give you an example to make the point clear.
For example. The mobile application sends a request to the API for user authorization. The request itself reached the api, but the password does not match. In fact, we must return 200 OK, since the request has reached, but the data with user information has not been returned to the mobile application. And what to return? 500, 404, etc. And many such examples can be cited. Explain please.
PS I know that Facebook always sends 200 OK, but I think it's wrong.
What is the question. I do not understand how to handle error codes on the mobile application itself. For example:

$http.post('http://api/v1/users/index/', {'login': user.login, 'password': user.password}).
      success(function(data) {
        $localStorage.userAuthData = data.response;
        console.log(data.response);
        if (data.response !== 'Password is not valid.') {
          if (data.response.approved == 0) 
          {
            $location.path('/success-reg');
          };
          if (data.response.approved == undefined)
          {
            $location.path('/success-auth');
          };
        } else {
          $ionicLoading.show({
            template: 'Bad password'
          });
          $timeout(function() {
            $ionicLoading.hide();
          }, 800);
        };
      }).
      error(function(err) {
        $ionicLoading.show({
          template: 'Bad request'
        });
        $timeout(function() {
          $ionicLoading.hide();
        }, 800);
      });

Bad request will work here. Because 200 OK will not return. But then I won't be able to handle errors like the password is wrong or the user doesn't exist.

Reply

Answer the question

In order to leave comments, you need to log in

5 answer(s)

A

Abdula Magomedov, 2015-03-09
@ArtMavir

Why can't you send 200 OK all the time? After all, the request is successful, just send your own error codes in response to the request, just a number, not an http response code.
For example 101 authorization succeeded, 102 wrong password. 103 such login is not registered in the system...

D

Dmitry Entelis, 2015-03-09
@DmitriyEntelis

There are 2 points of view.
Classical REST says that it is necessary to return errors in server http codes.
In practice, we have been developing api for mobile applications for several years and have come across the fact that many libraries used to work with api on mobile applications:
a) work badly with any header other than 200
b) badly work with any methods other than GET / POST
B as a result, we came to the following solution (a piece from internal documentation):
where code 400 indicates that the server does not like some data in the request, error_code indicates what exactly it does not like (mail, password, etc. - the list is different in each api method)

O

OnYourLips, 2015-03-09
@OnYourLips

No resource - 404
Not authorized - 401
Authorized, but no access - 403
Getting a resource - 200
Created a resource and give it away - 201
Created a resource and don't give it away - 204
Deleted a resource - 204
Incorrect resource data when creating/updating 422
Script error or its external dependencies - 500

D

Dmitry, 2015-03-09
@thewind

If your script successfully processed the request successfully received by the web server, then the response code should be 200. For example, the code 400 - not found. Has the script been found? So what kind of 404 are we talking about? Also with the rest.

G

Gurban Gurbanov, 2017-07-24
@Qurban

There is a resource with all the response codes www.restapitutorial.ru/httpstatuscodes.html