jmccance/girder

Return standardized error messages

Closed this issue 6 years ago · 0 comments

jmccance commented 6 years ago

Why

Error messages should be consistent and structured.

As a client of the API, I want messages that clearly communicate what went wrong so that I can distinguish between different errors and potentially communicate relevant details back to the user.
As a developer of the API, when somebody sends me an error message I want there to be enough information that I can
- see what request they actually made
- find the path of the request in the logs

How

Error messages should be returned as JSON.
Messages should include the following fields at a minimum
- request method
- request path
- request id (users do not often include the headers in bug reports)
- response status code
- timestamp of the request

Not included for now:

Request headers, query parameters, request body: Potentially too much information, including sensitive information

Future Work

Once we have authentication/authroization, the scopes and user id the request was made with should be included to help with debugging auth-related errors.