|API: how to find out if I'm authenticated? (API change??)||Christian Specht||7/17/12 1:35 PM|
I have written a backup tool for Bitbucket repositories that asks for a Bitbucket username and password, gets a list of the user's repositories via the API's "users" resource, and loops through the repositories and clones each one to the local machine.
I'm using the username and password to make an authenticated request, so that I get the user's private repositories as well.
At first, I had the following problem:
When the user enters an invalid password, the authentication fails.
But the API still returns a list of repositories (only the public ones), so my app can't tell that the authentication failed.
I found a solution for this in August 2011, when I noticed that when making a non-authenticated request, the API returns only a subset of the repository information.
Some of the properties of a repository were only returned when making authenticated requests.
So I just checked for one of these properties ("has_wiki"), and when it was missing, the user got a "invalid password" message:
I just noticed that this doesn't work anymore - apparently the API was changed between August 2011 and now
Right now, authenticated and non-authenticated requests return exactly the same information about my public repositories, so I can't tell anymore whether I'm authenticated or not.
Any ideas how I can do this now?
Thank you very much!