@matigo I have a few points of feedback on the structure of the API itself: * `token` probably belongs in an authorization header and not in the POST payload (although this may be for compatibility reasons) * Using the same endpoint to both update and create posts is probably not a good idea. Following REST usually results in cleaner, easier to grok APIs.. I mean, we have: POST /content/write (without post_id) => creates a new post POST /content/write (with post

@matigo I have a few points of feedback on the structure of the API itself:

token probably belongs in an authorization header and not in the POST payload (although this may be for compatibility reasons)
Using the same endpoint to both update and create posts is probably not a good idea. Following REST usually results in cleaner, easier to grok APIs.. I mean, we have:

POST /content/write (without postid) => creates a new post
POST /content/write (with postid) => updates an existing post
POST /content/star/{postid} (with postid in the payload as well) => stars a post, unless it's already starred. If it's already starred, it will unstar.

If I were to do it (I'm not saying that you must do this!), I'd have implemented it like:

POST /posts => creates a new post
PATCH /posts/{postid} => updates an existing post
POST /posts/{postid}/star => creates the star
DELETE /posts/{post_id}/star => deletes the star

2016-02-03T13:23:29Z