Return Flask errors as JSON instead of HTML (mentioned in issue #561) #567
Conversation
|
|
|
Hey @dominicghizzoni, thank you so much for your PR. |
|
Please also update the PR title to reflect the nature of the change. |
dominicghizzoni
changed the title
dominicghizzoni
changed the title
|
what must i change to pass all the checks |
Hey @dominicghizzoni Please read Contributions Guide It will help you. |
| @@ -36,5 +37,19 @@ | |||
| configure_db_with_app(app) | |||
| initialize_database(app) | |||
|
|
|||
| def handle_exception(e): | |||
There was a problem hiding this comment.
The handler is implemented well(needs a little tweak), but we need to let the flask know that this is the Error Handler it should be using for unhandled errors(Because flask returns with HTML Content when an unexpected/unhandled error occurs)
Check this: https://flask.palletsprojects.com/en/2.3.x/errorhandling/#registering
so adding something like below to app should suffice:
app.register_error_handler(Exception, handle_exception)
| @@ -36,5 +37,19 @@ | |||
| configure_db_with_app(app) | |||
| initialize_database(app) | |||
|
|
|||
| def handle_exception(e): | |||
| if isinstance(e, HTTPException): | |||
| return jsonify({ | |||
There was a problem hiding this comment.
The problem with error JSON is that it’s not compatible (or generalized) for JavaScript, which is the client for the backend. Instead, we should only return:
return jsonify({
"error":"Internal Server Error"
}), 500
We don’t want to expose the user to details about the server-side error. Providing a detailed description could be a security risk, as it may reveal internal information about our code.(feels weird talking about code revealing to user, when the whole code is OS 😅)
I am just saying again this hander is not supposed to handle errors < 500(status code) because they should be dealt with assertion, if-else, try-catches, or middleware(Its more of a developer's responsibility when shipping features)
There was a problem hiding this comment.
@thesujai I think there is value in telling the client "the id you requested data for does not exist, hence a 404". It might be hidden from the user via the next js bff handling.
This backend should also be usable as a standalone analytics/data service if needed. Also, a generic 500 makes the API hard to debug.
Please let me know if I misunderstood this comment.
There was a problem hiding this comment.
@thesujai thanks alot for reviewing this code beforehand and linking the documentation. Really appreciate it 🙌
| @@ -36,5 +37,19 @@ | |||
| configure_db_with_app(app) | |||
| initialize_database(app) | |||
|
|
|||
| def handle_exception(e): | |||
There was a problem hiding this comment.
@dominicghizzoni I agree with @thesujai here. The code is 50% there. I would suggest going through this doc:
https://flask.palletsprojects.com/en/2.3.x/errorhandling/#registering, https://flask.palletsprojects.com/en/2.3.x/errorhandling/#returning-api-errors-as-json.
After going through these and the example you would have an idea of what kind of a code.
I think Generic Exception handlers can be applied in our case
| @@ -36,5 +37,19 @@ | |||
| configure_db_with_app(app) | |||
| initialize_database(app) | |||
|
|
|||
| def handle_exception(e): | |||
| if isinstance(e, HTTPException): | |||
| return jsonify({ | |||
There was a problem hiding this comment.
@thesujai I think there is value in telling the client "the id you requested data for does not exist, hence a 404". It might be hidden from the user via the next js bff handling.
This backend should also be usable as a standalone analytics/data service if needed. Also, a generic 500 makes the API hard to debug.
Please let me know if I misunderstood this comment.
| @@ -36,5 +37,19 @@ | |||
| configure_db_with_app(app) | |||
| initialize_database(app) | |||
|
|
|||
| def handle_exception(e): | |||
| if isinstance(e, HTTPException): | |||
| return jsonify({ | |||
There was a problem hiding this comment.
@thesujai thanks alot for reviewing this code beforehand and linking the documentation. Really appreciate it 🙌
|
@samad-yar-khan the point I was trying to convey was errors like 404(all errors less than 500) should be handled in the business logic itself right? There won't more than 2-3 error possibility for any endpoint. I can observe that most of the api view are already checking for errors and returning the json error as well. For the 404 page not found related to false routes or redirections, should be handled with the frontend routing. So imo there will be some endpoints where something unexpected will occur, and for that flask returns with a html error file. So can't show that file in front end where we are expecting a simple object/string. Please let me know if I am misunderstanding it, my knowledge is very limited after all. |
|
Hey @dominicghizzoni, are you considering continuing this PR? |
Someone else in the issue thread said they would try to complete it |
|
Closing this PR then. :) |
Linked Issue(s) #561
Acceptance Criteria fulfillment
Changed app.py to change such that flash returns errors as JSON instead.
Further comments
May want to check to see if it works, I was having trouble running some of the program.